Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.2R3-S8: Software Release Notification for JUNOS Software Version 18.2R3-S8

0

0

Article ID: TSB18050 TECHNICAL_BULLETINS Last Updated: 21 May 2021Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 18.2R3-S8 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Solution:

Junos Software service Release version 18.2R3-S8 is now available.

18.2R3-S8 - List of Fixed issues
PR Number Synopsis Category: EX4300 PFE
1576022 DHCP packets with source IP as link-local address are dropped in EX4300
Product-Group=junos
On EX4300 Series switches with Multicast Listener Discovery (MLD) snooping enabled, when DHCP packets with source IP as link-local address are sent across EX4300, they will get dropped.
PR Number Synopsis Category: Marvell based EX PFE L3
1557229 Traffic related to IRB interface might be dropped when mac-persistence-timer expires.
Product-Group=junos
On EX3400/EX4400/EX4300MP virtual chassis (VC) platforms, if the IRB interface is configured with members across master and backup VC, the new MAC address of the IRB interface might not be programmed in hardware after mac-persistence-timer expires. This might result in all traffic related to the IRB interface be dropped.
PR Number Synopsis Category: MPC3/4/5/6E XQ software
1464297 On the MX960 router, the following error message might be observed: SCHED L4NP[0] Parity errors.
Product-Group=junos
This PR along with an earlier PR1232952 address the issue completely, so JUNOS version in question should have fix for these two PRs to address this issue completely.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1573411 The GRE egress traffic might not be forwarded between the different routing-instances
Product-Group=junos
In the GRE tunnel with the routing-instances scenario, if the next-hop of GRE tunnel destination is learned from the different routing-instance (e.g. the next-hop is learned via leaked route), it might be rejected to be installed into the routing table. Then, the egress GRE traffic will not be forwarded via the egress physical interface, the GRE traffic across the different routing-instances might not be forwarded.
PR Number Synopsis Category: QFX PFE MPLS
1528409 Junos OS: EX4300-MP/EX4600/EX4650/QFX5K Series: Packet Forwarding Engine manager (FXPC) process crashes when deployed in a Virtual Chassis (VC) configuration (CVE-2021-0237)
Product-Group=junos
On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames. Refer to https://kb.juniper.net/JSA11132 for more information.
PR Number Synopsis Category: Accounting Profile
1509114 The pfed might crash when running 'show pfe fpc x'.
Product-Group=junos
When the pfed is running on a 64 bit machine, it might crash after issuing the command "show pfe fpc x".
1563641 The configuration archive transfer-on-commit fails when running Junos OS Release 18.2R3-S6.5.
Product-Group=junos
RI name array is not initialised properly in PFED. Hence RI name is not populated properly in the cfg_file due to this the archival is not getting pushed during commit.
PR Number Synopsis Category: MX Layer 2 Forwarding Module
1462642 On MX Series router, the following logs are seen: L2ALD_MAC_IP_LIMIT_REACHED_IF: Limit on learned MAC+IP bindings reached for .local.1048605; current count is 1024.
Product-Group=junos
MX following logs seen L2ALD_MAC_IP_LIMIT_REACHED_IF: Limit on learned MAC+IP bindings reached for .local.1048605; current count is 1024
PR Number Synopsis Category: Junos Fusion Infrastructure
1454335 The SDPD generates core files at vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry.
Product-Group=junos
SDPD core found @ vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry on following triggers 1) Delete and add same SD device with some attribute change in single commit 2) Interchange slot id between two SD devices in single commit
PR Number Synopsis Category: BBE database related issues
1554539 The subscriber sessions might be missed but stay in the authd after performing ISSU
Product-Group=junos
In the subscriber management environment, the subscriber session might be missed in bbe-smgd (BBE system management daemon) but stay in authd (authentication daemon) after ISSU (In-Service Software Upgrade) or VC (Virtual Chassis) global switchover. Because there is no accounting session stop sent from bbe-smgd, the radius server does not clean up these forgotten sessions and this leads to radius free pool limits which have an impact on the subscribers.
