Search our Knowledge Base sites to find answers to your questions.
Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles18.4R3-S7: Software Release Notification for JUNOS Software Version 18.4R3-S7
Junos Software service Release version 18.4R3-S7 is now available.
18.4R3-S7 - List of Fixed issuesPR Number | Synopsis | Category: EX4300 PFE |
---|---|---|
1548858 | The targeted-broadcast feature may not work after a reboot Product-Group=junos |
On EX4300 Series platforms, the targeted-broadcast feature may not work after a reboot. It can be seen that no target-broadcast packets are received on the targeted-broadcast interface. |
PR Number | Synopsis | Category: Marvell based EX PFE L3 |
1557229 | Traffic related to IRB interface might be dropped when mac-persistence-timer expires Product-Group=junos |
On EX3400/EX4400/EX4300MP virtual chassis (VC) platforms, if the IRB interface is configured with members across master and backup VC, the new MAC address of the IRB interface might not be programmed in hardware after mac-persistence-timer expires. This might result in all traffic related to the IRB interface be dropped. |
PR Number | Synopsis | Category: EX2300/3400 PFE |
1472350 | CoS 802.1p bits rewrite might not happen in Q-in-Q mode Product-Group=junos |
In EX2300/EX3400 platform with CoS rewrite scenario, if an 802.1p bits (single VLAN) rewrite is used for an SVLAN (outer VLAN) of Q-in-Q, the rewrite will do nothing. Due to the PFE can not parse the firewall rule for given filter match conditions. Therefore, some traffic processing does not work as customer's expectation. Note: EX4300 has no this issue. |
1556198 | Traffic might be dropped when a firewall filter rule uses 'then vlan' as the action Product-Group=junos |
If a firewall filter is configured with the action 'then vlan' on EX and QFX platforms, some of the traffic that matches the firewall filter might be dropped. |
PR Number | Synopsis | Category: NFX Series Platform Software |
1508580 | Errors on vjunos0 Regarding TSensor related to PR 1362108 Product-Group=junosvae |
False positive TSensor errors are reported on vjunos0 |
PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
1558189 | [evpn_vxlan] [evpn_instance] QFX5110-32Q :: JDI-RCT: Syslog error seen Err] LBCM-L2,pfe_bcm_l2_sp_bridge_port_tpid_set() Config TPID New/Old (8100:8100) Other-Tpid's ba49, 4aa0, 80f after loading NC t5 evpn vxlan configuration Product-Group=junos |
Handling of debug log related to TPID updates |
1568159 | The dcpfe process may crash when the size of the Local Bias Filter Bitmap string exceeds 256 characters Product-Group=junos |
On QFX5K platforms with EVPN-VXLAN, the dcpfe process may crash when the size of the Local Bias Filter Bitmap string exceeds 256 characters. |
PR Number | Synopsis | Category: JUNOS kernel/ukernel changes for ACX |
1481151 | Memory utilization enhancement is needed. Product-Group=junos |
RPD memory chunk size is optimized for the ACX platform to reduce the memory footprint. |
PR Number | Synopsis | Category: ACX GE, 10GE, PoE, IDT framers |
1523418 | Interface does not come up with the auto-negotiation setting between the ACX1100 router and the other ACX Series routers, MX Series routers and QFX Series switches as the other end. Product-Group=junosvae |
When QFX5100/5110 is connected to other devices with 1G/10G ports, both sides configuring auto-negotiation and the remote interface might stay down. |
PR Number | Synopsis | Category: ACX Services feature |
1559690 | On the ACX5048 router, the fxpc process generates core file on the analyzer configuration. Product-Group=junos |
In analyzer configuration, if the route to the monitoring server (output ip-address) is reachable with unilist NH fxpc crashes while programming the next-hop in the hardware. It is taken care through this PR that this scenario is handled and crash is avoided while NH programming. |
PR Number | Synopsis | Category: "agentd" software daemon |
1447665 | Streaming telemtry subscription is not working for read-only user Product-Group=junos |
When local user on JunOS router is configured with read-only class as: set system login user test_user class read-only streaming telemetry subscription is not possible. The telemetry client will report an error as: rpc error: code = Unknown desc = Authorization failed subscribe returns, reconnecting after 10s |
PR Number | Synopsis | Category: MX Layer 2 Forwarding Module |
1546631 | MAC learning issue might happen when EVPN-VXLAN is enabled. Product-Group=junos |
On MX platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or Proxy ARP role on VTEP might not work properly. This issue could happen when knob 'no-arp-suppression' is disabled under EVPN instance combined with static VXLAN implementation. Please refer to workaround provided when this issue hit. |
PR Number | Synopsis | Category: BBE Layer-2 Bitstream Access |
1551207 | The PPPoE subscribers might fail to login. Product-Group=junos |
In Broadband Network Gateway (BNG) scenario where Layer-2 Bitstream Access (L2BSA) and PPPoE subscribers are working on the same interface/VLAN, PPPoE subscribers login may get stuck in a pending state, if the IN-FLIGHT flag of L2BSA is not cleared after its Port-Up packet is rejected by RADIUS, and during this process, another Port-Up for the same access-loop arrives. |
PR Number | Synopsis | Category: MIBs related to BBE |
1535754 | Snmp mib walk for jnxSubscriber OIDs returns General error Product-Group=junos |
Snmp mib walk for jnxSubscriber OIDs returns General error |
PR Number | Synopsis | Category: Border Gateway Protocol |
1481589 | The rpd process might crash with BGP multipath and route withdraw occasionally. Product-Group=junos |
In BGP multipath scenario on all Junos platforms, if original active/best BGP multipath routes got flapped occasionally, some routes, which are changed from best routes to alternative now, are removed from the BGP multipath route list, but its multipath flag are not cleared, due to some temporarily incorrect route reorder in BGP. And when the currently active route got withdrawn for some reason, and the original best routes again become the best routes then rpd might hit an assert and crash. |
1487486 | The rpd might crash with BGP RPKI enabled in a race condition Product-Group=junos |
On all Junos platforms with BGP PRKI (Resource Public Key Infrastructure) scenario, if NSR is enabled and scale routes and ROAs exist, in a very rare case, the ROA (route origin authorization) might be withdrawn before replicating to the backup RE when ROA changes happen, which results in the rpd crash. |
1532414 | Transit labels for Layer 3 VPN routes are pushed momentarily to the MPLS.0 table. Product-Group=junos |
In L3VPN scenario with in-line RR (Route Reflector) which has an export policy with next-hop self to advertise all transit L3VPN routes to its clients and also uses route-target family, the undesired L3VPN routes may be pushed to FIB (Forwarding Information Base) after enabling/disabling route-target family on the RR or a new BGP peer joins a group with 'next-hop self'. |
PR Number | Synopsis | Category: BBE Remote Access Server |
1405855 | Subscriber accounting messages retransmissions exist even after configuring accounting retry 0. Product-Group=junos |
When accounting-retry 0 is configured under the [access radius-server ] stanza, MX still attempts to re-transmits/retries accounting message to the AAA accounting Server |
PR Number | Synopsis | Category: MPC5/6E pfe microcode software |
1453575 | The FPC might crash due to the memory corruption in JNH pool Product-Group=junos |
