Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

18.3R3-S5: Software Release Notification for JUNOS Software Version 18.3R3-S5

0

0

Article ID: TSB18130 TECHNICAL_BULLETINS Last Updated: 30 Jul 2021Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Risk Risk Description
Low/Notification - No defined time impact to take action Software Release Notification
Impact Impact Description
Low/Notification - Monitor the situation but no action needed Software Release Notification

Solution:

Junos Software service Release version 18.3R3-S5 is now available.

18.3R3-S5 - List of Fixed issues
PR Number Synopsis Category: EX4300 PFE
1556124 The traffic might be dropped on layer-3 LAG after rebooting or halting any member of EX4300 VC
Product-Group=junos
In the layer-3 link aggregation group (LAG) with EX4300 VirtualChassis (VC) scenario, if any member switch of VC reboot or halt for a long duration, the new mac-address might not get programmed properly on the corresponding hardware of layer-3 LAG, thus the ARP entry of layer-3 LAG might not be generated correctly on the VC side and traffic loss might happen.
1576022 DHCP packets with source IP as link-local address are dropped in EX4300
Product-Group=junos
On EX4300 Series switches with Multicast Listener Discovery (MLD) snooping enabled, when DHCP packets with source IP as link-local address are sent across EX4300, they will get dropped.
1595797 The Egress RACL Firewall filter might not get programmed correctly on EX4300 platforms
Product-Group=junos
On EX4300 platforms, the Egress RACL(Routed ACLs) Firewall filter might not get programmed correctly, if there is any modification made in the filter which is already attached to an interface and it is the only filter in the group. The traffic through the interface will be impacted.
PR Number Synopsis Category: Marvell based EX PFE L2
1579293 Some MAC addresses might not be aged out on EX4300 platforms
Product-Group=junos
On EX4300 platforms, when the number of MAC addresses learned in the system is close to the MAC limit of 65535, some MAC addresses might not be aged out even if the traffic stops and aging timeout occurs. It is a rare issue and hard to be reproduced.
PR Number Synopsis Category: Marvell based EX PFE L3
1557229 Traffic related to IRB interface might be dropped when mac-persistence-timer expires.
Product-Group=junos
On EX3400/EX4400/EX4300MP virtual chassis (VC) platforms, if the IRB interface is configured with members across master and backup VC, the new MAC address of the IRB interface might not be programmed in hardware after mac-persistence-timer expires. This might result in all traffic related to the IRB interface be dropped.
PR Number Synopsis Category: EX2300/3400 PFE
1586341 DSCP Rewriting might fail to work on EX2300
Product-Group=junos
On EX2300-48 platforms with dual tags VLAN used, DSCP Rewriting might not work when QinQ traffic sent across different chip units (in Ex2300 one PFE has 2 chip units).
1598346 The backup VC member may not learn mac-address on a master after removing a VLAN unit from the SP style AE interface which is part of multiple VLAN units
Product-Group=junos
On EX2300/3400/4300MP/4400 and QFX5100/5110/5200 VC platforms, if removing a VLAN unit from the SP style AE interface which is part of multiple VLAN units, the backup member might not learn mac-address on a master and start processing packet to that mac as unknown unicast. In this case, flooding will happen in the VLAN which might cause traffic loss due to the limited bandwidth.
PR Number Synopsis Category: EX2300/3400 platform
1495564 Interface on platforms using Broadcom chipset might have abnormal status
Product-Group=junosvae
On EX, OCX or QFX based platforms using Broadcom chipset, with SFP+ installed, interface on the either end of the link might be in up/up status when TX or RX connector is removed. When this issue happens, traffic could be dropped if not rerouted.
1579576 Random/silent reboot might be seen on EX2300-24MP/EX2300-48MP platforms
Product-Group=junos
There is a defect in the current EX2300-MP FPGA code using FPGA Firmware version 2.9.0 (Rev 0x29), and it can cause 'Watchdog timeout' issue leading to device reset. EX2300-24MP/EX2300-48MP devices might be rebooted silently and randomly without generating a core file or any other erroneous messages due to this issue. Please refer to TSB18018 (https://kb.juniper.net/TSB18018) for more details.
PR Number Synopsis Category: MPC3/4/5/6E XQ Software
1464297 On the MX960 router, the following error message might be observed: SCHED L4NP[0] Parity errors.
Product-Group=junos
This PR along with an earlier PR1232952 address the issue completely, so JUNOS version in question should have fix for these two PRs to address this issue completely.
