Navigation  Back up to About Overview 
ContentIndex
  
[+] Expand All
[-] Collapse All

No index entries found.

Limitations in Junos OS Release 12.3 for EX Series Switches

This section lists the limitations in Junos OS Release 12.3 for EX Series switches. If the limitation is associated with an item in our bug database, the description is followed by the bug tracking number.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Access Control

  • On EX9200 switches, an LLDP neighbor is not formed for Layer 3 tagged interfaces, although peer switches are able to form the neighbor. [PR/848721: This is a known software limitation.]

Ethernet Switching and Spanning Trees

  • If the bridge priority of a VSTP root bridge is changed such that this bridge becomes a nonroot bridge, the transition might take more than 2 minutes, and you might see a loop during the transition. [PR/661691: This is a known software limitation.]
  • On EX9200 switches, MVRP does not propagate the dynamically learned VLAN information that is associated with trunk interfaces. [PR/840390, PR/848600: This is a known software limitation.]
  • On EX9200 switches, BFD on IRB interfaces flaps if BFD is configured for subsecond timers. [PR/844951: This is a known software limitation.]
  • On EX9200 switches running the VLAN Spanning Tree Protocol (VSTP), incoming BPDUs might not be included in the output of the show spanning-tree statistics interface command. [PR/847405: This is a known software limitation.]

Firewall Filters

  • On EX3200 and EX4200 switches, when a very large number of firewall filters are included in the configuration, it might take a long time, possibly a few minutes, for the egress filter rules to be installed. [PR/468806: This is a known software limitation.]
  • On EX3300 switches, if you add and delete filters with a large number of terms (on the order of 1000 or more) in the same commit operation, not all the filters are installed. As a workaround, add filters in one commit operation, and delete filters in a separate commit operation. [PR/581982: This is a known software limitation.]
  • On EX8200 switches, if you configure an implicit or explicit discard action as the last term in an IPv6 firewall filter on a loopback (lo0) interface, all the control traffic from the loopback interface is dropped. To prevent this, you must configure an explicit accept action. [This is a known software limitation.]
  • On EX9200 switches, you cannot configure VLAN firewall filters for traffic leaving a VLAN. [PR/850520: This is a known software limitation.]

Hardware

  • On 40-port SFP+ line cards for EX8200 switches, the LEDs on the left of the network ports do not blink to indicate that there is link activity if you set the speed of the network ports to 10/100/1000 Mbps. However, if you set the speed to 10 Gbps, the LEDs blink. [PR/502178: This is a known limitation.]
  • The Uplink Modules in EX3200 Switches topic notes the following behavior for the SFP and SFP+ uplink modules:
    • On an EX3200 switch, if you install a transceiver in an SFP uplink module, a corresponding network port from the last four built-in ports is disabled. For example, if you install an SFP transceiver in port 2 on the uplink module (ge-0/1/2) on 24-port models, then ge-0/0/22 is disabled. The disabled port is not listed in the output of show interfaces commands.
    • On an EX3200 switch, if you install a transceiver in an SFP+ uplink module when the uplink module is operating in 1-gigabit mode, a corresponding network port from the last four built-in ports is disabled. For example, if you install an SFP transceiver in port 2 on the uplink module (ge-0/1/2), then ge-0/0/22 is disabled. The disabled port is not listed in the output of show interfaces commands.

    However, if you install an SFP uplink module or an SFP+ uplink module when the SFP+ uplink module is operating in 1-gigabit mode and no transceiver is installed in the uplink module port, then all the network ports from the last four built-in ports are disabled and remain disabled until you reboot the switch.

    If transceivers are installed in the uplink module ports, then only the corresponding built-in network ports are disabled and are not displayed in the output of show interfaces commands.

    [PR/686467: This is a known limitation.]

  • You cannot connect EX2200-12P switches to some vendors’ prestandard IP phones with a straight cable. As a workaround, use a crossover cable. [PR/726929: This is a known limitation.]