PR Number Synopsis Category: BBE interface related issues
1437847 LNS router might send the router-advertisement packet with NULL source link-layer option field.
Product-Group=junos
On MX platforms which act as Layer 2 Tunneling Protocol (L2TP) Network Servers (LNS), if IPv6 Neighbor Discovery Protocol (NDP) Router Advertisement (RA) is enabled on a LNS interface, the RA packets sourced over the LNS interface might have NULL source link-layer option field. Due to this issue, subscribers might be unable to get NDP RA address.
PR Number Synopsis Category: Border Gateway Protocol
1446383 The BGP route prefixes are not being advertised to the peer.
Product-Group=junos
In the graceful-restart and delay-route-advertisements are configured scenario, when a BGP router is waiting for the End-Of-Rib message from the upstream BGP peer, the received corresponding set of NLRI (network layer reachability information) might be held in the Rib-Out and not being sent to the downstream BGP peers. This issue will cause the route update failure.
1492743 The BGP route-target family might prevent the route reflector from reflecting Layer 2 VPN and Layer 3 VPN routes.
Product-Group=junos
If the user only sets protocols bgp local-as <> without configuring routing-options autonomous-system <> or having a different autonomous-system number than local-as, the iBGP Route-Reflector (RR) will treat the route-target (RT) routes from iBGP neighbor PEs as an external prefix, and by default, the external peer number is limited to one for a given Route Target, in this case, the Route-Reflector might not reflect L2VPN and L3VPN prefixes to some iBGP clients advertised the same RT prefixes.
PR Number Synopsis Category: MX Platform SW - Power Management
1545838 FPC(s) may not boot-up on MX960/EX9214 in a certain condition
Product-Group=junos
On MX960/EX9214 platforms with high-capacity/normal-capacity power supplies, FPC(s) may fail to come online when the corresponding power is restored afterward but not present during the power-up stage.
PR Number Synopsis Category: Enhanced Broadband Edge support for cos
1582356 bbe-smgd process on both routing engines may crash due to a rare timing issue after logout of subscribers over pseudowire
Product-Group=junos
In subscriber over MPLS pseudowire scenario, bbe-smgd process on both routing engines may crash due to a rare timing issue after subscriber logout. Output of "show system core-dumps routing-engine both" will indicate presence of bbe-smgd core dumps on both routing engines.
PR Number Synopsis Category: MX-ELM l2ng stormcontrol
1552815 The action-shutdown command of storm control does not work for the ARP broadcast packets.
Product-Group=junos
With knob 'action-shutdown' configured in storm control scenario, the interface will not go to shutdown state if ARP storm exceeds the configured limit. The excess packets will be dropped normally.
PR Number Synopsis Category: Layer 3 forwarding, both v4+v6
1477261 Junos OS: ACX5448, ACX710: BFD sessions might flap due to high rate of transit ARP packets (CVE-2021-0216)
Product-Group=junos
A vulnerability in Juniper Networks Junos OS running on the ACX5448 and ACX710 platforms may cause BFD sessions to flap when a high rate of transit ARP packets are received. This, in turn, may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Please refer to https://kb.juniper.net/JSA11118 for more information.
PR Number Synopsis Category: EVPN control plane issues
1439537 The rpd process may crash after committing changes in the EVPN environment
Product-Group=junos
On all Junos platforms with EVPN configured, the rpd process may crash after committing any configuration changes if there is an existing MAC entry received from multiple sources and trying to update the latest source. Traffic loss may be observed due to the rpd crash.
1570883 The multicast traffic loss might be seen in EVPN-VXLAN scenario with CRB multicast snooping
Product-Group=junos
On MX and EX92 platforms, if multicast packet replication occurs in IRB egress interface in EVPN-VXLAN scenario with CRB multicast snooping, the ether-type of the inner VXLAN packet is getting changed. It might cause multicast traffic loss and VXLAN traffic flooding.
PR Number Synopsis Category: Express PFE L2 fwding Features
1534340 The dcpfe process might crash and cause FPC to restart due to the traffic burst.
Product-Group=junos
The dcpfe process might crash on the QFX10002-60C/PTX10002-60C platform and might lead to FPC restart causing traffic loss. This issue is seen during traffic bursts on the device.
PR Number Synopsis Category: Enhanced Broadband Edge support for firewall
1531580 New subscribers might fail to connect due to "Filter index space exhausted" error
Product-Group=junos
In Junos OS Enhanced Subscriber Management software architecture, there is a code to manage list of freed filter indices. The current code only releases the freed filter indices when a subscriber logs out. However, if only address family bounces (like activating/deactivating family) or service activation/deactivation occurs but the subscriber does not log out, the filter allocation/deletion will happen, but the freed filter indices will not be released. This is more likely happen in a dual-stack subscriber scenario. This filter index leak issue could eventually result in filter index space being exhausted, thereby affecting the new subscriber session establishment. There are 4 million filter indices in the system, so the system can still work even with so many indices in pending state.
PR Number Synopsis Category: Optical Transport Interface
1475777 The interface on MIC3-100G-DWDM might go down after performing an interface flap.
Product-Group=junos
On MX with MIC3-100G-DWDM installed, after performing an interface flap, the interface on 100G DWDM MIC might be going down.
PR Number Synopsis Category: jdhcpd daemon
1525052 Memory leak in the jdhcpd process might be seen if access-profile is configured under the dhcp-relay or dhcp-local-server statement.
Product-Group=junos
With access-profile being configured under "forwarding-options dhcp-relay" or "system services dhcp-local-server" stanza, there might be memory leak in jdhcpd when DHCP request is processed. The leaked memory size for each processing will be the number of bytes equal to the length of the access profile.
1564434 Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash and restart. (CVE-2021-0240)
Product-Group=junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Please refer to https://kb.juniper.net/JSA11168 for more information.
PR Number Synopsis Category: Adresses ALG issues found in JSF
1462984 On the SRX5000 line of devices, the H323 call with NAT64 could not be established.
Product-Group=junos
On SRX5000 platforms, the H323 call with NAT enabled cannot be established when the H323 GK (Gatekeeper) works in direct mode.
PR Number Synopsis Category: Layer 2 Control Module
1561235 The l2cpd process might generate a core file on reboot.
Product-Group=junos
When xSTP is used, the l2cpd core might be seen on reboot. This will be a one-time core and will not impact on functionality.
PR Number Synopsis Category: "ifstate" infrastructure
1545463 Continuous rpd errors might be seen and new routes fails to be programmed by the rpd process.
Product-Group=junos
In case of high route churn in the network, all kuackmem (Kernel ACK mechanism) entries may be exhausted as a result of a rare timing issue and any new routes will fail to get programmed by rpd.
PR Number Synopsis Category: TCP/UDP transport layer
1552603 The BGP session replication might fail to start after the session crashes on the backup Routing Engine.
Product-Group=junos
On certain Junos platforms with Dual-REs (platforms capable of installing Junos packages with name format as "junos*install"), BGP replication may fail to start under GRES/NSR setup after a crash on backup Routing Engine. NSR starts un-replicating the socket since backup Routing Engine is no longer present. Massive unreplicated request leads to memory buffer getting full with multiple BGP sessions (e.g., 20 BGP peers). Hence BGP unreplicated request returned with an error. Besides, the kernel is left with stale data. It does not allow the JSR (Juniper Socket Replication, BGP in this case) when backup RE comes up due to the stale data. BGP-NSR (Nonstop Routing) is broke under the conditions. Traffic outage will be observed after performing GRES.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1475851 FPC major error is observed after system boots up or FPC restarts.
Product-Group=junos
FPC is reporting Major Error because of SHUTDOWN ERI failure during BIST with repair on HMC having FW version >= 0x9c. BIST with repair is incorporated during boot up, so this Major Error will be reported during boot up having FW>=0x9c on HMC. During debugging, its found that this ERI is getting issued even before the HMC was brought up which is resulting into this Error. So added bringup steps for HMC before the BIST procedure starts as done for vale-ptx.
PR Number Synopsis Category: QFX L2 PFE
1535555 The following Packet Forwarding Engine error message is observed in the BRCM-VIRTUAL: brcm_virtual_tunnel_port_create() ,489: Failed NW vxlan port token(45) hw-id(7026) status(Entry not found).
Product-Group=junos
On a QFX5110 or QFX5120, when the Type 5 tunnels are destroyed, sometime we can see error messages "brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found)". There is no functionality impact due to this.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1560161 Few IPv6 ARP ND fails after loading the base configurations
Product-Group=junos
On QFX5k platforms, when configuring a VLAN ID for a VxLAN, recommendation is to use VLAN ID of 3 or higher. If VLAN ID of 2 is used, replicated broadcast, multicast, and unknown unicast (BUM) packets for these VxLANs might be untagged, which in turn might result in the packets being dropped by a device that receives the packets.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1482112 The rpd process might crash when deactivating logical systems.
Product-Group=junos
On all Junos platforms running with logical systems, if the logical systems get deactivated either by manually restarting the rpd process or by the deletion of the logical system configurations, the rpd process might crash in a race condition. It is a timing issue.
PR Number Synopsis Category: SW PRs for SCBE3 related kernel drivers
1564539 MX platforms with MX-SCBE3 may reboot continuously.
Product-Group=junos
A recent change in the kernel boot loader causes a system with MX-SCBE3 to experience the Routing Enginne's kernel memory corruption which causes the system to reboot continuously.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1458057 Junos OS: SNMP fails to properly perform authorization checks on incoming received SNMP requests (CVE-2021-0260)
Product-Group=junos
An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs that support write operations, against the device without authentication. Please refer to https://kb.juniper.net/JSA11151 for more information.
PR Number Synopsis Category: platform related PRs on SRX branch platforms
1572920 Traffic going through the VRRP interface might be dropped when VRRP enabled IRB interface goes down.
Product-Group=junos
On the SRX platform with multiple IRB interfaces belong to the same VRRP group ID, when one of the IRB interfaces down, it might cause traffic disruption going through Virtual IP (VIP) on another IRB interface.
PR Number Synopsis Category: Trio pfe multicast software
1548806 The IIF-LIST APP DWORD leak is observed during the period of churn for the NGMVPN-MoFRR routes with sender-based-rpf enabled.
Product-Group=junos
IIF-LIST APP DWORD leak observed during the period of churn for NGMVPN-MoFRR routes with sender-based-rpf enabled. Two modes of NGMVPN namely SPT-ONLY and RPT-SPT are impacted.
PR Number Synopsis Category: DDos Support on MX
1562474 The DHCPv4 request packets might be wrongly dropped when DDoS attack occurs.
Product-Group=junos
On MX platform, T4000 platform and EX9200 platform, end-users or end-hosts might not get an IPv4 address from Dynamic Host Configuration Protocol (DHCP) server when Distributed Denial-of-Service (DDOS) attack is happened on DHCP rebind packets or renew packets. In the end, end-users or end-hosts could not access into network after lease time of the IPv4 address expired.
PR Number Synopsis Category: We can use this category for Host protocols (LACP, LAG, ARP)
1354452 The mib2d process generates core file in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing up the base traffic profile.
Product-Group=junos
mib2d core in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing
 

18.2R3-S8 - List of Known issues
PR Number Synopsis Category: EX2300/3400 platform
1567438 EX2300 shows high FPC CPU usage
Product-Group=junos
EX2300 shows high FPC CPU usage, however the system processes and kernel CPU usage doesn't add up to the overall FPC usage. This is due to a cosmetic issue with calculation of FPC CPU usage that has been resolved in newer releases of Junos 21.1R1 and higher.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1483959 On the ACX5048 router, traffic loss is observed during the unified ISSU upgrade.
Product-Group=junos
On ACX5048/ACX5096 platforms, there might be issues with packet processing on the interfaces post ISSU. The upgrade happens without any issue, however, after the upgrade, the ports does not get enabled in PFE (Packet Forwarding Engine) which might result in traffic loss. This issue is seen when an internal register value gets reset to 0 during ISSU.
PR Number Synopsis Category: ACX L2 related features
1565642 ACX5048: Entry for mac address from which no traffic is seen for mac age timer does not age out if there is active traffic destined for this mac
Product-Group=junos
As per the current code, ACX would not delete a mac address from the mac table there is- (a) traffic destined to the mac address or (b) traffic sourced from the mac address or (c) both Fix of this PR will allow ACX to only look at (b) traffic sourced from mac address before deleting the mac address entry from mac table. So, if there is no traffic sourced from the mac for an interval of mac aging timer, the mac would be deleted from the mac table at the end of mac aging timer with out taking into account the traffic destined to the mac address.
PR Number Synopsis Category: Control Plane and Infrastructire for the B-54 program
1188254 Junos Fusion Enterprise: LLDP might stop working if manually deactivated and reactivated
Product-Group=junos
On a Junos Fusion Enterprise, LLDP might stop working if it is reenabled after being manually disabled.
PR Number Synopsis Category: BBE Remote Access Server
1402653 The subscriber might need to take retry for login
Product-Group=junos
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
PR Number Synopsis Category: PRs related to channelized E1/T1 mic
1442820 JDI MMX REGRESSIONS:MX104:T1 mode interfaces link protocol is not coming up with cisco-hdlc encapsulation
Product-Group=junos
mode interfaces link protocol is not coming up with cisco-hdlc encapsulation
PR Number Synopsis Category: Ethernet OAM (LFM)
1500048 The fpc process might crash in the inline mode with CFM configured.
Product-Group=junos
On the Junos platforms with inline mode CFM (Connectivity Fault Management) configured, if there are several CFM adjacencies flapping, due to the flaw in the CFM module to process the error-adjacencies messages, the FPC may crash alongside with NPC core-dump file generated. All services/traffic configured on the FPC will see outage till FPC recovers from an automatic reboot.
PR Number Synopsis Category: Multiprotocol Label Switching
1575060 The LSP might fail to be established
Product-Group=junos
When ISIS-TE or OSPF-TE is enabled without admin-groups-extended-range/admin-groups-extended (which is configured under routing-options) or admin-group-extended configured, if receives the peer-router advertised the extended admin groups and then enable the config of admin-groups-extended-range/admin-groups-extended and admin-group-extended, some LSP with extended admin group constraints will fail to be established.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1571545 VMcore is seen on EX2300 & EX3400 Series Switches when high-rate of jumbo frames are continuously received on the mgmt interface (me0/vme).
Product-Group=junos
VMcore is seen on EX2300 & EX3400 Series Switches when high-rate of jumbo frames are continuously received on the mgmt interface (me0/vme).When large size frames ( 2048 bytes or more) are continuously received on the out-of-band management (me0/vme) interface of EX2300 and EX3400 Series switches, then in rare scenario it may cause a kernel crash resulting in a vmcore file generation followed by a complete system reboot.
PR Number Synopsis Category: show route table commands, tracing, and syslog facilities
1574497 PIM rib-group fails to be added in VRF.
Product-Group=junos
PIM rib-group failure to add in vrf - PIM: ribgroup vrf not usable in this context; all RIBs are not in instance
PR Number Synopsis Category: SRX-1RU infrastructure SW defects
1552175 SRX Junos upgrade gets stuck with 'ERROR: There is pending upgrade. upgrade_in_progress=stage'
Product-Group=junos
After running 'request system software add ' in SRX TVP platforms if you break upgrade process by pressing Ctrl+c you would see below error: 'ERROR: There is pending upgrade. upgrade_in_progress=stage' After experiencing above error further software upgrade or rollback may not work, and this is a product limitation currently in Junos SRX TVP platforms.
PR Number Synopsis Category: Issues related to broadband edge apps (PPP, DHCP) on Trio ch
1496265 Error message "PFEIFD: Could not decode media address with length 0" is generated by Packet Forwarding Engine when subscribers come up over a pseudowire interface.
Product-Group=junos
The error message "PFEIFD: Could not decode media address with length 0" can be observed when subscribers come up over a pseudowire interface, but there is no functional impact.
 
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search