PR Number Synopsis Category: QFX PFE L2
1555862 LACP gets into detached state when deleting vlan on aggregate interface configured on SP style
Product-Group=junos
On QFX5k and EX46xx platforms, if vxlan and native-vlan-id are configured, LACP gets into detached state when deleting vlan on aggregate interface configured on SP style.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1552877 Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic (CVE-2021-0285)
Product-Group=junos
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss.
1566428 There might be traffic loss when GRE interface flaps on QFX platforms
Product-Group=junos
On QFX platforms with GRE (Generic Routing Encapsulation) configuration, stale entries are created in L3 egress table when the GRE interfaces flap and continuous flapping of the ports might cause L3 egress table exhaustion resulting in traffic drop.
1568533 The untagged packets might not work on EX Series platforms.
Product-Group=junos
On EX Series switches and the QFX5000 line of switches, if 'flexible-vlan-tagging', 'vlan-id-list' and 'native-vlan-id' are configured on the interface in SP style, the untagged packets that need to be egressed from this interface might be dropped by the peer device.
1573411 The GRE egress traffic might not be forwarded between the different routing instances.
Product-Group=junos
In a GRE tunnel in a routing instances scenario, if the next hop of the GRE tunnel destination is learned from the different routing instance (e.g. the next-hop is learned via leaked route), it might be rejected to be installed into the routing table. Then, the egress GRE traffic will not be forwarded via the egress physical interface. The GRE traffic might not be forwarded across the different routing instances.
PR Number Synopsis Category: Accounting Profile
1563641 The configuration archive transfer-on-commit fails when running Junos OS Release 18.2R3-S6.5.
Product-Group=junos
RI name array is not initialised properly in PFED. Hence RI name is not populated properly in the cfg_file due to this the archival is not getting pushed during commit.
PR Number Synopsis Category: ACX GE, 10GE, PoE, IDT framers
1570192 ACX resets tunable optics to default wavelength after upgrade/reboot
Product-Group=junos
On ACX1000/1100/2000/2100/2200/4000 platforms with 10G tunable optics, all the pre-configured wavelength values may be overwritten by the default wavelength if upgrading to 17.2R1 onward.
PR Number Synopsis Category: MX Layer 2 Forwarding Module
1462642 On MX Series router, the following logs are seen: L2ALD_MAC_IP_LIMIT_REACHED_IF: Limit on learned MAC+IP bindings reached for .local.1048605; current count is 1024.
Product-Group=junos
MX following logs seen L2ALD_MAC_IP_LIMIT_REACHED_IF: Limit on learned MAC+IP bindings reached for .local.1048605; current count is 1024
PR Number Synopsis Category: dynamic vlan creation and associated processing
1555216 The device takes 3/10 mins to bring up the 100/1000 subscribers
Product-Group=junos
On MX Series platforms in the subscriber scenario, the multiple agent-circuit-identifier (ACI) VLANs on a single static/dynamic VLANs might not take effect while setting the queue limit.
PR Number Synopsis Category: Junos Fusion Infrastructure
1454335 The SDPD generates core files at vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry.
Product-Group=junos
SDPD core found @ vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry on following triggers 1) Delete and add same SD device with some attribute change in single commit 2) Interchange slot id between two SD devices in single commit
PR Number Synopsis Category: BBE database related issues
1554539 The subscriber sessions might be missed but stay in the authd after performing ISSU
Product-Group=junos
In the subscriber management environment, the subscriber session might be missed in bbe-smgd (BBE system management daemon) but stay in authd (authentication daemon) after ISSU (In-Service Software Upgrade) or VC (Virtual Chassis) global switchover. Because there is no accounting session stop sent from bbe-smgd, the radius server does not clean up these forgotten sessions and this leads to radius free pool limits which have an impact on the subscribers.
PR Number Synopsis Category: Border Gateway Protocol
1492743 The BGP route-target family might prevent the route reflector from reflecting Layer 2 VPN and Layer 3 VPN routes.
Product-Group=junos
If the user only sets protocols bgp local-as <> without configuring routing-options autonomous-system <> or having a different autonomous-system number than local-as, the iBGP Route-Reflector (RR) will treat the route-target (RT) routes from iBGP neighbor PEs as an external prefix, and by default, the external peer number is limited to one for a given Route Target, in this case, the Route-Reflector might not reflect L2VPN and L3VPN prefixes to some iBGP clients advertised the same RT prefixes.
PR Number Synopsis Category: MX Platform SW - Power Management
1545838 FPC(s) may not boot-up on MX960/EX9214 in a certain condition
Product-Group=junos
On MX960/EX9214 platforms with high-capacity/normal-capacity power supplies, FPC(s) may fail to come online when the corresponding power is restored afterward but not present during the power-up stage.
PR Number Synopsis Category: Enhanced Broadband Edge support for cos
1591533 If the COS CR-features used by VBF service is configured, MPC may crash with subscriber
Product-Group=junos
On MX platforms with Next Generation Subscriber Management (Tomcat) enabled, if the COS CR-features (Classifier/Rewrite/Frag-map) are used by the VBF (Variable Based Flow) service, the MPC might crash in a rare case. The specific trigger is not known as this issue cannot be able to replicate.
PR Number Synopsis Category: QFX Access Control related
1587837 Process dot1xd crash might be seen and re-authentication may be needed on EX9208 platform
Product-Group=junos
On EX9208 platform with fusion scenario where around 30,000 mac-radius authenticated sessions are established, process dot1xd might crash and the users may need to have re-authentication due to relevant memory not getting freed when dot1x is deleted on any interface, which causes a memory leak and leads the crash.
PR Number Synopsis Category: MVRP
1582115 The voice VLAN might not get assigned to the access interface
Product-Group=junos
On all Junos platforms with Multiple VLAN Registration Protocol (MVRP) enabled, when VoIP is configured for the dynamically learned VLANs, the dynamically learned voice VLAN might not get attached to the access interface.
PR Number Synopsis Category: MX-ELM l2ng stormcontrol
1552815 The action-shutdown command of storm control does not work for the ARP broadcast packets.
Product-Group=junos
With knob 'action-shutdown' configured in storm control scenario, the interface will not go to shutdown state if ARP storm exceeds the configured limit. The excess packets will be dropped normally.
PR Number Synopsis Category: EVPN control plane issues
1521668 EVPN: Routing Table stuck in Deleted State in Kernel
Product-Group=junos
it is possible mesh-group goes away before NH deletion, this PR will fix NH deletion.
PR Number Synopsis Category: EX4400 platform
1573889 EX4400: Mgmt LEDs are not working as per expectations
Product-Group=junos
Below is the status of management LED when speed is set to: 1. 10m - Activity LED is not blinking when ping/traffic is runnig (instead it is remaining steady GREEN) 2. 100m - Activity LED is blinking without any ping/traffic.
PR Number Synopsis Category: Express PFE L2 fwding Features
1534340 The dcpfe process might crash and cause FPC to restart due to the traffic burst.
Product-Group=junos
The dcpfe process might crash on the QFX10002-60C/PTX10002-60C platform and might lead to FPC restart causing traffic loss. This issue is seen during traffic bursts on the device.
PR Number Synopsis Category: Enhanced Broadband Edge support for firewall
1531580 New subscribers might fail to connect due to "Filter index space exhausted" error
Product-Group=junos
In Junos OS Enhanced Subscriber Management software architecture, there is a code to manage list of freed filter indices. The current code only releases the freed filter indices when a subscriber logs out. However, if only address family bounces (like activating/deactivating family) or service activation/deactivation occurs but the subscriber does not log out, the filter allocation/deletion will happen, but the freed filter indices will not be released. This is more likely happen in a dual-stack subscriber scenario. This filter index leak issue could eventually result in filter index space being exhausted, thereby affecting the new subscriber session establishment. There are 4 million filter indices in the system, so the system can still work even with so many indices in pending state.
PR Number Synopsis Category: IDP on logical system
1561298 The idpd process might stop when committing IDP configuration under logical systems and tenant systems during RGs failover.
Product-Group=junos
On SRX Series devices, if there are a considerable number of Logical-systems/Tenants configured. The idpd process might crash if the IDP-related configuration under Logical-systems/Tenants is changed and committed repeatedly during Redundancy Groups(RGs) failover. It is suggested not to modify and commit the IDP-related configuration in that situation.
PR Number Synopsis Category: ISIS routing protocol
1542932 ISIS route convergence from L1 to L2 might take more than 10 minutes
Product-Group=junos
As design of ISIS, if a prefix is received from both L1 and L2, the prefix from L1 has priority and will be installed into routing table. If the L1 prefix is withdrawn, route convergence occurs immediately and the L2 prefix is installed into routing table instead in a very short time. The traffic destined to the prefix will not be impacted in this condition. However if this issue is hit, the route convergence from L1 to L2 might take more than 10 minutes, the route of the prefix does not exist in routing table during this period, and the traffic destined to the prefix will lose completely.
PR Number Synopsis Category: jdhcpd daemon
1525052 Memory leak in the jdhcpd process might be seen if access-profile is configured under the dhcp-relay or dhcp-local-server statement.
Product-Group=junos
With access-profile being configured under "forwarding-options dhcp-relay" or "system services dhcp-local-server" stanza, there might be memory leak in jdhcpd when DHCP request is processed. The leaked memory size for each processing will be the number of bytes equal to the length of the access profile.
1564434 Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash and restart. (CVE-2021-0240)
Product-Group=junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Please refer to https://kb.juniper.net/JSA11168 for more information.
PR Number Synopsis Category: Security platform jweb support
1511853 Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root. (CVE-2021-0278)
Product-Group=junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. Please refer to https://kb.juniper.net/JSA11182 for more information.
PR Number Synopsis Category: Layer 2 Control Module
1561235 The l2cpd process might generate a core file on reboot.
Product-Group=junos
When xSTP is used, the l2cpd core might be seen on reboot. This will be a one-time core and will not impact on functionality.
1583092 The l2ald crash if a specific naming format is applied between a vlan-range and a single vlan
Product-Group=junos
On all L2NG platforms (EX2300/EX3400/EX4300/EX4600/EX9200/QFX3500/QFX3600/QFX5100/QFX10000 etc.) with 'vlan-range' configured, if a single vlan is defined with the format [previously_defined_vlan_range_name]-vlan-[any_string_value]. When an interface already assinged to the vlan-range is trying to be assinged to the single vlan, the layer2 address learning daemon (l2ald) might crash.
PR Number Synopsis Category: Multicast Routing
1577461 Multicast traffic loss might be observed due to logical PIM decapsulation interface is not created as expected
Product-Group=junos
In multicast environment, with tunnel-services enabled on two PICs, the logical PIM decapsulation interface is not created after deleting/deactivating/restarting one of the PIC hosting the PIM decapsulation interface.
PR Number Synopsis Category: Multicast for L3VPNs
1591228 The ddos-protection reason "packets failed the multicast RPF check" may be seen in NG-MVPN scenario with GRE transport
Product-Group=junos
In Next Generation Multicast VPN scenario where GRE is used as a transport and router receives high amount of traffic via Inclusive PMSI without active multicast subscribers, the ddos-protection may be violated with "packets failed the multicast RPF check" reason.
PR Number Synopsis Category: Fabric Manager for MX
1482124 Fabric healing logic incorrectly makes all MPC line cards go offline in the MX2000 router while the hardware fault is located on one specific MPC line-card slot.
Product-Group=junos
In specific MPC hardware failure conditions within the MX2K platform, fabric healing will attempt to auto-heal the fault location in 3 phases to prevent traffic blackholing. If under such fault conditions only destination timeouts are reported without corresponding link errors, the fabric healing process might restart all MPCs in phase-2 in an auto-healing attempt and if the error condition appears again within 10 minutes the last phase-3 might offline all MPCs in the system. MX2K platform exposure with SFB2, SFB3. With SFB installed only if 'set chassis fabric disable-grant-bypass' is configured.
PR Number Synopsis Category: OS IPv4/ARP/ICMPv4
1527242 The rpd process might crash in a rare timing condition with logical system
Product-Group=junos
On all Junos platforms running with logical system, if a nexthop is created in logical system, and after that there is a route addition/modification outside logical system which modifies its own nexthop within the route addition context, this specific sequence might produce a mistake in the kernel cache. Due to this issue, the rpd process might crash when it requests for the affected nexthop again later.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1549754 While loading the kernel displays the following error message: GEOM: mmcsd0s.enh: corrupt or invalid GPT detected.
Product-Group=junos
While loading the kernel, user sees the message "GEOM: mmcsd0s.enh: corrupt or invalid GPT detected." This message has no impact on functionality.
1552952 The vme/me0 management interface cannot process any incoming packets.
Product-Group=junos
On EX2300/EX2300-MP/EX3400 platforms, when me0 interface is deleted and vme interface is configured, the device cannot process any incoming packet on vme/me0 management interface.
PR Number Synopsis Category: TCP/UDP transport layer
1527246 During RE switchover the new master RE may suddenly crash
Product-Group=junos
Due to a rare problem in TCP socket replication between routing engines and md5 digest processing on the backup RE in NSR configuration, the new master RE may crash during RE switchover.