High Availability

  • You cannot verify that nonstop bridging (NSB) is synchronizing Layer 2 protocol information to the backup Routing Engine even when NSB is properly configured. [PR/701495: This is a known software limitation.]
  • On EX Series Virtual Chassis using nonstop software upgrade (NSSU) to upgrade from Junos OS Release 11.2 or earlier to Junos OS Release 11.3 or later, after the NSSU operation finishes, the same MAC address might be assigned to multiple Layer 2 or aggregated Ethernet interfaces on different member switches within the Virtual Chassis. To set all Layer 2 and aggregated Ethernet ports to have unique MAC addresses, reboot the Virtual Chassis after the upgrade operation. To avoid these MAC address assignment issues, upgrade to Junos OS Release 11.3 or later without performing an NSSU operation. Unique MAC address assignment for Layer 2 and aggregated Ethernet interfaces in a Virtual Chassis was introduced in Junos OS Release 11.3. If you are upgrading to Junos OS Release 11.2 or earlier, you should expect to see the same MAC address assigned to multiple ports on different member switches within the Virtual Chassis. [PR/775203: This is a known software limitation.]

Infrastructure

  • Do not use nonstop software upgrade (NSSU) to upgrade the software on an EX8200 switch from Junos OS Release 10.4 to Junos OS Release 11.1 or later if you have configured the PIM, IGMP, or MLD protocols on the switch. If you attempt to use NSSU, your switch might be left in a nonfunctional state from which it is difficult to recover. If you have these multicast protocols configured, use the request system software add command to upgrade the software on an EX8200 switch from Junos OS Release 10.4 to Release 11.1 or later. [This is a known software limitation.]
  • On EX Series switches, the show snmp mib walk etherMIB command does not display any output, even though the etherMIB is supported. This occurs because the values are not populated at the module level—they are populated at the table level only. You can issue the show snmp mib walk dot3StatsTable, show snmp mib walk dot3PauseTable, and show snmp mib walk dot3ControlTable commands to display the output at the table level. [This is a known software limitation.]
  • Momentary loss of an inter-Routing Engine IPC message might trigger an alarm that displays the message Loss of communication with Backup Routing Engine. However, no functionality is affected. [PR/477943: This is a known software limitation.]
  • Routing between virtual-routing instances for local direct routes is not supported. [PR/490932: This is a known software limitation.]
  • On EX4500 switches, the maintenance menu is not disabled even if you include the lcd maintenance-menu disable statement in the configuration. [PR/551546: This is a known software limitation.]
  • When you enable the filter-id attribute on the RADIUS server for a particular client, none of the required 802.1X authentication rules are installed in the IPv6 database. Therefore, IPv6 traffic on the authenticated interface is not filtered; only IPv4 traffic is filtered on that interface. [PR/560381: This is a known software limitation.]
  • On EX8200 switches, if OAM link fault management (LFM) is configured on a member of a VLAN on which Q-in-Q tunneling is also enabled, OAM PDUs are not transmitted to the Routing Engine. [PR/583053: This is a known software limitation.]
  • When you reconfigure the maximum transmission unit (MTU) value of a next hop more than eight times without restarting the switch, the interface uses the maximum value of the eight previously configured values as the next MTU value. [PR/590106: This is a known software limitation.]
  • On EX8208 and EX8216 switches that have two Routing Engines, one Routing Engine cannot be running Junos OS Release 10.4 or later while the other one is running Release 10.3 or earlier. Ensure that both Routing Engines in a single switch run either Release 10.4 or later or Release 10.3 or earlier. [PR/604378: This is a known software limitation.]
  • On EX9200 switches, if you configure DHCP relay on an integrated routing and bridging (IRB) interface, DHCP relay does not perform binding on the client's DHCP Discover messages. As a workaround, configure the relay agent by using the BOOTP helper in the [edit forwarding-options helpers] hierarchy level. [PR/847772: This is a known software limitation.]
  • On EX4550 switches, you might see the message UI_OPEN_TIMEOUT: Timeout connecting to peer 'dhcp', and the message might appear even though you have not configured DHCP services. The operation of the switch is not affected, and you can ignore the message. [PR/895320: This is a known software limitation.]
  • On EX Series switches, if two interface ranges are configured on the same access interface with different VLANs for each range, the commit check shows a successful commit instead of detecting an error in the configuration. [PR/957178]
  • On EX9200 switches, an SRAM parity error might be logged during normal operation. This behavior is expected. You can ignore the error as long as you do not see large numbers of error messages. [PR/958661: This is a known software limitation.]