On all Trio-based platforms, after the restart of the fabric plane, the FPC might crash due to memory corruption in the JNH pool. |
PR Number | Synopsis | Category: Virtual-chassis platform/chassisd infrastructure PRs for MX |
1431377 | Benign "registration is being denied" message maybe seen when committing configuration on MXVC Product-Group=junos |
The following logs may be displayed when doing commit: Dec 24 13:19:20.018 2020 jtac-mx480-r2041-re0 kernel: %KERN-3: rts_ifstate_chk_multi_registration: daemon chassisd(80693) has previously registered 4 time(s) Dec 24 13:19:20.018 2020 jtac-mx480-r2041-re0 kernel: %KERN-3: rts_ifstate_client_open: Process chassisd(80693) has exceeded the maximum permissible limit as ifstate client. Hence this registration is being denied These message can happen as part of the JUNOS configuration commit process, where a new instance of processes are started to specifically (and only) "check" the configuration before the configuration is committed. In this case, the client connections from the chassisd process to the kernel are not needed to perform the "check" operation, and should be skipped when running in "check" mode. The messages are benign. |
1552588 | The VCP port is marked as administratively down on the wrong MX-VC member. Product-Group=junos |
On MX/EX/QFX platforms with Virtual Chassis (VC) scenario, some interfaces might be shutdown unexpectedly, which might cause traffic to be interrupted if there is an error generated on an FPC. The reason is that after an ASIC error, the IFD down messages is not sent to the local chassis master where the error was reported, instead, it will be sent to the master of the Virtual Chassis, so that another interface with the same Slot/PIC/Port number will be shutdown as well. |
PR Number | Synopsis | Category: MX Platform SW - UI management |
1537194 | The chassisd memory leak might cause traffic loss. Product-Group=junos |
On MX/PTX platforms with 18.1 or higher release, chassisd memory leak may be caused by configuration commit. When chassisd consumes ~3.4GB of memory it may crash, chassisd crash may cause GRES or/and FPC restart. If GRES is enabled, commits are being synchronized between REs, so backup RE chassisd may suffer from memory leak too. |
PR Number | Synopsis | Category: Chotu platform software |
1519530 | Traffic loss might happen when an Uncorrected (Fatal) AER error is detected Product-Group=junosvae |
On MX2008, traffic loss might happen, if an AER error (Uncorrected fatal error) is detected, it brings down all Switch Fabric Boards (SFBs), but the RE in question will do nothing. The fix is to let the RE reboot in this situation. |
PR Number | Synopsis | Category: Class of Service |
1500250 | MX Series routers with line cards using MPC1-Q/MPC2-Q might report memory errors Product-Group=junos |
MPC1-Q/MPC2-Q parity error might be detected within "QDR/RLD and Internal Memory" and invoking major alarm. The default action for major alarm is disable-pfe with JunOS version 17.3 or higher. Enhancements has been added to auto-correct parity errors within the static memory area and record the repair attempt. If repairing threshold is reached, Major Alarm is triggered. |
PR Number | Synopsis | Category: Enhanced Broadband Edge support for cos |
1452640 | "show class-of-service scheduler-hierarchy interface " might results in FPC core while brining up subscribers Product-Group=junos |
"show class-of-service scheduler-hierarchy interface " might results in FPC core while brining up subscribers |
PR Number | Synopsis | Category: Device Configuration Daemon |
1539991 | The logical interface might flap after adding or deleting native VLAN configuration Product-Group=junos |
On EX/QFX platforms, the unrelated logical interface on a physical interface would flap when adding or deleting native VLAN configuration on the physical interface. |
1544257 | Subscribers might logout then login after loopback address is changed Product-Group=junos |
On MX platform, under subscriber environment and unnumbered IP address borrowed from the loopback interface configured on Demux interface and Aggregated Ethernet (AE) interface, subscriber session might flap if IP address of the loopback interface IP is changed. Please refer to workaround provided when this issue hit. |
PR Number | Synopsis | Category: dhcpd daemon |
1542400 | DHCP discover packet might be dropped if DHCP inform packet is received first. Product-Group=junos |
On all Junos and EVO platforms, when devices are configured as DHCP relay agent, if DHCP discover packet is received immediately after DHCP inform packet in the same session, the DHCP discover packet might be dropped. This issue will impact subscriber login and it can be recovered automatically. |
PR Number | Synopsis | Category: Control Plane for Node Virtualization |
1488946 | The chassisd might crash if executing an SNMP request for a MIC which is a part of an offline FPC Product-Group=junos |
If executing an SNMP request for a MIC which is a part of an offline FPC, the chassisd crashes and RE goes down might be seen. |
PR Number | Synopsis | Category: JUNOS Dynamic Profile Configuration Infrastructure |
1555476 | The show dynamic-profile session client-id command displays only one IPv6 framed-route information. Product-Group=junos |
show dynamic-profile session client-id' displays only one v4 and v6 framed-route information, while two or more routes could be returned/configured. |
PR Number | Synopsis | Category: EVPN control plane issues |
1521526 | ARP table might not be updated after performing VMotion or a network loop Product-Group=junos |
On all Junos platforms with EVPN configured, the ARP table might not get updated. This issue happens after performing VMotion in a network or having a network loop. |
1546992 | The rpd crash might be seen after adding route-target on a dual-RE system under EVPN multihoming scenario Product-Group=junos |
On dual-RE platforms with EVPN multihoming scenario enabled, the rpd process might crash when VRF rt-target add and at the same time some networking events that trigger interface down/delete. The routing protocols are impacted, and traffic disruption will be seen due to the loss of routing information. |
1547275 | VLAN ID information is missed while installing the EVPN route from the BGP Type 2 Route after modifying a routing-instance from instance-type EVPN to instance-type virtual-switch. Product-Group=junos |
VLAN ID information might be missing while installing the EVPN route from the BGP Type 2 Route after modifying a routing-instance from "instance-type evpn" to "instance-type virtual-switch". As a result, the data traffic sent via these EVPN routes doesn't push vlan-id in the inner Ethernet Header. This might result in traffic getting discarded on the remote PE. |
PR Number | Synopsis | Category: EVPN Layer-2 Forwarding |
1535515 | All the ARP reply packets toward some address are flooded across the entire fabric. Product-Group=junos |
In the EVPN-VXLAN scenario, if the spine has irb and the leaves don't have irb, and the leaves have multi-home interfaces, the ARP reply packets flooding across the entire fabric might be seen. |
PR Number | Synopsis | Category: Express PFE L2 fwding Features |
1474876 | input-vlan-map or output-vlan-map might not work properly in the Layer 2 circuit local-switching scenario. Product-Group=junos |
On PTX1000 and PTX10000, QFX10000 platforms, in Layer2 circuit local-switching scenario, when vlan-ccc encapsulation is configured with input-vlan-map/output-vlan-map, all traffic passing through might have unexpected vlan manipulation (vlan tag push/pop/swap). |
PR Number | Synopsis | Category: SRX1500 platform software |
1552820 | On SRX1500, SRX-SFP-1GE-T(Part#740-013111) for a copper cable might be corrupted after reboot Product-Group=junosvae |
On SRX1500, SRX-SFP-1GE-T(Part#740-013111) for a copper cable might be corrupted after reboot. |
PR Number | Synopsis | Category: SRX4100/SRX4200 platform software |
1547053 | On all SRX4100/4200, if PEM0 is removed, the output of jnxOperatingDescr.2 might be incomplete Product-Group=junosvae |
On SRX4100 and SRX 4200 devices, if PEM0 is removed, the output of jnxOperatingDescr.2 command might be incomplete. |
1550249 | Lcmd log "gw_cb_presence:136: PEM(slot = 0): error detecting presence ( fruid = 15, drv_id = 30, status = -11 )" generates every second on the SRX4100 and SRX4200. Product-Group=junosvae |
Lcmd log "gw_cb_presence:136: PEM(slot = 0): error detecting presence ( fruid = 15, drv_id = 30, status = -11 )" generates every second on the SRX4100 and SRX4200. |
PR Number | Synopsis | Category: jdhcpd daemon |
1549734 | The DHCP relay might send Option 82 in DHCP Offer packet to client as Option 82 and Suboption 9 Product-Group=junos |
The DHCP relay with forward-only configuration would send the DHCP Offer packet with the Option 82 Suboption 9 if the original DHCP Discover packet contains Option 82. The Suboption 9 should be stripped from the DHCP Offer packet before forwarding the packet to the client. When this issue occurs, the IP binding on the DHCP client fails. |
PR Number | Synopsis | Category: Flow Module |
1436720 | Packet reorder does not work when sending traffic over IPsec tunnel with session-affinity. Product-Group=junos |
If IPSec is configured on vSRX,SRX4K,SRX5K platforms, SRX device will do post-fragment when traffic pass through IPSec tunnel. Then VPN packets might be sent out-of-order to peer device, which causes packets get dropped. |
1541954 | The rst-invalidate-session command does not work if configured together with the no-sequence-check command. Product-Group=junos |
On SRX Series platforms, the "rst-invalidate-session" does not work if configured together with no-sequence-check. It might result in a TCP connection unestablished. |
PR Number | Synopsis | Category: JSR Infrastructure |
1484872 | JFlow/IPFix - tracking pr for fixing crash when sampling is more than 65535 Product-Group=junos |
There was a crash when setting the sampling rate more than 65535, this is since fixed. set forwarding-options sampling instance s1 input rate 70000 |
PR Number | Synopsis | Category: Firewall Policy |
1482200 | Request security policies check output shows policies out of syn command. Product-Group=junos |
This issue affects an SRX system with large security policies (reproduced with 8000 policies). The result of the "request security policies check" cli command may display policies in the "out-of-sync" instead of "in-sync" state. |
1546120 | Traffic might be dropped unexpectedly when the url-category match condition is used on a security policy Product-Group=junos |
An issue was discovered within Unified Policies that affected the url-category match condition that can cause it to "over-match" and apply to more traffic than it should. This can result in the SRX dropping traffic that would otherwise be permitted |
1549366 | Global policies working with multi-zones cause high PFE CPU utilization Product-Group=junos |
On SRX Series devices, a higher CPU utilization than normal might be observed, which might cause performance to decline rapidly if global policies are used and zones are declared explicitly in those policies. |
1558382 | On SRX5K platforms, the secondary node might get stuck in performing ColdSync after a reboot, upgrade or if ISSU is performed Product-Group=junos |
On SRX5000 line of devices, the secondary node might get stuck in performing ColdSync after a reboot. |
1558827 | The traffic may be dropped due to inserting one global policy above others on SRX platforms Product-Group=junos |
On SRX Series devices, when inserting one global policy (including adding, deleting or reordering a policy) above others, swapping policies will happen on the global policies after the inserted policy. At this time, the swapped global policies might not be found during the first path search. In this case, the traffic used to initiate a session creation that matched these undetected policies might be dropped, but the retransmission packets will pass successfully. |
PR Number | Synopsis | Category: IPSEC/IKE VPN |
1546537 | After IPsec tunnel using policy-based VPN is overwritten by another VPN client, traffic using this IPsec tunnel will be dropped. Product-Group=junos |
On all SRX platforms, traffic using Policy-based IPsec tunnel might be dropped after the Policy-based VPN tunnel is overwritten by another VPN client. |
1550232 | Traffic goes through policy-based IPsec tunnel might be dropped after RG0 failover Product-Group=junos |
On branch SRX series devices in a chassis cluster, when policy-based IPSec VPN is configured and the IPSec SA's lifetime is about to expire in a few minutes, the traffic might be dropped in the VPN tunnel after an RG0 failover. |
PR Number | Synopsis | Category: Security platform jweb support |
1550755 | Jweb: "+" button is not shown at Jweb interface menu Product-Group=junos |
When SRX has both dl0 and pp0 interfaces, no "+" button on interface (Configure > Interfaces > Ports) at Jweb. It prevents users to refer/modify logical interface configuration via Jweb. |
PR Number | Synopsis | Category: PFE infra to support jvision |
1547698 | SENSOR APP DWORD leak is observed during the period of churn for routes bound to the sensor group. Product-Group=junos |
SENSOR APP DWORD leak observed during the period of churn for routes bound to Sensor group. Sensor types that are affected are Segment Routing, Segment Routing-TE, LDP and RSVP LSPs. |
PR Number | Synopsis | Category: Layer 2 Circuit issues |
1511783 | The rpd process might crash after removing the last configured interface under the Layer 2 circuit neighbor. Product-Group=junos |
On all Junos platforms, rpd crash may be observed after removing the last interface configured under the l2circuit neighbor which is in fact active. |
PR Number | Synopsis | Category: Label Distribution Protocol |
1471191 | The rpd process might crash during shutdown. Product-Group=junos |
The rpd shutdown process such as clean up of scale configuration and rolling it back with LDP configured might cause rpd to crash. The rpd shutdown rarely happens during normal operation. It is widely used for testing purpose. The rpd crash may result in traffic loss. |
PR Number | Synopsis | Category: lldp sw on MX platform |
1538482 | DUT did not receive the LLDP packet from phone. Product-Group=junos |
On EX4300 platforms, the LLDP (Link Layer Discovery Protocol) neighborship with the VoIP (Voice over Internet Protocol) phones can't be established when LLDP is configured on the PoE (Power over Ethernet) enabled port on EX4300 and connects to the VoIP Phone. |
PR Number | Synopsis | Category: Multiprotocol Label Switching |
1500615 | Traffic loss might occur if ISSU is performed when P2MP is configured for an LSP. Product-Group=junos |
When p2mp is configured for an LSP, the label might be deleted on the backup RE from the MPLS table after switchover, which might lead to traffic loss on the new master RE. |
1546824 | Performing commit may trigger externally provisioned LSP MBB mechanism Product-Group=junos |
If link-protection is enabled for an externally provisioned LSP, any commit for the first time after provisioning will cause a make before break (MBB) even the configuration is not related to the LSP. |
PR Number | Synopsis | Category: Multicast Routing |
1555518 | Sending multicast traffic to downstream receiver on Trio based Virtual Chassis platforms might fail. Product-Group=junos |
On Trio based Virtual Chassis (VC) platform, when there are multicast tunneled packets being received, which come into the Virtual Chassis Ports (VCP) and then pop out of the tunnel, if the VCP ports and the interfaces where multicast packets enter/leave the router are located on the same Packet Forwarding Engine (PFE), it might fail in sending multicast traffic to downstream receiver due to this issue. |
PR Number | Synopsis | Category: Jflow and sflow on MX |
1550603 | The adapted sample rate might be reset to the configured sample rate without changing the sampling rate information in sFlow datagrams after enabling sFlow technology on a new interface Product-Group=junos |
For the platforms supporting single sample rate per line card (i.e. MX Series routers and EX9200 switches), the actual (effective) sample rate of all the interfaces on a single FPC will be set to the sample rate with the lowest value if the configured or adapted sample rate are different among the interfaces enabled sFlow technology on this FPC. So, after the adaptive sampling event happens and the adapted sample rate (It has value great than the configured sample rate) is used for the interfaces on a FPC, if enabling sFlow technology on a new interface on the same FPC, the actual (effective) sample rate for the existing interfaces will be changed to the configured sample rate. However, the "Adapted sample rate" in "show sflow interface" CLI command and the "Sampling rate" in sampling information of the sFlow datagrams still shows the previous adapted sample rate. The inconsistency between flow information and actual sample rate might cause issues on the collector side. |
PR Number | Synopsis | Category: Fabric Manager for MX |
1535787 | All SFBs might go offline due to fabric failure and fabric self-ping probes performing the disable-pfe action. Product-Group=junos |
Once yanking out the MPC without prior offline and the chassisd process is not able to process this event on the master RE due to additional mastership switch, and later the MPC which pulled out the slot is re-inserted back, many Switch Fabric Board (SFB) might be offline due to max_total_cell_usage overflow condition on the xfchip. MX2020 Platform with SFB2 is not exposed to such event, neither if MX2020 has the disable-grant-bypass configured. |
PR Number | Synopsis | Category: MX10K platform |
1456253 | On 4x1GE using QSFP28 optics, continuos logging in chassisd process occurs when speed 1g is configured: pic_get_nports_inst and ch_fru_db_key. Product-Group=junos |
On MX10008 and PTX10008, the continuous logging in the chassisd file might be seen. |
PR Number | Synopsis | Category: Neo Interface |
1453433 | Interfaces shutdown by 'disable-pfe' action might not be up using MIC offline or online command. Product-Group=junos |
On MX Series devices, MPC wedge might cause disable-pfe action. The disable-pfe action shuts down interfaces to avoid traffic being silently dropped. MIC bouncing (offline/online) operation brings WAN interfaces up, causing traffic to be dropped or silently discarded. Restoring the Packet Forwarding Engine entity upon disable-pfe action needs MPC restart. |
PR Number | Synopsis | Category: OS IPv4/ARP/ICMPv4 |
1544398 | ARP expired timer on backup RE is not same with master RE if aging-timer is configured Product-Group=junos |
If aging-timer is configured on master RE for an IRB interface, the ARP timer configuration is not synced properly to backup RE for the IRB interface. It might cause ARP storm after RE switchover. |
PR Number | Synopsis | Category: "ifstate" infrastructure |
1545463 | Continuous rpd errors might be seen and new routes will fail to be programmed by rpd Product-Group=junos |
In case of high route churn in the network, all kuackmem (Kernel ACK mechanism) entries may be exhausted as a result of a rare timing issue and any new routes will fail to get programmed by rpd. |
PR Number | Synopsis | Category: TCP/UDP transport layer |
1552603 | The BGP session replication might fail to start after the session crashes on a backup Routing Engine Product-Group=junos |
On certain Junos platforms with Dual-REs (platforms capable of installing Junos packages with name format as "junos*install"), BGP replication may fail to start under GRES/NSR setup after a crash on backup Routing Engine. NSR starts un-replicating the socket since backup Routing Engine is no longer present. Massive unreplicated request leads to memory buffer getting full with multiple BGP sessions (e.g., 20 BGP peers). Hence BGP unreplicated request returned with an error. Besides, the kernel is left with stale data. It does not allow the JSR (Juniper Socket Replication, BGP in this case) when backup RE comes up due to the stale data. BGP-NSR (Nonstop Routing) is broke under the conditions. Traffic outage will be observed after performing GRES. |
PR Number | Synopsis | Category: MPLS Point-to-Multipoint TE |
1415384 | p2mp sub-LSP down after transit link flap due to wrong computed ERO Product-Group=junos |
In a large scale P2MP LSP sub LSPs for example, if 1 P2MP have 100s of sub LSPs. If there is a path change in transit, the sub LSPs might repeatedly undergo MBB without switching over to a new path. This is due to by default the branch timeout is 30 second and if some branches were not able to recalculate/come up during this timeframe. LSPs resignal caused internal RSVP related tasks run behind in processing further control updates. |
PR Number | Synopsis | Category: PE based L3 software |
1550632 | The Neighbor Solicitation might be dropped from the peer device Product-Group=junos |
The Neighbor Solicitation (NS) might be dropped after the IPv6 binding is flushed from the peer side. The ping to IPv6 peer fails due to the NS message not reach RE. Since ping doesn?t work between the connected interface, any kind of traffic sent towards QFX might also not work. It has a traffic impact. |
PR Number | Synopsis | Category: vMX Platform Infrastructure related issue tracking |
1548422 | Traffic with jumbo frame may be discarded on the vMX platforms Product-Group=junos |
On the VMX platforms which are installed on ESXI 6.7 with vmxnet3 driver, traffic with jumbo frame (Packets with MTU more than 1500) may be discarded upon receiving. |
PR Number | Synopsis | Category: PPPoE functional plugin for bbe-smgd |
1565258 | PPPOE service-name-tables does not correctly count active sessions matching agent-specifier aci/ari used for delay. Product-Group=junos |
PPPOE service-name-tables does not correctly count active sessions matching agent-specifier aci/ari used for delay. |
PR Number | Synopsis | Category: Chassis mgmt for all QFX systems - chassis MIB, alarms, CLI |
1481143 | Chassisd cores might happen on backup RE after commit on QFX10Ks due to CHASSISD_MAIN_THREAD_STALLED for 200 seconds Product-Group=junos |
Chassisd cores might happen on the backup RE after commit on QFX10K8/16s due to CHASSISD_MAIN_THREAD_STALLED for 200 seconds. |
PR Number | Synopsis | Category: Interface related issues. Port up/down, stats, CMLC , serdes |
1538340 | Interfaces are not created after channel-speed 10g is applied across ports 48 to 53 on QFX5100-48T Product-Group=junos |
After channelizing port 48 through 53 and channel speed, the interfaces are down on QFX5100-48T platform. This issue causes interfaces are deleted and traffic might be dropped. |
PR Number | Synopsis | Category: QFX L2 PFE |
1535555 | [evpn_vxlan] [default_switch_instance] PFE error message is seen in BRCM-VIRTUAL,brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found) Product-Group=junos |
On a QFX5110 or 5120, when the Type 5 tunnels are destroyed, sometime we can see error messages "brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found)". There is no functionality impact due to this. |
PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
1512175 | DHCP traffic might not be forwarded correctly when sending DHCP unicast packets Product-Group=junos |
On EX4600/QFX5K platforms, DHCP unicast packets are getting dropped in the device due to DHCP relay filters which are getting installed during the init time without any DHCP configuration. |
PR Number | Synopsis | Category: QFX VC Infrastructure |
1548079 | Backup RE clears the reporting alarm for a PEM failure intermittently for a missing power source on a QFX5100 VC Product-Group=junos |
The PEM failure alarm for a missing power source on a QFX5100 VC is incorrectly being toggled on the Backup RE |
PR Number | Synopsis | Category: RPD Interfaces related issues |
1526481 | The following error message is observed during GRES if an IRB interface is configured without a profile: RPD_DYN_CFG_GET_PROF_NAME_FAILED. Product-Group=junos |
In DHCP subscriber scenario, if IRB interface is configured under dhcp-local-server without dynamic-profile, the DHCP process might be abnormal after GRES or restart rpd and cause DHCP subscribers unable to login. |
PR Number | Synopsis | Category: KRT Queue issues within RPD |
1542280 | The KRT queue might get stuck after RE switchover Product-Group=junos |
On all Junos platforms with dual Routing Engines (REs), if RE switchover happens while the rpd process on backup RE (new master RE) is reading routes from kernel, some error might happen in a very rare timing condition, and the Kernel Routing Table (KRT) queue might get stuck due to this issue. |
PR Number | Synopsis | Category: RPD policy options |
1523891 | The policy configuration might be mismatched between the rpd and mgd process when deactivate policy-options prefix-list is involved in the configuration sequence. Product-Group=junos |
If "deactivate policy-options prefix-list" is involved in configuration sequence along with other policy configurations, the mgd process might not notify the rpd process about the policy configuration changes after committing the configuration. This can cause the policy configuration to be out-of-synchronization between policy database used by rpd and configuration database used by mgd. Due to the missing policy entries in policy database, later the rpd might crash when accessing these entries via CLI command like "show policy". |
1562867 | Generate route goes to hidden state when protect core knob is enabled Product-Group=junos |
On all Junos platforms, if protect core knob is enabled under routing options then generate route might go into hidden state. |
PR Number | Synopsis | Category: Resource Reservation Protocol |
1516657 | The rpd scheduler might slip after the link flaps. Product-Group=junos |
On all Junos platforms with RSVP-TE configured, when a transit router carries a large number of LSP's (for example, 60k and higher) and all those LSPs undergo FRR (for example, when link carrying large number of LSP's flap) then, the rpd scheduler might slip and LDP session tear down might be observed after the link flap. |
PR Number | Synopsis | Category: SW PRs for SCBE3 fabric |
1553641 | The fabric errors are observed and the FPC processes might get offlined with SCBE3, MPC3E-NG, or MPC3E and MPC7 or MPC10 in the increased-bandwidth fabric mode. Product-Group=junos |
On MX240/MX480/MX960 platforms, with default "increased-bandwidth" fabric mode and SCBE3, if we have MPC3 or MPC3-NG exist on the system along with high bandwidth MPC, during high traffic situation or bursty traffic through the fabric towards MPC3/MPC3-NG. MX fabric might report unreachable destination condition and causes fabric healing to trigger in. This issue is exacerbated when having MPC7 or MPC10 line cards installed due to high fabric bandwidth that can be generated. |
PR Number | Synopsis | Category: IPSEC functionality on M/MX/T ser |
1540538 | The mspmand process leaks memory in relation to the MX telemetry reporting the following error message: RLIMIT_DATA exceed. Product-Group=junos |
On MX platforms with MS-MPC/MS-MIC service card installed, the card might run out of memory due to process mspmand memory leak, which may cause traffic interruption if adding and/or deleting of telemetry sensor. This is because these operations will trigger the memory allocation for decoding configuration change messages and will not release the memory at the end of processing. |
PR Number | Synopsis | Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP) |
1489942 | Prolonged flow control might occur with MS-MPC or MS-MIC. Product-Group=junos |
On MX platforms with MS-MPC/MS-MIC, if there are lots of self-generated packets like TCP-tickle and UDP-logging, there might be data congestion on the data path due to no throttling functionality for such types of packets. When the data path is blocked, prolonged flow-control might happen with the service interfaces being brought down and the PIC reboot. At the same time, the mspmand core file will be generated if dump-on-flow-control is enabled. |
PR Number | Synopsis | Category: MPC7/8/9 Interface Issues |
1532593 | Wavelength unlocked alarm In "on" when using SFP+-10G-T-DWDM-ZR optics Product-Group=junos |
Wavelength unlocked alarm In "on" when using SFP+-10G-T-DWDM-ZR optics MX-re0> show interfaces diagnostics optics xe-4/0/1 | match wave Wavelength channel number : 37 Wavelength setpoint : 1554.15 nm Wavelength error : 0.00 nm Wavelength unlocked alarm : On. <<<<<<<< As soon as we do "show sfp <#>" in pfe , this alarm goes away MX-re0> show interfaces diagnostics optics xe-4/0/1 | match wave Wavelength channel number : 37 Wavelength setpoint : 1554.15 nm Wavelength error : 0.00 nm Wavelength unlocked alarm : Off |
PR Number | Synopsis | Category: Trio pfe qos software |
1525188 | Flow programming issue for lt- interface in the Packet Forwarding Engine level is observed. Product-Group=junos |
On the MX150/VMX platforms, flow programming issue for the logical tunnel interface is seen in the PFE level. The internal schedulers attached to the logical tunnel interfaces are wrong. |
PR Number | Synopsis | Category: Trio pfe bridging, learning, stp, oam, irb software |
1502867 | Traffic originated from another subnet is sent out with 0x8100 instead of 0x88a8. Product-Group=junos |
On the MX platforms with MPC7/8/9 installed, when an interface configured with vlan-tags outer tpid (tag protocol ID) 0x88a8 on these line cards, traffic originated from another subnet will be sent out with 0x8100. It will cause traffic to get dropped at the remote site. |
PR Number | Synopsis | Category: Antivirus UTM issue |
1557278 | Stream buffer memory leak might happen when UTM is configured under unified policies. Product-Group=junos |
On all Junos platforms that support unified policies (layer 7 application), stream buffer memory leak might happen when Unified Threat Management (UTM) Antivirus Protection (AV)/ Antispam Filtering (AS)/Content Filtering (CF) is configured under unified policies. If the stream buffer memory is exhausted, traffic related to UTM will be affected. |
1563874 | UTM license expiry event lost may cause the device can't quit advance service mode and maximum-sessions decreased by half Product-Group=junos |
On SRX300/500 series platforms with the UTM license installed, the license expiry event lost may cause the device can't quit advance service mode and maximum-sessions decreased by half, it might cause traffic impact. |
PR Number | Synopsis | Category: We can use this category for Host protocols (LACP, LAG, ARP) |
1354452 | The mib2d process generates core file in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing up the base traffic profile. Product-Group=junos |
mib2d core in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing |
PR Number | Synopsis | Category: Virtual Router Redundancy Protocol |
1526851 | When SRX Series devices receive proxy ARP requests on VRRP interfaces, SRX Series devices send ARP replies with the underlying interface MAC address. Product-Group=junos |
On SRX Series devices with VRRP scenario, the proxy ARP reply uses interface MAC address instead of VRRP MAC address if the VRRP is configured on some IFL and the proxy-arp is configured on same IFL, traffic loss may occur. |
1558560 | Junos device might send VRRP advertisement packets in VRRP init or idle state before startup-silent-period timer expiry after performing GRES on VRRP master device with NSR disabled Product-Group=junos |
If VRRP master device has dual Routing Engines (REs) and GRES enabled but nonstop-routing (NSR) disabled, after performing GRES, both REs will move to VRRP init then idle state and the new master RE will send VRRP advertisement packets in this stage before startup-silent-period timer expiry. Since the VRRP backup device can still receive the VRRP advertisement packets with higher priority, it will not transition to VRRP master state and hence cause the longer traffic downtime until the VRRP master device re-take the VRRP mastership after startup-silent-period timer expiry. |
PR Number | Synopsis | Category: EX2300 Hardware |
---|---|---|
1463583 | EX2300-48MP-VC Rebooting randomly Product-Group=junos |
EX2300-48MP-VC Rebooting randomly. There is no any core getting generated, its rebooting silently and randomly. There are no any syslogs, console logs getting generated before reboot. Reboot reason is showing as normal reboot. |
PR Number | Synopsis | Category: Cassis XQ related issues |
1464297 | On the MX960 router, the following error message might be observed: SCHED L4NP[0] Parity errors. Product-Group=junos |
This PR along with an earlier PR1232952 address the issue completely, so JUNOS version in question should have fix for these two PRs to address this issue completely. |
PR Number | Synopsis | Category: Argus Platform issues |
1480217 | On the ACX6360 router, the disk usage might keep increasing. Product-Group=junos |
On PTX1000/ACX6360 Series platforms, the vmhost disk usage might keep increasing due to an incorrect sensor path. |
PR Number | Synopsis | Category: BBE interface related issues |
1525036 | Problem With static VLAN deletion with active subscribers and the FPC might be stuck at Ready state during restart Product-Group=junos |
In subscriber brought up over static VLAN scenario on MX platforms, during the restart process, some resources are stuck in the FPC and the FPC is never able to reach online state but stuck at Ready state. The fix is to make sure the device control daemon deletes the static VLAN interface only after the dependency table associated with the static VLAN interface are resolved/removed. |
PR Number | Synopsis | Category: BBE Statistics daemon & libraries |
1494637 | In node slicing setup after GRES, RADIUS interim updates might not carry actual statistics. Product-Group=junos |
In node slicing setup with MPC5 or newer cards after GRES, radius interim updates may not carry actual statistics. |
PR Number | Synopsis | Category: Bi Directional Forwarding Detection (BFD) |
1243146 | PFE with delegated non-inline BFD sessions may cause these BFD sessions to flap Product-Group=junos |
MX/PTX routers running Junos 15.1 or later with non-inline delegated BFD sessions such as microBFD are susceptible to BFD session flaps. The flaps are seen due to intensive RE - PFE traffic or additional threads causing PPM Data thread (especially with auth as it requires more intensive processing) starvation |
1518106 | The BFD sessions might flap continuously after disruptive switchover followed by GRES. Product-Group=junos |
Disruptive switchover (no GRES or NSR configured) can lead to stale PPM entries programmed on the new master Routing Engine. If both GRES and NSR are activated after disruptive switchover and then a GRES switchover is performed, BFD sessions might flap continuously. |
PR Number | Synopsis | Category: Border Gateway Protocol |
1456260 | Packet drop and CPU spike on Routing Engine might be seen in certain conditions if labeled-unicast protection is enabled for a CsC-VRF peer. Product-Group=junos |
On all Junos OS platforms under carrier supporting carrier (CsC) scenario, when PE link protection (labeled-unicast protection) is enabled, after one of the redundant links between CsC-CE flap or RSVP-TE LSP re-route from the primary path happens, it might result in slow convergence issue. Packets drop and CPU spike on the Routing Engine might be seen during this period. |
PR Number | Synopsis | Category: BBE Remote Access Server |
1402653 | The subscriber might need to take retry for login Product-Group=junos |
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login. |
PR Number | Synopsis | Category: Chotu platform software |
1519530 | Traffic loss might happen when an Uncorrected (Fatal) AER error is detected Product-Group=junos |
On MX2008, traffic loss might happen, if an AER error (Uncorrected fatal error) is detected, it brings down all Switch Fabric Boards (SFBs), but the RE in question will do nothing. The fix is to let the RE reboot in this situation. |
PR Number | Synopsis | Category: Device Configuration Daemon |
1530935 | Backup RE or backup node may stuck in bad status with improper "backup-router" configuration Product-Group=junos |
If the backup-router destination is configured the same IP address of an interface and a rib-group is configured to push this interface route from the default routing table to the other tables, after system reboots, backup-router destination configuration may be produced early before this IFA (IP address of an interface) configuration, which causes failure on the backup RE (In a Dual REs scenario) or backup node (In a cluster/VC scenario) when processing the rib-group configuration, then the backup RE or backup node may work in a bad status, impacting it to acquire the mastership. |
PR Number | Synopsis | Category: DNX L2 related features |
1526626 | With the ACX5448 router with 1000 CFM, the CCM state does not go in the Ok state after loading the configuration or restarting the Packet Forwarding Engine. Product-Group=junos |
This issue is seen as sync was not maintained between ppmd, ppman and pfe. |
PR Number | Synopsis | Category: EA chip ( MQSS SW issues ) |
1551353 | Reclassify MQSS_CMERROR_DRD_RORD_ENG_SRAM_PAR_PROTECT_FSET_REG_DETECTED block entries to Minor Product-Group=junos |
On the FPCs of MX10K platform, or MPC7,8,9E linecards, The FPC errors under "MQSS_CMERROR_DRD_RORD_ENG_SRAM_PAR_PROTECT_FSET_REG_DETECTED" category will be re-classified from "Major" to "Minor" by default. It will avoid "disable-pfe" action and the operation outage and recovery impact. |
PR Number | Synopsis | Category: SRX4100/SRX4200 platform software |
1547953 | Continuous "LCC: ch_cluster_lcc_set_context:564: failed to lock chassis_vmx mutex 11" chassisd logs generated Product-Group=junos |
On vSRX2.0, vSRX3.0, SRX1500, SRX4100, SRX4200, SRX4600 running Chassis Cluster in Junos 18.3 or later, multiple messages of "LCC: ch_cluster_lcc_set_context:564: failed to lock chassis_vmx mutex 11" are generated in the chassisd log file. These messages may reoccur after every few seconds and they do not have any impact on system operation. |
PR Number | Synopsis | Category: Libjtask for RPD tasks, scheduler, timers, memory, and slip |
1361250 | On the MX104 router, the scheduler slip is observed when the configuration changes are committed. Product-Group=junos |
RPD slips are noticed on MX104 for customers that have large configuration load on the box with multiple services enabled [Example l2circuits, VPLS, L3VPN, firewall-filters configuration, SNMP-polling, etc.] Following should be considered to avoid RPD slips for longer time duration: Configure system config: delta-export, persist-groups-inheritance, fast-synchronize Reduce configuration size where possible on this platform Remove any trace-options and reduce the logging pressure on the NAND-flash storage Analyse the load from processes such as snmpd, mib2d, pfed processes incase customers running SNMP. |
PR Number | Synopsis | Category: MX Inline Jflow |
1531633 | jnh_services_jflow_table_cfg_event(3406): Disabling inline jflow service due to internal error Product-Group=junos |
On EA based line cards, Maximum Inline Jflow scale supported is highly dependent on memory available at the time of flow table size or flex flow sizing configuration. It is not recommended to increase flow scale or set flex flow sizing when PFE's memory is fragmented or close to out-of-memory condition. Ex: When flex flow sizing is configured, Inline Jflow requires Hugh memory (~128M DWs). It is likely to fail if memory is fragmented or close to out-of-memory condition. |
PR Number | Synopsis | Category: jdhcpd daemon |
1565540 | jnxJdhcpLocalServerMacAddress (.1.3.6.1.4.1.2636.3.61.61.1.4.3) returns incorrect format of MAC address Product-Group=junos |
Due to the improper data type is assigned for the MAC address in the code, jnxJdhcpLocalServerMacAddress (.1.3.6.1.4.1.2636.3.61.61.1.4.3) returns incorrect format of MAC address. |
PR Number | Synopsis | Category: High Availability/NSRP/VRRP |
1548173 | Disabled node on SRX cluster sent out ARP request packets Product-Group=junos |
Disabled state node on an SRX cluster may send ARP requests when the primary of RG0 and 1 are on different nodes |
PR Number | Synopsis | Category: IPSEC/IKE VPN |
1564444 | A session might be closed when the session is created during the IPsec rekey Product-Group=junos |
A session might be closed when the session is generated during IPsec rekey. It might cause the traffic drop on SRX platforms. |
PR Number | Synopsis | Category: lldp sw on SRX platform |
1485290 | The LLDP protocol can be configured on SRX4100, SRX4200, SRX4600 and SRX5k, which it is not actually supported on those platforms. Product-Group=junos |
The LLDP protocol can be configured on SRX4100, SRX4200, SRX4600 and SRX5k, which it is not actually supported on those platforms. |
PR Number | Synopsis | Category: Multiprotocol Label Switching |
1460283 | The previously configured credibility preference is not considered by CSPF even though the configuration has been deleted or changed to prefer another protocol in the traffic engineering database. Product-Group=junos |
After configuring the credibility, the new credibility preference value will be stored internally and its not cleared or consider by the CSPF module, incase if the perviously configuration of "traffic-engineering credibility-protocol-preference" was deleted or if you configure "traffic-engineering credibility-protocol-preference" under another protocol (for example ISIS) |
PR Number | Synopsis | Category: Multicast for L3VPNs |
1536903 | The PIM (S,G) join state might stay forever when there are no MC receivers and source is inactive. Product-Group=junos |
The problem can be seen in MVPN ASM scenario on a PE which has local MC source and receivers and RP is remote. If all receivers stop joining the group and MC source stops transmitting, corresponding PIM (S,G) state may remain indefinitely despite that. Due to the problem a router will maintain extra PIM state. Service is not impacted. |
1546739 | MVPN multicast route entry might not be properly updated with the actual downstream interfaces list. Product-Group=junos |
In multicast VPN RPT-SPT mode with both locally and remotely connected receivers, the multicast forwarding entry related to the actual downstream interfaces may not be properly updated. The issue may happen when multicast forwarding entry is created by locally connected PIM receiver, followed by remote receiver and after local receiver decides to prune its membership in that multicast group. |
PR Number | Synopsis | Category: Bugs related to ethernet interface on MX platform |
999002 | Error message might be seen when configuring LLDP for "interface all" Product-Group=junos |
Customer cannot set LLDP on AE interface explicitly -- #set protocols lldp interface ae0 as opposed to all interfaces as in current configure. It is not supported currently both in kernel and cli configure. This has to be taken up as an enhancement. |
PR Number | Synopsis | Category: Track Mt Rainier RE platform software issues |
1386306 | The log message of 'kernel: interrupt storm detected on "irq11:"; throttling interrupt source' might be seen when NG-RE is used Product-Group=junos |
With Next Generation Routing Engine (NG-RE), in some race conditions, the following interrupts messages might be seen on master RE: kernel: interrupt storm detected on "irq11:"; throttling interrupt source |
PR Number | Synopsis | Category: OS IPv4/ARP/ICMPv4 |
1511833 | The kernel might crash causing the router or the Routing Engine to reboot when performing virtual IP related change. Product-Group=junos |
On all Junos platforms with VRRP enabled, if delete and add any configuration which involves the virtual IP in the same commit, the kernel might crash. When this happens, the system or the RE will reboot. |
PR Number | Synopsis | Category: FreeBSD Kernel Infrastructure |
1333855 | On Juniper networks Routing Engines with Hagiwara CompactFlash card installed, after the upgrade to Junos OS Release 15.1 and later, the following error message might appear: smartd[xxxx]: Device: /dev/ada1, failed to read SMART Attribute Data. Product-Group=junos |
Juniper Routing-Engines with HAGIWARA CF card installed, after upgrade to 15.1 and later releases, the failure message about "smartd[xxxx]: Device: /dev/ada1, failed to read SMART Attribute Data" might appear on messages log. |
PR Number | Synopsis | Category: PE based L3 software |
1500798 | BFD sessions flap after deactivating or activating the aggregated Ethernet interface or executing GRES. Product-Group=junos |
On QFX10008 platforms, if the BFD is configured over an AE interface (member link across multiple FPCs), deactivating/activating the AE interface or executing GRES will cause the BFD sessions to flap. |
PR Number | Synopsis | Category: Protocol Independant Multicast |
