Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.1R3-S12: Software Release Notification for JUNOS Software Version 18.1R3-S12

0

0

Article ID: TSB17964 TECHNICAL_BULLETINS Last Updated: 22 Jan 2021Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 18.1R3-S12 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.1R3-S12 is now available.

18.1R3-S12 - List of Fixed issues
PR Number Synopsis Category: EX4300 PFE
1548858 The targeted-broadcast feature may not work after a reboot
Product-Group=junos
On EX4300 Series platforms, the targeted-broadcast feature may not work after a reboot. It can be seen that no target-broadcast packets are received on the targeted-broadcast interface.
PR Number Synopsis Category: EX2300/3400 PFE
1472350 CoS 802.1p bits rewrite might not happen in Q-in-Q mode
Product-Group=junos
In EX2300/EX3400 platform with CoS rewrite scenario, if an 802.1p bits (single VLAN) rewrite is used for an SVLAN (outer VLAN) of Q-in-Q, the rewrite will do nothing. Due to the PFE can not parse the firewall rule for given filter match conditions. Therefore, some traffic processing does not work as customer's expectation. Note: EX4300 has no this issue.
1556198 Traffic might be dropped when a firewall filter rule uses 'then vlan' as the action
Product-Group=junos
If a firewall filter is configured with the action 'then vlan' on EX and QFX platforms, some of the traffic that matches the firewall filter might be dropped.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1463092 When deleting IRB on the layer 3 gateway, IRB does not get removed from PFE and will blackhole traffic to IRB mac address
Product-Group=junos
On QFX5110/5120 platform as the layer 3 gateway, after deleting the configuration of interfaces irb, The IRB might not get removed from PFE and will blackhole traffic to the MAC address of the deleted IRB.
1486632 On the QFX 5100-48T-6Q Virtual Chassis or Virtual Chassis fan, the following error message is observed while copying the image to the Virtual Chassis fan member and trying to downgrade the image: rcp for member 14, failed.
Product-Group=junos
On QFX 5100-48T-6Q VC/VCF, RCP error might be seen while upgrading the system using "request system software add  no-validate" and system upgrade/ installation could fail. This issue happens if DCPFE cpu utilization is very high.
PR Number Synopsis Category: MIBs related to BBE
1535754 Snmp mib walk for jnxSubscriber OIDs returns General error
Product-Group=junos
Snmp mib walk for jnxSubscriber OIDs returns General error
PR Number Synopsis Category: Border Gateway Protocol
1487486 The rpd might crash with BGP RPKI enabled in a race condition
Product-Group=junos
On all Junos platforms with BGP PRKI (Resource Public Key Infrastructure) scenario, if NSR is enabled and scale routes and ROAs exist, in a very rare case, the ROA (route origin authorization) might be withdrawn before replicating to the backup RE when ROA changes happen, which results in the rpd crash.
1517498 The rpd might crash after deleting and re-adding a BGP neighbor.
Product-Group=junos
In BGP scenario on all Junos platforms, after deleting and re-adding a BGP neighbor, the rpd might crash due to a rare timing issue.
1532414 Transit labels for Layer 3 VPN routes are pushed momentarily to the MPLS.0 table.
Product-Group=junos
In L3VPN scenario with in-line RR (Route Reflector) which has an export policy with next-hop self to advertise all transit L3VPN routes to its clients and also uses route-target family, the undesired L3VPN routes may be pushed to FIB (Forwarding Information Base) after enabling/disabling route-target family on the RR or a new BGP peer joins a group with 'next-hop self'.
PR Number Synopsis Category: Enhanced Broadband Edge support for cos
1413297 During ISSU or merge virtual-chassis member back to the VC, CoS GENCFG writes failures may be observed
Product-Group=junos
In a subscriber management deployment, performing ISSU or merging virtual-chassis member back to VC, CoS may be invalid and CoS GENCFG writes may be failed.
PR Number Synopsis Category: Device Configuration Daemon
1544257 Subscribers might logout then login after loopback address is changed
Product-Group=junos
On MX platform, under subscriber environment and unnumbered IP address borrowed from the loopback interface configured on Demux interface and Aggregated Ethernet (AE) interface, subscriber session might flap if IP address of the loopback interface IP is changed. Please refer to workaround provided when this issue hit.
PR Number Synopsis Category: This is for all defects raised against dns-proxy feature
1512212 Junos OS: SRX Series: ISC Security Advisory: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616)
Product-Group=junos
On Juniper Networks Junos OS SRX Series devices an uncontrolled resource consumption vulnerability in BIND may allow an attacker to cause a Denial of Service (DoS) condition. When these devices are configured to use DNS Proxy, these devices do not sufficiently limit the number of fetches performed when processing referrals. In order for a server performing recursion to locate records in the DNS graph it must be capable of processing referrals, such as those received when it attempts to query an authoritative server for a record which is delegated elsewhere. In its original design BIND (as well as other nameservers) does not sufficiently limit the number of fetches which may be performed while processing a referral response. A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. Refer to https://kb.juniper.net/JSA11090 for more information.
PR Number Synopsis Category: mgd, ddl, odl infra issues
1458345 "persist-groups-inheritance" causes the "mustd" process to crash and issues commit failure
Product-Group=junos
"persist-groups-inheritance" configuration option causes the "mustd" process to crash when one performs the "commit" action.
PR Number Synopsis Category: EVPN control plane issues
1547275 VLAN ID information is missed while installing the EVPN route from the BGP Type 2 Route after modifying a routing-instance from instance-type EVPN to instance-type virtual-switch.
Product-Group=junos
VLAN ID information might be missing while installing the EVPN route from the BGP Type 2 Route after modifying a routing-instance from "instance-type evpn" to "instance-type virtual-switch". As a result, the data traffic sent via these EVPN routes doesn't push vlan-id in the inner Ethernet Header. This might result in traffic getting discarded on the remote PE.
PR Number Synopsis Category: ISIS routing protocol
1526447 The IS-IS LSP database synchronization issue might be seen while using the flood-group feature.
Product-Group=junos
On all Junos platform, when flood-group is configured on interface under isis, if isis LSPs time out and then come up, the device sends only self-generated LSPs and doesn't increment the LSP updates received from neighbor which flapped. This is causing LSP database out of synchronization issue.
PR Number Synopsis Category: Firewall Policy
1482200 Request security policies check output shows policies out of syn command.
Product-Group=junos
This issue affects an SRX system with large security policies (reproduced with 8000 policies). The result of the "request security policies check" cli command may display policies in the "out-of-sync" instead of "in-sync" state.
PR Number Synopsis Category: lacp protocol
1277144 LACP is not sending IFF_DOWN reason with destroy session request
Product-Group=junos
In current scenario when interface is going down then LACPD is not sending reason for destroy session request i.e IFF_DOWN(interface down). So the LACP session may not be destoried immediately until the LACP session times out.
1366825 RG1 failover occurs when RG0 failover is triggered
Product-Group=junos
RG1+ which is configured for interface-monitor, might fail over to the other node if RG0 failover is triggered.
PR Number Synopsis Category: Label Distribution Protocol
1527197 LDP routes might be deleted from MPLS routing table after RE switchover
Product-Group=junos
On all Junos platforms with NSR and segment routing for ISIS configured, LDP routes might be deleted on new master RE's MPLS routing table after RE switchover.
PR Number Synopsis Category: lldp sw on MX platform
1538482 DUT did not receive the LLDP packet from phone.
Product-Group=junos
On EX4300 platforms, the LLDP (Link Layer Discovery Protocol) neighborship with the VoIP (Voice over Internet Protocol) phones can't be established when LLDP is configured on the PoE (Power over Ethernet) enabled port on EX4300 and connects to the VoIP Phone.
PR Number Synopsis Category: Multicast Routing
1555518 Sending multicast traffic to downstream receiver on Trio based Virtual Chassis platforms might fail.
Product-Group=junos
On Trio based Virtual Chassis (VC) platform, when there are multicast tunneled packets being received, which come into the Virtual Chassis Ports (VCP) and then pop out of the tunnel, if the VCP ports and the interfaces where multicast packets enter/leave the router are located on the same Packet Forwarding Engine (PFE), it might fail in sending multicast traffic to downstream receiver due to this issue.
PR Number Synopsis Category: Multicast for L3VPNs
1425876 MVPN using PIM dense mode does not prune the OIF when PIM prune is received.
Product-Group=junos
In the MVPN (Multicast Virtual Private Network) scenario, when PIM Dense mode is used, the egress PE might not prune the OIF (outgoing interface) when PIM prune is received.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1496429 Routing Engine crash might be seen when a large number of next hops are quickly deleted and readded in large ARP/ND scale scenario.
Product-Group=junos
On all Junos platforms with large ARP/ND scale scenario, if a large number of nexthops are deleted and re-added very quickly (such as a result of link flap), the memory corruption might occur and eventually cause RE crash.
PR Number Synopsis Category: Kernel Stats Infrastructure
1508442 SNMP polling might return unexpectedly high value of ifHCOutOctets counter for physical interface when any jnxDom OID is processed at the same time.
Product-Group=junos
When actual transmitted load is configured for interface as: set interfaces interface-transmit-statistics And ifHCOutOctets OID is polling together with any jnxDom OIDs for the same interface with time interval between pollings equal or less then one second, the resulted value of ifHCOutOctets may be unexpectedly high
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1424090 All interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210
Product-Group=junosvae
On QFX5210 platform starts from Junos 18.1R1, all interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210. All service will be impacted as all interfaces are down.
1538340 Interfaces are not created after channel-speed 10g is applied across ports 48 to 53 on QFX5100-48T
Product-Group=junos
After channelizing port 48 through 53 and channel speed, the interfaces are down on QFX5100-48T platform. This issue causes interfaces are deleted and traffic might be dropped.
PR Number Synopsis Category: QFX Platform related (SYSLOG/ALARMS/miscellaneous)
1520956 QFX5100: cprod timeout triggers high CPU (100%)
Product-Group=junos
In QFX5100, you might get into a high CPU (CPU running at 100%) situation when a "cprod" command timed out.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1484440 IRB MAC will not be programmed in hardware when MAC persistence timer expires
Product-Group=junos
On QFX5XXX/EX46XX virtual chassis platforms with GRES, if an IRB interface is configured with members across primary and backup REs, and when mac-persistence-timer expires, the new MAC address of the IRB interface might not be programmed in hardware, which might result in failure on protocols and traffic.
1512712 Display issue, Virtual Chassis environment, Configured num-65-127-prefix value is shown incorrect for the command O/P "show chassis forwarding-options"
Product-Group=junos
Display issue, In a Virtual Chassis environment, Configured num-65-127-prefix value is shown incorrect for the command O/P "show chassis forwarding-options" for the FPC which is not local (Backup and line card members of the VC)
PR Number Synopsis Category: QFX VC Infrastructure
1548079 Backup RE clears the reporting alarm for a PEM failure intermittently for a missing power source on a QFX5100 VC
Product-Group=junos
The PEM failure alarm for a missing power source on a QFX5100 VC is incorrectly being toggled on the Backup RE
PR Number Synopsis Category: RPD Next-hop issues including indirect, CNH, and MCNH
1534455 Some routes might get incorrectly programmed in the forwarding table in the kernel which is no longer present in rpd.
Product-Group=junos
In a scaled routes scenario, if there is any route change operation when the system is under memory pressure, the rpd might change a route entry but the same is not conveyed to the kernel. This causes a mismatch between routes in rpd and kernel leading to traffic blackhole for the mismatched route entries that are incorrectly programmed in the kernel.
PR Number Synopsis Category: platform related PRs on SRX branch platforms
1512810 Junos OS: SRX Series: A logic error in BIND can be used to trigger a Denial of Service (DoS) (CVE-2020-8617)
Product-Group=junos
A vulnerability in BIND code, used in Juniper Networks Junos OS on SRX Series devices, which checks the validity of messages containing TSIG resource records can be exploited by an attacker to trigger an assertion failure in tsig.c, resulting in a Denial of Service (DoS). Refer to https://kb.juniper.net/JSA11091 for more information.
PR Number Synopsis Category: MX10003/MX204 Linux issues (including driver issues)
1492121 The MX10003 router might shut itself down automatically after the system upgrades or downgrades.
Product-Group=junosvae
On the MX10003 platform, if we upgrade or downgrade Junos software from a set of original releases to a set of target releases, the system might detect incorrect temperature values and shutdown. The set of the original releases are: Junos 18.2R3, 18.3R3, 18.4R2, 19.1R2, 19.2R1, 19.3R1. The set of the target releases are: Junos pre-18.2R3, pre-18.3R3, pre-18.4R2, pre-19.1R2, pre-19.2R1, and pre-19.3R1 releases
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1501758 MAC learning request throttling mechanism could not work properly in a scale setup
Product-Group=junos
On EX92xx/MX/T/SRX platform with Trio FPCs, if scaling dynamic MAC learning happens (e.g., 10k+ MACs are learned per second), it could result in chipset hogging on FPC. Service on the affected FPC could be impacted due to this defect. The scaling dynamic MAC learning issue more likely happens if there is a loop in the system or high rate MAC learning in a Layer 2 network. The specific FPCs are as follows. EX9200-2C-8XS EX9200-32XS EX9200-40F EX9200-40F-M EX9200-40T MX-BUILTIN-FPC MS-MPC-128G MX-MPC1-3D MX-MPC1-3D-Q MX-MPC1E-3D MX-MPC1E-3D-Q MX-MPC2-3D MX-MPC2-3D-Q MX-MPC2-3D-EQ MX-MPC2E-3D MX-MPC2E-3D-Q MX-MPC2E-3D-EQ MX-MPC2E-3D-P MPC-3D-16XGE-SFPP MPCE-3D-16XGE-SFPP AS-MCC MX-MPC3E-3D MPC4E-3D-32XGE-SFPP MPC4E-3D-2CGE-8XGE T4000-FPC5-3D FPC5-LSR SRX5K-SPC-4-15-320 SRX5K-MPC
1533767 PPE errors/traps might be observed in L2 flooding scenarios
Product-Group=junos
On Junos platforms with MPC1~4/MPC-3D-16XGE/T4000-FPC5/ EX9200-4QS/EX9200-2C-8XS/EX9200-MPC/EX9200-32XS/ SRX5K-SPC-4-15-320/SRX5K-MPC, when broadcast/multicast packets from access as transit traffic flooding in a bridge-domain (for example: multicast OSPF packets entering EVPN instance, these OSPF packets are being handled as transient packets), all packets except IPv6 NS (Neighbor Solicitation) might be dropped because of traps.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1547693 The verbose command unexpectedly becomes hidden after Junos OS Release 16.1 for set system export-format json.
Product-Group=junos
The "verbose" knob became unexpectedly hidden after 16.1 for "set system export-format json"
 

18.1R3-S12 - List of Known issues
PR Number Synopsis Category: Marvell based EX PFE MISC
1232403 HSRPv2 IPv6 packets might get dropped if IGMP-snooping is enabled.
Product-Group=junos
On EX Series switches except EX4300/EX4600/EX9200, an interface is configured for single vlan or multiple vlans, if all these vlans of this interface have igmp-snooping enabled, then this interface will drop HSRPv2 (Hot Standby Router Protocol for IPv6) packets. But if some vlans do not have igmp-snooping enabled, then this interface is working fine.
PR Number Synopsis Category: NFX Series Platform Software
1462556 Junos OS: NFX350: Password hashes stored in world-readable format (CVE-2020-1669)
Product-Group=junos
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. Refer to https://kb.juniper.net/JSA11066 for more information.
PR Number Synopsis Category: CoS support on ACX
1522941 The show class-of-service interface command does not show classifier information.
Product-Group=junos
This is a display issue. Due to misread in PFE registers, classifier is not shown in "show class-of-service interface" output
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1481151 Memory utilization enhancement is needed.
Product-Group=junos
RPD memory chunk size is optimized for the ACX platform to reduce the memory footprint.
PR Number Synopsis Category: Bi Directional Forwarding Detection (BFD)
1518106 The BFD sessions might flap continuously after disruptive switchover followed by GRES.
Product-Group=junos
Disruptive switchover (no GRES or NSR configured) can lead to stale PPM entries programmed on the new primary Routing Engine. If both GRES and NSR are activated after disruptive switchover and then a GRES switchover is performed, BFD sessions might flap continuously.
PR Number Synopsis Category: Border Gateway Protocol
1523075 The BGP session with VRRP virtual address might not come up after a flap.
Product-Group=junos
When VRRP virtual address is configured and used to set up a BGP session with the remote side, under rare timing conditions, BGP peer establishment may get rejected repetitively.
PR Number Synopsis Category: BBE Remote Access Server
1402653 The subscriber might need to take retry for login
Product-Group=junos
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
PR Number Synopsis Category: MPC5/6E pfe microcode software
1453575 The FPC might crash due to the memory corruption in JNH pool
Product-Group=junos
On all Trio-based platforms, after the restart of the fabric plane, the FPC might crash due to memory corruption in the JNH pool.
PR Number Synopsis Category: EVPN control plane issues
1439537 The rpd process may crash after committing changes in the EVPN environment
Product-Group=junos
On all Junos platforms with EVPN configured, the rpd process may crash after committing any configuration changes if there is an existing MAC entry received from multiple sources and trying to update the latest source. Traffic loss may be observed due to the rpd crash.
PR Number Synopsis Category: EVPN Layer-2 Forwarding
1535515 All the ARP reply packets toward some address are flooded across the entire fabric.
Product-Group=junos
In the EVPN-VXLAN scenario, if the spine has irb and the leaves don't have irb, and the leaves have multi-home interfaces, the ARP reply packets flooding across the entire fabric might be seen.
PR Number Synopsis Category: jl2tpd daemon
1364774 The L2TP subscribers might not be able to log in successfully due to the jl2tpd memory leak
Product-Group=junos
On MX-Series platforms that support L2TP, the L2TP subscribers might not be able to log in successfully when handling Digital Subscriber Line (DSL) attributes at L2TP tunnel switch (LTS) due to the jl2tpd memory leak.
PR Number Synopsis Category: Adresses ALG issues found in JSF
1462984 On the SRX5000 line of devices, the H323 call with NAT64 could not be established.
Product-Group=junos
On SRX5000 platforms, the H323 call with NAT enabled cannot be established when the H323 GK (Gatekeeper) works in direct mode.
PR Number Synopsis Category: Firewall Policy
1454907 Traffic might be dropped when policies are changed in SRX Series devices
Product-Group=junos
If a huge number of policies are configured on SRX Series devices and some policies are changed, the traffic that matches the changed policies might be dropped.
PR Number Synopsis Category: Multicast for L3VPNs
1536903 The PIM (S,G) join state might stay forever when there are no MC receivers and source is inactive.
Product-Group=junos
The problem can be seen in MVPN ASM scenario on a PE which has local MC source and receivers and RP is remote. If all receivers stop joining the group and MC source stops transmitting, corresponding PIM (S,G) state may remain indefinitely despite that. Due to the problem a router will maintain extra PIM state. Service is not impacted.
1546739 MVPN multicast route entry might not be properly updated with the actual downstream interfaces list.
Product-Group=junos
In multicast VPN RPT-SPT mode with both locally and remotely connected receivers, the multicast forwarding entry related to the actual downstream interfaces may not be properly updated. The issue may happen when multicast forwarding entry is created by locally connected PIM receiver, followed by remote receiver and after local receiver decides to prune its membership in that multicast group.
PR Number Synopsis Category: Microkernel for neo mpc
1538131 JDI-RCT:M/Mx: NPC crashed @ cmtfpc_mic_neo_state_check (mic_env=< optimized out>, mic_slot=< optimized out>) at ../../../../src/pfe/common/applications/cmt/jam/cmtfpc_pic_npc_jam.c:4808
Product-Group=junos
This issue is due to Thread hogging for 2.5s after ISR registration during ISSU done phase causing a core at FPC. FPC will get rebooted with ISR registration again during normal init. This issue is specific to "3D 20x 1GE(LAN)-E,SFP" and "3D 20x 1GE(LAN)-EH,SFP" MIC types.
PR Number Synopsis Category: Kernel Stats Infrastructure
1522561 OID ifOutDiscards reports zero and sometimes shows valid value.
Product-Group=junos
OID ifOutDiscards reports zero and sometimes shows valid value. user@router> show snmp mib get ifOutDiscards.514 | refresh 3 ---(refreshed at 2020-07-10 12:54:07 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:10 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:13 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:16 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:19 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:22 IST)--- ifOutDiscards.514 = 241974 ---(refreshed at 2020-07-10 12:54:25 IST)--- ifOutDiscards.514 = 241974 ---(refreshed at 2020-07-10 12:54:28 IST)--- ifOutDiscards.514 = 0 ---(refreshed at 2020-07-10 12:54:31 IST)--- ifOutDiscards.514 = 0
PR Number Synopsis Category: PE based L3 software
1500798 BFD sessions flap after deactivating or activating the aggregated Ethernet interface or executing GRES.
Product-Group=junos
On QFX10008 platforms, if the BFD is configured over an AE interface (member link across multiple FPCs), deactivating/activating the AE interface or executing GRES will cause the BFD sessions to flap.
PR Number Synopsis Category: Protocol Independant Multicast
1500125 Some PIM join or prune packets might not be processed in the first attempt in the scale scenario where the PIM routers establish neighborship and immediately join the multicast group.
Product-Group=junos
On all Junos platforms with scaling MVPN scenario, some PIM Join/Prune messages may not be processed for the first attempt. For instance, a dedicated PIM router receives more than 2500 PIM hello packets from the new neighbors, followed by PIM Join packets for the same multicast group in a very short period of time.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1424090 All interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210
Product-Group=junos
On QFX5210 platform starts from Junos 18.1R1, all interfaces will be down and the dcpfe will get crash if SFP-T is inserted on QFX5210. All service will be impacted as all interfaces are down.
PR Number Synopsis Category: QFX L2 PFE
1475005 The system might stop new MAC learning and impact the Layer 2 traffic forwarding
Product-Group=junos
On QFX platforms, if there are a lot of MAC moves, the system might stop new MAC learning and lots of old MAC addresses might be stuck and couldn't be aged and deleted. Due to this issue, could have impact on layer 2 traffic forwarding and the customer service.
PR Number Synopsis Category: RPD policy options
1523891 The policy configuration might be mismatched between the rpd and mgd process when deactivate policy-options prefix-list is involved in the configuration sequence.
Product-Group=junos
If "deactivate policy-options prefix-list" is involved in configuration sequence along with other policy configurations, the mgd process might not notify the rpd process about the policy configuration changes after committing the configuration. This can cause the policy configuration to be out-of-synchronization between policy database used by rpd and configuration database used by mgd. Due to the missing policy entries in policy database, later the rpd might crash when accessing these entries via CLI command like "show policy".
1538172 When upgrading Junos OS to a specific version, the configuration validation might fail and the rpd process might crash.
Product-Group=junos
On all Junos OS platforms with "set policy-options rtf-prefix-list" configured, if upgrade to a specific version, the device might fail to validate its configuration which eventually causing rpd to crash unexpectedly due to a software fault.
PR Number Synopsis Category: show route table commands, tracing, and syslog facilities
1555866 Configuring HFRR i.e. link-protection on an interface may cause rpd to crash
Product-Group=junos
On MX/VMX/T/TX series platforms, if Host fast reroute (HFRR) is enabled on an interface, the ARP and FRR (BGP backup routes) routes will be added to RIB. Then changing this interface address and adding new ARP route within 10 seconds will cause the rpd to crash.
PR Number Synopsis Category: Resource Reservation Protocol
1516657 The rpd scheduler might slip after the link flaps.
Product-Group=junos
On all Junos platforms with RSVP-TE configured, when a transit router carries a large number of LSP's (for example, 60k and higher) and all those LSPs undergo FRR (for example, when link carrying large number of LSP's flap) then, the rpd scheduler might slip and LDP session tear down might be observed after the link flap.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1440526 On MX Series, CPU might hang or interface might stop working on 100-Gigabit Ethernet port.
Product-Group=junos
On MX/EX/PTX, if particular 100G port is used, CPU might hang or interface might be stuck down on the 100G port. This issue may cause traffic disruption in the network.
1441816 Egress stream flush failure and traffic null route might occur.
Product-Group=junos
Egress stream flush failure and silent dropping of traffic could occur in a rare occasion for a repeatedly flapping link on MPC7E, MPC8E, MPC9E cards, MX204 and MX10003.
PR Number Synopsis Category: Trio pfe bridging, learning, stp, oam, irb software
1542537 In EVPN-MPLS scenario, BUM traffic is dropped during configuration changes.
Product-Group=junos
In evpn-mpls scenario, BUM(Broadcast, unknown-unicast and multicast) traffic would be dropped due to flood nexthop deletion during configuration changes on any of the PE node.
PR Number Synopsis Category: Trio pfe l3 forwarding issues
1472222 The following line card errors are seen: HALP-trinity_nh_dynamic_mcast_add_irb_topo:3520 snooping-error: invlaid IRB topo/ IRB ifl zero in l2 nh 40495 add IRB.
Product-Group=junos
Linecard Errors found at HALP-trinity_nh_dynamic_mcast_add_irb_topo:3520 snooping-error: invlaid IRB topo/ IRB ifl zero in l2 nh 40495 add IRB
PR Number Synopsis Category: Web-Management UI
1513612 On the EX2300 and EX3400 devices, installing J-Web application package might fail.
Product-Group=junos
On the EX2300/EX3400 platforms, J-Web application package may fail to be installed with the affected releases.
PR Number Synopsis Category: VMHOST platforms software
1446205 The jfirmware upgrade might fail on certain MX platforms with SCBE3
Product-Group=junos
On certain MX platforms having RE-S-2X00x6 and Enhanced MX-SCB installed, an error might be observed during the installation of jfirmware upgrade package which causes the installation to fail.
 
Modification History:
First publication 2021-01-22
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search