Interfaces

  • EX Series switches do not support IPv6 interface statistics. Therefore, all values in the output of the show snmp mib walk ipv6IfStatsTable command always display a count of 0. [PR/480651: This is a known software limitation.]
  • On EX8216 switches, a link might go down momentarily when an interface is added to a LAG. [PR/510176: This is a known software limitation.]
  • On EX Series switches, if you clear LAG interface statistics while the LAG is down, then bring up the LAG and pass traffic without checking for statistics, and finally bring the LAG interface down and check interface statistics again, the statistics might be inaccurate. As a workaround, use the show interfaces interface-name command to check LAG interface statistics before bringing down the interface. [PR/542018: This is a known software limitation.]
  • In some instances on an EX9200 switch, tagged traffic is not dropped on access interfaces even though the traffic is processed in the correct VLAN (the VLAN to which the access port belongs). If the packet exits the switch on a trunk port, the packet might be tagged twice. [PR/838597: This is a known software limitation.]
  • On an EX9200 switch with a single Routing Engine, when the Routing Engine is rebooted, the interfaces do not immediately shut down. In this case, use the set chassis power-off-ports-on-no-master-re command with the enable or disable option. [PR/843743: This is a known software limitation.]
  • On EX9200 switches, after you perform an online insertion of a QSFP+ transceiver in a 40-Gigabit Ethernet interface, the interface might take more than 10 to 15 seconds to come up. [PR/847186: This is a known software limitation.]
  • On EX9200 switches, dynamic ARP resolution is not supported over interchassis control links (ICLs). As a workaround, configure static ARP on both ends of the ICL. [PR/850741: This is a known software limitation.]
  • On EX Series switches, member links within the same link aggregation group (LAG) bundle must be configured to operate at the same speed. The default interface speed for RJ-45 BASE-T copper interfaces on an EX4550 switch is 10 gigabits per second (Gbps). The default interface speed for RJ-45 BASE-T copper interfaces on all other EX Series switches is 1 Gbps. You must, therefore, configure the RJ-45 BASE-T copper interfaces on an EX4550 switch to 1 Gbps using the set interfaces xe-x/y/z ether-options speed 1g command when you create a static LAG between RJ-45 BASE-T copper interfaces on an EX4550 switch and RJ-45 BASE-T copper interfaces on any other EX Series switch. [PR/940027: This is a known software limitation.]
  • For aggregated Ethernet interfaces on EX Series switches, the traffic statistics fields in show interfaces commands do not include broadcast packet information. Also, for aggregated Ethernet interfaces, the SNMP counters ifHCInBroadcastPkts and ifInBroadcastPkts are not supported. The counter values are always 0. [This is a known software limitation.]
  • On EX9200 switches, the CLI command set interfaces interface-name speed auto-10m-100m is not supported. [This is a known software limitation.]

J-Web Interface

  • In the J-Web interface, you cannot commit some configuration changes in the Ports Configuration page or the VLAN Configuration page because of the following limitations for port-mirroring ports and port-mirroring VLANs:
    • A port configured as the output port for an analyzer cannot be a member of any VLAN other than the default VLAN.
    • A VLAN configured to receive analyzer output can be associated with only one interface.

    [PR/400814: This is a known software limitation.]

  • In the J-Web interface, the Ethernet Switching Monitor page (Monitor > Switching > Ethernet Switching) might not display monitoring details if the switch has more than 13,000 MAC entries. [PR/425693: This is a known software limitation.]
  • On EX Series switches, when you use the Microsoft Internet Explorer browser to open reports from the following pages in the J-Web interface, the reports open in the same browser session:
    • Files page (Maintain > Files)
    • History page (Maintain > Config Management > History)
    • Port Troubleshooting page (Troubleshoot > Troubleshoot > Troubleshoot Port)
    • Static Routing page (Monitor > Routing > Route Information)
    • Support Information page (Maintain > Customer Support > Support Information)
    • View Events page (Monitor > Events and Alarms > View Events)

    [PR/433883: This is a known software limitation.]

  • In the J-Web interface, if you open configuration pages for class-of-service (CoS) classifiers and drop profiles (Configure > Class of Service > Classifiers and Configure > Class of Service > Drop Profile), and then exit the pages without editing the configuration, no validation messages are displayed and the configuration of the switch proceeds. [PR/495603: This is a known software limitation.]
  • In the J-Web interface for EX4500 switches, the Ports Configuration page (Configure > Interfaces > Ports), the Port Security Configuration page (Configure > Security > Port Security), and the Filters Configuration page (Configure > Security > Filters) display features that are not supported on EX4500 switches. [PR/525671: This is a known software limitation.]
  • When you use an HTTPS connection in the Microsoft Internet Explorer browser to save a report from the following pages in the J-Web interface, the error message Internet Explorer was not able to open the Internet site is displayed on the following pages:
    • Files page (Maintain > Files)
    • History page (Maintain > Config Management > History)
    • Port Troubleshooting page (Troubleshoot > Troubleshoot > Troubleshoot Port)
    • Static Routing page (Monitor > Routing > Route Information)
    • Support Information page (Maintain > Customer Support > Support Information)
    • View Events page (Monitor > Events and Alarms > View Events)

    [PR/542887: This is a known software limitation.]

  • If you insert four or more EX8200-40XS line cards in an EX8208 or EX8216 switch, the Support Information page (Maintain > Customer Support > Support Information) in the J-Web interface might fail to load because the configuration might be larger than the maximum size of 5 MB. The error message that appears is Configuration too large to handle. [PR/552549: This is a known software limitation.]
  • If you have accessed the J-Web interface using an HTTPS connection through the Microsoft Internet Explorer Web browser, you might not be able to download and save reports from some pages on the Monitor, Maintain, and Troubleshoot tabs. Some affected pages are at these locations:
    • Maintain > Files > Log Files > Download
    • Maintain > Config Management > History
    • Maintain > Customer Support > Support Information > Generate Report
    • Troubleshoot > Troubleshoot Port > Generate Report
    • Monitor > Events and Alarms > View Events > Generate Report
    • Monitor > Routing > Route Information > Generate Report

    As a workaround, use the Mozilla Firefox Web browser to download and save reports using an HTTPS connection. [PR/566581: This is a known software limitation.]

  • The J-Web interface does not support role-based access control; it supports only users in the super-user authorization class. So a user who is not in the super-user class, such as a user with view-only permission, is able to launch the J-Web interface and is allowed to configure everything, but the configuration fails on the switch, and the switch displays access permission errors. [PR/604595: This is a known software limitation.]
  • In mixed EX4200 and EX4500 Virtual Chassis, the J-Web interface does not list the features supported by the backup or linecard members. Instead, it lists only the features supported by the master. [PR/707671: This is a known software limitation.]
  • After you remove or reboot a Virtual Chassis member (either the backup or a member in the linecard role), when you click other members in the J-Web interface, the chassis view for those members might not expand, and the dashboard might log the following error: stackImg is null or not an object. As a workaround, manually refresh the dashboard. [PR/771415: This is a known software limitation.]
  • If a Virtual Chassis contains more than six members, the Support Information page (Maintain > Customer Support > Support information) might not load. [PR/777372: This is a known software limitation.]
  • On EX Series Virtual Chassis that have more than five members, logging in to the J-Web dashboard might take more than 30 seconds. [PR/785300: This is a known software limitation.]
  • In the J-Web interface on EX Series switches, you cannot initially configure the OSPFv3 protocol by using the point-and-click function (Configure > Point&Click > Protocols > Configure > Ospf3). As a workaround, configure OSPFv3 options by using the CLI. You can then view and edit the OSPFv3 parameters by using the point-and-click function in the J-Web interface. [PR/857540: This is a known software limitation.]
  • For EX Series switches, in the J-Web interface, the username field on the Login screen does not accept HTML tags or the < and >characters. The following error message appears: A username cannot include certain characters, including < and >. [This is a known software limitation.]
  • When you use an HTTPS connection in the Microsoft Internet Explorer browser to save a report from some pages in the J-Web interface, the error message Internet Explorer was not able to open the Internet site is displayed. This problem occurs because the Cache-Control: no cache HTTP header is added on the server side, and Internet Explorer does not allow you to download the encrypted file with the Cache-Control: no cache HTTP header set in the response from the server.

    As a workaround, refer to Microsoft Knowledge Base article 323308, which is available at http://support.microsoft.com/kb/323308. Alternatively, use HTTP in the Internet Explorer browser or use HTTPS in the Mozilla Firefox browser to save a file from one of these pages. [This is a known software limitation.]

  • On EX2200-C switches, both the copper and the fiber uplink ports display as connected in the J-Web dashboard if either is connected. [PR/862411: This is a known software limitation.]

Layer 2 and Layer 3 Protocols

  • On EX3200 and EX4200 switches, MPLS is not supported on Layer 3 tagged subinterfaces and routed VLAN interfaces (RVIs), even though the CLI allows you to commit a configuration that enables these features. [PR/612434: This is a known software limitation.]

Management and RMON

  • On EX Series switches, an SNMP query fails when the SNMP index size of a table is greater than 128 bytes, because the Net SNMP tool does not support SNMP index sizes greater than 128 bytes. [PR/441789: This is a known software limitation.]
  • When MVRP is configured on a trunk interface, you cannot configure connectivity fault management (CFM) on that interface. [PR/540218: This is a known software limitation.]
  • The connectivity fault management (CFM) process (cfmd) might create a core file. [PR/597302: This is a known software limitation.]

Multicast Protocols

  • When multicast traffic is transiting an EX8200 switch during a nonstop software upgrade (NSSU) or after multiple graceful Routing Engine switchover (GRES) operations, a kernel panic might occur on a new master Routing Engine, causing the string rn_clone_unwire parent unreferenced to be displayed . [PR/734295: This is a known software limitation.]
  • On EX9200 switches, multicast traffic might be momentarily duplicated on an mrouter port (the port that connects to a multicast router) when a new member is added to an aggregated Ethernet bundle (or link aggregation group [LAG]) and when that new member is in the Detached state. [PR/848390: This is a known software limitation.]

Software Installation and Upgrade

  • On EX4200 switches, when you upgrade Junos OS, the software build-time date might be reset. [PR/742861: This is a known software limitation.]

Virtual Chassis

  • A standalone EX4500 switch on which the PIC mode is set to virtual-chassis has less bandwidth available for network ports than that available for a standalone EX4500 switch on which PIC mode is set to intraconnect. The network ports on a standalone EX4500 switch that has a virtual-chassis PIC mode setting often do not achieve line-rate performance.

    The PIC mode on an EX4500 switch might have been set to virtual-chassis in one of the following ways:

    • The switch was ordered with a Virtual Chassis module installed and thus has its PIC mode set to virtual-chassis by default.
    • You entered the request chassis pic-mode virtual-chassis operational mode command to configure the switch as a member of a Virtual Chassis.

    To check the PIC mode for an EX4500 switch that has a Virtual Chassis module installed in it, use the show chassis pic-mode command.

    You must always set the PIC mode on a standalone EX4500 switch to intraconnect. