Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

20.3R2-S1: Software Release Notification for JUNOS Software Version 20.3R2-S1



Article ID: TSB18087 TECHNICAL_BULLETINS Last Updated: 10 Jun 2021Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
Alert Description:
Junos Software Service Release version 20.3R2-S1 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts

Junos Software service Release version 20.3R2-S1 is now available.

20.3R2-S1 - List of Fixed issues
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1573411 The GRE egress traffic might not be forwarded between the different routing-instances
In the GRE tunnel with the routing-instances scenario, if the next-hop of GRE tunnel destination is learned from the different routing-instance (e.g. the next-hop is learned via leaked route), it might be rejected to be installed into the routing table. Then, the egress GRE traffic will not be forwarded via the egress physical interface, the GRE traffic across the different routing-instances might not be forwarded.
PR Number Synopsis Category: BBE database related issues
1554539 The subscriber sessions might be missed but stay in the authd after performing ISSU
In the subscriber management environment, the subscriber session might be missed in bbe-smgd (BBE system management daemon) but stay in authd (authentication daemon) after ISSU (In-Service Software Upgrade) or VC (Virtual Chassis) global switchover. Because there is no accounting session stop sent from bbe-smgd, the radius server does not clean up these forgotten sessions and this leads to radius free pool limits which have an impact on the subscribers.
PR Number Synopsis Category: EX4400 platform
1573889 EX4400: Mgmt LEDs are not working as per expectations
Below is the status of management LED when speed is set to: 1. 10m - Activity LED is not blinking when ping/traffic is runnig (instead it is remaining steady GREEN) 2. 100m - Activity LED is blinking without any ping/traffic.
PR Number Synopsis Category: IDP attack detection in the subscriber qmodules
1588450 Application-identification related signatures might not get triggered
On SRX-Series devices, some of the application-identification(appid) related signatures might not get triggered when there is an update of IDP signature package/application-identification version to 3372.
PR Number Synopsis Category: Integrated Routing & Bridging (IRB) module
1533874 On the QFX5100 Virtual Chassis and Virtual Chassis fan, after NSSU while performing GRES, backup can generate core file and go to the database prompt
On EX/QFX platforms, after doing NSSU and performing GRES backup member of Virtual Chassis might go to unstable state leading to kernel core with db>prompt. This issue can impact traffic.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1563647 Memory corruption of any binary in /usr/bin/ or /usr/sbin/ may be triggered when a recovery snapshot is being copied to the OAM volume
Memory corruption of a binary from /usr/bin/ or /usr/sbin/ directory can occur if such binary is invoked when a recovery snapshot creation is in progress. The exact symptoms will be different depending on the exact binary and JUNOS version - some programs will show an error, and some programs will crash every time it is executed. Such memory corruption will be persistent until the affected Routing Engine is restarted. Please refer to TSB17954 ( for further details.
1579331 EX4400: Under some conditions, the FPGA reset reason may be incorrectly shown in console logs as 0.
EX4400: Under some special conditions, such as boot from OAM volume following a graceful/warm reboot, the FPGA reset reason incorrectly shown in console logs as 0.
PR Number Synopsis Category: Express Chip L3 software
1571286 Unexpected packet loss might happen if subunit of the physical interface is deleted
On QFX platforms, both 'flexible-vlan-tagging' and 'native-vlan-id' are configured and one of the subunit matches native VLAN ID. Traffic loss might happen if the physical interface is reconfigured as Layer 3 interface without VLAN tag.
PR Number Synopsis Category: SW PRs for SCBE3 related kernel drivers
1564539 MX platforms with MX-SCBE3 may reboot continuously.
A recent change in the kernel boot loader causes a system with MX-SCBE3 to experience the Routing Enginne's kernel memory corruption which causes the system to reboot continuously.

20.3R2-S1 - List of Known issues
PR Number Synopsis Category: QFX PFE L2
1566266 [evpn_vxlan] [evpn_instance] QFX5120-48Y :: JDI-RCT:observed type5 inter pod traffic drops in POD1 TOR device while loading evpn_vxlan type5 base config
There is a partial traffic drop observed sometimes when type5 inter pod traffic is sent with evpn vxlan configuration. There is no exact trigger for this issue.
PR Number Synopsis Category: S/W Diags support for ACX series SKUs.
1513553 ACX710 with the console cable plugged in may find that the system boot is interrupted
For ACX710, if the console cable is plugged in and the terminal connection is active and sending characters to the interface, the system boot may be interrupted and the ACX710 boot will be stalled at the uboot# prompt.
1569818 ACX710 With console cable plugged in, boot cycle is interrupted and router ends up at uboot prompt
Boot cycle is interrupted and router ends up at uboot prompt if ACX710 router accessed via console using Putty application during boot up
PR Number Synopsis Category: Ethernet OAM (LFM)
1529209 Junos OS: ethtraceroute Local Privilege Escalation vulnerabilities in SUID binaries (CVE-2021-0255)
A local privilege escalation vulnerability in ethtraceroute Ethernet OAM utility of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. Please refer to for more information.
Modification History:
First publication 2021-06-10
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search