1500125 | Some PIM join or prune packets might not be processed in the first attempt in the scale scenario where the PIM routers establish neighborship and immediately join the multicast group. Product-Group=junos |
On all Junos platforms with scaling MVPN scenario, some PIM Join/Prune messages may not be processed for the first attempt. For instance, a dedicated PIM router receives more than 2500 PIM hello packets from the new neighbors, followed by PIM Join packets for the same multicast group in a very short period of time. |
PR Number | Synopsis | Category: QFX ISSU Infrastructure |
1435963 | Traffic drop might happen when SXE interface is used on the certain QFX platforms Product-Group=junos |
When the SXE interface is used QFX5110-32Q/QFX5110-48S/QFX5200-32C platforms, the dcpfe might crash since PIC might wrongly handle the SXE interface which is a service interface which should not belong to PIC. Then the IFD interface related to the SXE might be deleted from PIC and the traffic might be lost. |
PR Number | Synopsis | Category: QFX L3 data-plane/forwarding |
1560161 | JDI-RCT:: EVPN-VXLAN-TYPE5-NC :: qfx5100-24q :: Few ipv6 ARP ND fails after loading baseconfigurations. Product-Group=junos |
When configuring a VLAN ID for a VXLAN, recommendation is to use VLAN ID of 3 or higher. If you use a VLAN ID of 2, replicated broadcast, multicast, and unknown unicast (BUM) packets for these VXLANs might be untagged, which in turn might result in the packets being dropped by a device that receives the packets. |
PR Number | Synopsis | Category: RPD Next-hop issues including indirect, CNH, and MCNH |
1534455 | Some routes might get incorrectly programmed in the forwarding table in the kernel which is no longer present in rpd. Product-Group=junos |
In a scaled routes scenario, if there is any route change operation when the system is under memory pressure, the rpd might change a route entry but the same is not conveyed to the kernel. This causes a mismatch between routes in rpd and kernel leading to traffic blackhole for the mismatched route entries that are incorrectly programmed in the kernel. |
1561984 | The rpd crash might be observed during processing huge amount of PIM prune messages Product-Group=junos |
In MVPN scenario, if huge amount of PIM prune messages (e.g. more than 3500 receivers for more than 3 multicast groups) are processed on a Junos device, the rpd crash might occur. |
PR Number | Synopsis | Category: RPD route tables, resolver, routing instances, static routes |
1482112 | The rpd process might crash when deactivating logical systems. Product-Group=junos |
On all Junos platforms running with logical systems, if the logical systems get deactivated either by manually restarting the rpd process or by the deletion of the logical system configurations, the rpd process might crash in a race condition. It is a timing issue. |
PR Number | Synopsis | Category: show route table commands, tracing, and syslog facilities |
1555866 | Configuring HFRR i.e. link-protection on an interface may cause rpd to crash Product-Group=junos |
On MX/VMX/T/TX series platforms, if Host fast reroute (HFRR) is enabled on an interface, the ARP and FRR (BGP backup routes) routes will be added to RIB. Then changing this interface address and adding new ARP route within 10 seconds will cause the rpd to crash. |
PR Number | Synopsis | Category: Sangria Platform fabric, fabric management, TF chip driver |
1547790 | Traffic blackhole might be seen after swapping an FPC type 3 card with an FPC type 1 card in the same slot on a PTX3000 router Product-Group=junos |
On the PTX3000 router, swapping an FPC type 3 card (FPC3-SFF-PTX) with an FPC type 1 card (FPC-SFF-PTX) in the same slot will result in the fabric channel-map not get updated on the SIB after the swap. This issue will cause total traffic loss. |
PR Number | Synopsis | Category: SW PRs for SCBE3 related kernel drivers |
1564539 | MX platforms with MX-SCBE3 may reboot continuously. Product-Group=junos |
A recent change in the kernel boot loader causes a system with MX-SCBE3 to experience the Routing Enginne's kernel memory corruption which causes the system to reboot continuously. |
PR Number | Synopsis | Category: Generic platform and infra issues for MS-MIC and MS-MPC(XLP) |
1459306 | The traffic might be stuck on MS-MPC or MS-MIC with sessions receiving a huge number of affinity packets Product-Group=junos |
On MX platforms with MS-MPC/MS-MIC, if there are sessions receiving huge number of affinity packets (e.g. thousands of packets), the service interface might be brought down by the prolonged flow-control, and the mspmand process crash might happen. In this case, the traffic will be stuck due to this issue. |
PR Number | Synopsis | Category: All PRs related to platform SRX5XX |
1557311 | SRX550M: dumpdisklabel command fails with message "ERROR: Unknown platform srx550m" Product-Group=junos |
On SRX550Ms, the shell utility to format a USB stick to store kernel coredumps, dumpdisklabel, does not recognize the platform it's running on. The error message "Unknown platform srx550m" will be displayed when it's run. |
PR Number | Synopsis | Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch |
1529602 | In the subscriber management environment, the RADIUS interim accounting records does not get populated with the subscriber statistics. Product-Group=junos |
In the subscriber management environment, RADIUS interim accounting records are not populated with the subscriber statistics after a system reboot. In this case, the MAC of the routing engine is not learned by the nextgen-stats manager on the PFE. |
1539474 | The accounting interim-updates for subscriber does not work after GRES and subsequent reboot of FPCs in the node-slicing setup. Product-Group=junos |
On MX with MPC5 and newer card installed, if node slicing and subscriber service are enabled, the radius accounting interim updates may not carry actual statistics after performing GRES of base system (BSYS) and subsequent reboot of FPCs. |
PR Number | Synopsis | Category: DDos Support on MX |
1519887 | The state of the flow detection configuration might not be displayed properly if DDOS-SCFD is configured globally Product-Group=junos |
The display output under "Flow detection configuration" for individual packet-type does not reflect the effect of DDoS global configuration (e.g. "set system ddos-protection global flow-detection-mode off"). This is only a display issue that happens when the DDoS-SCFD (suspicious flow detection) function is configured for all protocol groups and packet types. |
PR Number | Synopsis | Category: UI Infrastructure - mgd, DAX API, DDL/ODL |
991081 | The configuration change on Backup RE cannot be synchronized while deleting inactivated interfaces/routing-instances from master Product-Group=junos |
In the dual Routing Engine scenario, the backup Routing Engine does not sync up the configuration change while deleting an inactivated interface/routing-instances from the master. So after the operation, the inactivated interface/routing-instances still exists on the backup Routing Engine. |
PR Number | Synopsis | Category: V44 Aggregation Device Platforms |
1435964 | Junos fusion / EX4300 SD / Low RX power seen on SD Product-Group=junos |
On Juniper Fusion on SNOS devices running older JUNOS there is no support to read rx power values considering internal calibration. Hence low rx power values are read. This is resolved in the future releases where in the support for this feature is introduced. This is addressed through SNOS 3.5R4 and 3.2R4 |
Getting Up and Running with Junos
Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search