1552603 The BGP session replication might fail to start after the session crashes on the backup Routing Engine.
Product-Group=junos
On certain Junos platforms with Dual-REs (platforms capable of installing Junos packages with name format as "junos*install"), BGP replication may fail to start under GRES/NSR setup after a crash on backup Routing Engine. NSR starts un-replicating the socket since backup Routing Engine is no longer present. Massive unreplicated request leads to memory buffer getting full with multiple BGP sessions (e.g., 20 BGP peers). Hence BGP unreplicated request returned with an error. Besides, the kernel is left with stale data. It does not allow the JSR (Juniper Socket Replication, BGP in this case) when backup RE comes up due to the stale data. BGP-NSR (Nonstop Routing) is broke under the conditions. Traffic outage will be observed after performing GRES.
PR Number Synopsis Category: Paradise pfe ddos protection feature
1564807 Junos OS: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine (CVE-2021-0280)
Product-Group=junos
On PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, DDoS protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Refer to https://kb.juniper.net/JSA11184 for more information.
PR Number Synopsis Category: Periodic Packet Management Daemon
1561850 The ppmd memory leak may cause traffic loss
Product-Group=junos
On all platforms, ppmd memory leak and then ppmd crash might happen, which may potentially cause traffic loss if process dfwd flap (maybe another name in Evolved system and performing restart firewall can achieve this). This is because that the old memory allocated for dfwd is not freed and the new memory is then allocated by ppmd during the flap.
PR Number Synopsis Category: Interface related issues. Port up/down, stats, CMLC , serdes
1475851 FPC major error is observed after system boots up or FPC restarts.
Product-Group=junos
FPC is reporting Major Error because of SHUTDOWN ERI failure during BIST with repair on HMC having FW version >= 0x9c. BIST with repair is incorporated during boot up, so this Major Error will be reported during boot up having FW>=0x9c on HMC. During debugging, its found that this ERI is getting issued even before the HMC was brought up which is resulting into this Error. So added bringup steps for HMC before the BIST procedure starts as done for vale-ptx.
PR Number Synopsis Category: analyzer on QFX 5100,5200, 5110
1576327 Analyzer is not working on all Junos QFX5K platforms
Product-Group=junos
On all Junos QFX5K platforms, when the ECMP(Equal-cost multipath) is enabled, the analyzer is remote switch port and the analyzer's next hop is IRB interfaces, the analyzer function may get failure.
PR Number Synopsis Category: Filters
1560243 The VXLAN queue DDos violation and RARP packets flood might happen if receiving the RARP packets more than the supported DDoS bandwidth
Product-Group=junos
In EVPN-VXLAN scenario, if receiving the RARP packets more than the supported DDoS bandwidth, some RARP packets are sent to VXLAN queue which is leading to VXLAN queue DDos violation and RARP packets flood.
PR Number Synopsis Category: QFX L2 PFE
1535555 The following Packet Forwarding Engine error message is observed in the BRCM-VIRTUAL: brcm_virtual_tunnel_port_create() ,489: Failed NW vxlan port token(45) hw-id(7026) status(Entry not found).
Product-Group=junos
On a QFX5110 or QFX5120, when the Type 5 tunnels are destroyed, sometime we can see error messages "brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found)". There is no functionality impact due to this.
PR Number Synopsis Category: QFX L3 data-plane/forwarding
1560161 Few IPv6 ARP ND fails after loading the base configurations.
Product-Group=junos
On QFX5000 switches, when configuring a VLAN ID for a VXLAN, we recommend using a VLAN ID of 3 or higher. If a VLAN ID of 2 is used, replicated broadcast, multicast, and unknown unicast (BUM) packets for these VXLANs might be untagged, which in turn might result in the packets being dropped by a device that receives the packets.
1563918 The route might not get installed in hardware if parity error occurs at the hardware memory location
Product-Group=junos
On QFX5100 with SDK version 6.3.7, the route might not get installed in hardware when parity error occurs at the same location where the route needs to be installed in hardware memory. The traffic related to this route will be impacted when the issue occurs.
1571671 Multicast traffic loss might be seen on certain EX/QFX/ACX platforms
Product-Group=junos
On EX4300/EX4600/QFX3500/QFX5100/ACX5048/ACX5096 platforms with multicast setup, multicast traffic loss might be seen in two cases. Case one, when policies with policer are applied to any of the filters. Case two, when policies with policer are existed then reboot the device.
PR Number Synopsis Category: QFX EVPN / VxLAN
1550020 The traffic will not be load-balanced properly in EVPN overlay-ecmp setup
Product-Group=junos
On QFX platforms with overlay-ecmp configuration for EVPN-VxLAN, the traffic might not get load-balanced correctly when multi traffic streams with different source address are sent across.
1567752 The DF(Designated Forwarder) might not forward traffic
Product-Group=junos
When the DF changes due to VNI changes, the DF might not forward traffic in all-active EVPN-VXLAN multihomed scenario.
1570136 THe dcpfe might crash if the TYPE-5 tunnel is failed to be installed for EVPN-VxLAN
Product-Group=junos
In the EVPN TYPE-5 route with VxLAN encapsulation scenario, the VxLAN tunnel might be created dynamically for the L2 Ethernet frame encapsulated data packet for the TYPE-5 route. If the TYPE-5 Tunnel is failed to be programmed on the PFE, the allocated memory might be freed, but the allocated tunnel info might not be removed from the local database. After that, when the new tunnel is created with the same NH ID (CNH index for programmed TYPE-5 tunnel), the conflict might happen between the newly allocated memory and the old local database of the TYPE-5 Tunnel, it might cause the dcpfe to crash.
1582017 The traffic may not be load-balanced properly in an EVPN overlay-ecmp setup
Product-Group=junos
On QFX5100/QFX5110/QFX5120/QFX5130 and EX4300/EX4600/EX4650 devices with overlay-ecmp configuration for EVPN-VxLAN, the traffic might not get load-balanced correctly when multi traffic streams with different source address are sent across the fabric.
PR Number Synopsis Category: KRT Queue issues within RPD
1549884 The rpd process might crash if performing multiple GRES
Product-Group=junos
On all Junos platforms with dual Routing Engines (REs), when performing multiple GRES, the rpd process might crash if RE switchover happens while the rpd process on backup RE (new master RE) is reading routes from the kernel. It is because it may not handle the route delete message correctly. As it is a timing issue, so the chance of occurrence for this issue increases in case of many routes with multiple GRES.
PR Number Synopsis Category: RPD route tables, resolver, routing instances, static routes
1482112 The rpd process might crash when deactivating logical systems.
Product-Group=junos
On all Junos platforms running with logical systems, if the logical systems get deactivated either by manually restarting the rpd process or by the deletion of the logical system configurations, the rpd process might crash in a race condition. It is a timing issue.
PR Number Synopsis Category: Resource Reservation Protocol
1555774 A new LSP might not be up even if bypass LSP is up and setup-protection is configured.
Product-Group=junos
When a bypass LSP is protecting the link or node in RSVP scenario, a new LSP may not go up even if "setup-protection" is configured and RSVP signals the LSP through the bypass LSP.
PR Number Synopsis Category: Issues related to control plane security
1439440 Mgd processes increases because the mgd processes are not closed properly.
Product-Group=junos
On SRX Series platforms, sometimes the mgd processes are not properly closed. As a result, many mgd instances are unnecessarily left running.
PR Number Synopsis Category: SNMP Infrastructure (snmpd, mib2d)
1458057 Junos OS: SNMP fails to properly perform authorization checks on incoming received SNMP requests (CVE-2021-0260)
Product-Group=junos
An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs that support write operations, against the device without authentication. Please refer to https://kb.juniper.net/JSA11151 for more information.
1536350 Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service (CVE-2021-0291)
Product-Group=junos
An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of specific traffic may lead to a partial Denial of Service (DoS) as the CPU utilization of the RE is significantly increased. Refer to https://kb.juniper.net/JSA11193 for more information.
PR Number Synopsis Category: SFW, CGNAT on MS-MIC/MS-MPC (XLP)
1566325 The mspmand crash might be seen on the PIC of MS-MPC/MS-MIC
Product-Group=junos
On MX platforms with MS-MPC/MS-MIC inserted, if EIM is configured under NAT, when on-fly NAT configuration change (i.e removal of NAT rule/Pool) happens, the mspmand crash might be seen. Traffic will be affected.
1574321 DS-Lite throughput degradation might be seen on MS-MPC
Product-Group=junos
On MX240, MX480, MX960, MX2008, MX2010 and MX2020 platforms with MS-MPC, when sending DS-Lite softwire session under heavy load in MS-MPC, throughput performance for DS-Lite in MS-MPC is dropped about 80 percent. Packets drop might be seen.
1593226 The TCP keepalive might not be processed by the private network host
Product-Group=junos
On MX platforms with MS-MPC and MS-MIC when tcp-tickle knob is enabled under services-options in DS-lite (Dual-Stack lite) with NAT scenario, the TCP keepalive might not be processed by the private network host and the purpose of TCP keepalive gets compromised.
PR Number Synopsis Category: SRX branch platforms
1572920 Traffic going through the VRRP interface might be dropped when VRRP enabled IRB interface goes down.
Product-Group=junos
On the SRX platform with multiple IRB interfaces belong to the same VRRP group ID, when one of the IRB interfaces down, it might cause traffic disruption going through Virtual IP (VIP) on another IRB interface.
PR Number Synopsis Category: MPC7/8/9 Interface Issues
1441816 Egress stream flush failure and traffic black hole might occur.
Product-Group=junos
Egress stream flush failure and silent dropping of traffic could occur in a rare occasion for a repeatedly flapping link on MPC7E, MPC8E, MPC9E cards, MX204 and MX10003.
PR Number Synopsis Category: MX10003/MX204 Platform SW - Chassisd s/w defects
1567479 The chassisd crash might be seen on MX platforms
Product-Group=junos
On MX platforms, in a rare scenario, the addition and deletion of interfaces might cause an increase in chassisd memory which eventually leads to chassisd crash. The critical memory threshold is 2-3 GB when the issue is seen. The CLI command "show system processes extensive" could be used to monitor the memory usage of chassisd.
PR Number Synopsis Category: Trio LU, IX, QX, MQ chip drivers, ucode & related SW
1550933 FPC might crash due to the errors triggered by microcode performance optimization operation in GUMEM
Product-Group=junos
The Ucode (microcode) performance measurement operation is used to monitor and assess the microcode performance on PFE, and the Ucode rebalance operation is used to instruct and optimize the microcode performance between Global Ucode Memory (GUMEM) and the Ucode memory (UMEM). Under very rare circumstances (e.g. GUMEM cache might not be flushed properly) with some specific line cards, when some errors happen on GUMEM for these Ucode operations and not be handled correctly, it might result in a CPU-HOG and FPC crash.
PR Number Synopsis Category: Trio pfe multicast software
1548806 The IIF-LIST APP DWORD leak is observed during the period of churn for the NGMVPN-MoFRR routes with sender-based-rpf enabled.
Product-Group=junos
IIF-LIST APP DWORD leak observed during the period of churn for NGMVPN-MoFRR routes with sender-based-rpf enabled. Two modes of NGMVPN namely SPT-ONLY and RPT-SPT are impacted.
PR Number Synopsis Category: DDos Support on MX
1562474 The DHCPv4 request packets might be wrongly dropped when DDoS attack occurs.
Product-Group=junos
On MX Series routers, T4000 devices, and EX9200 switches, end users or end hosts might not get an IPv4 address from the DHCP server when a distributed denial of service (DDoS) attack happens on DHCP rebind packets or renew packets. In this situation, end users and end hosts cannot access the network after the lease time of the IPv4 address expires.
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
1553577 The request system software validate on host command does not validate the correct configuration file.
Product-Group=junos
When using the "request system software validate on host username ", please use the latest os-package on remote host for it to properly use the configuration file sent from the host whose configuration file is being validated.
PR Number Synopsis Category: We can use this category for Host protocols (LACP, LAG, ARP)
1354452 The mib2d process generates core file in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing up the base traffic profile.
Product-Group=junos
mib2d core in mib2d_write_snmpidx at snmpidx_sync.c on both ADs while bringing
PR Number Synopsis Category: PTX10016 platform software
1554430 The link on the Linux based LC is not brought down immediately after the FPC process(ukern/indus.elf) crashes or the process is killed
Product-Group=junos
On Linux based line card, such as MPC7/8/9, MX204 and MX10003, the link on such FPC is not brought down immediately after the FPC process(ukern/indus.elf) crashes or the process is killed, which causes a much longer traffic loss on the peer end.
 

18.3R3-S5 - List of Known issues
PR Number Synopsis Category: SFI Infra-structure
1485038 The following error message is observed continuously in AD with base configurations: IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) failed.
Product-Group=junos
EX9251 : "IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) error message is observed continuously in AD with base configurations.
PR Number Synopsis Category: NFX Layer 3 Features Software
1437824 "LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified" messages seen while committing configurations
Product-Group=junos
"LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified" messages might be seen while committing CoS configurations on PTX/MX/NFX
PR Number Synopsis Category: QFX PFE L2
1575976 The DF might not forward BUM traffic on QFX5000 series switches
Product-Group=junos
If AE interfaces in SP style are configured with ESI, after deleting a couple of IFLS on the AE interface and then disable the member port of the AE interface on the peer, the DF might not forward BUM traffic from remote VTEP on QFX5000 Series switches.
PR Number Synopsis Category: JUNOS kernel/ukernel changes for ACX
1483959 On the ACX5048 router, traffic loss is observed during the unified ISSU upgrade.
Product-Group=junos
On ACX5048/ACX5096 platforms, there might be issues with packet processing on the interfaces post ISSU. The upgrade happens without any issue, however, after the upgrade, the ports does not get enabled in PFE (Packet Forwarding Engine) which might result in traffic loss. This issue is seen when an internal register value gets reset to 0 during ISSU.
PR Number Synopsis Category: ACX L2 related features
1565642 MAC aging might not work when there is active traffic destined to the MAC address on ACX platforms
Product-Group=junos
On certain ACX platforms, MAC address entries might not be deleted from the MAC table at the end of 'mac-table-aging-time' timer when there is active traffic destined to that MAC address. When the issue happens, it might reduce the number of new MAC addresses that can be learned. If the ethernet-switching table overflows, no new MAC addresses will be learned, which might cause traffic flooding.
PR Number Synopsis Category: Control Plane and Infrastructure for the Junos Fusion Enterprise
1188254 Junos Fusion Enterprise: LLDP might stop working if manually deactivated and reactivated
Product-Group=junos
On a Junos Fusion Enterprise, LLDP might stop working if it is reenabled after being manually disabled.
PR Number Synopsis Category: BBE Remote Access Server
1402653 The subscriber might need to take retry for login
Product-Group=junos
On all Junos platforms running in subscriber scenario with address pool configured, if the address pool has high usage so that only few addresses are free to allocate, when there are subscribers logout and login, the released address by one subscriber might get re-used and allocated to the other subscriber very soon. Due to this issue, syslog error messages might be seen, and the affected subscriber might need to take retry for login.
PR Number Synopsis Category: Covers Application classification workflows apart from custo
1526521 Sessions might hang when application-system-cache security-services is enabled
Product-Group=junos
On all SRX-series devices with application firewall configured, sessions might hang when application-system-cache security-services is enabled.
PR Number Synopsis Category: TCP/UDP transport layer
1595649 Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the kernel will crash and restart (vmcore) (CVE-2021-0283, CVE-2021-0284)
Product-Group=junos
A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). Please refer to https://kb.juniper.net/JSA11200 for more information.
PR Number Synopsis Category: PTX Broadway based PFE MPLS-LSPs RSVP VPNs tcc ccc software
1466659 IPv6 traffic might be dropped in a Layer 3 VPN network.
Product-Group=junos
On certain PTX and QFX platforms, IPv6 traffic might get affected in the L3VPN scenario between CEs.
PR Number Synopsis Category: vMX Data Plane Issues
1577616 Firewall filter actions "syslog" and "log" are not supported on MX150.
Product-Group=junos
Firewall filter actions "syslog" and "log" are not supported on MX150. They should not be used in the router configuration. Using the configuration might result in riot core dumps.
PR Number Synopsis Category: QFX EVPN / VxLAN
1561588 Dcpfe process might crash on after committing EVPN-VXLAN profile configuration and ARP resolution may fail causing traffic issues.
Product-Group=junos
Dcpfe process might crash on after committing EVPN-VXLAN profile configuration and ARP resolution may fail causing traffic issues.
PR Number Synopsis Category: show route table commands, tracing, and syslog facilities
1574497 PIM rib-group fails to be added in VRF.
Product-Group=junos
PIM rib-group failure to add in vrf - PIM: ribgroup vrf not usable in this context; all RIBs are not in instance
PR Number Synopsis Category: UI Infrastructure - mgd, DAX API, DDL/ODL
991081 The configuration change on Backup RE cannot be synchronized while deleting inactivated interfaces/routing-instances from master
Product-Group=junos
In the dual Routing Engine scenario, the backup Routing Engine does not sync up the configuration change while deleting an inactivated interface/routing-instances from the master. So after the operation, the inactivated interface/routing-instances still exists on the backup Routing Engine. This issue has been addressed via PR/1586229.
Modification History:
First. publication 2021-07-30
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search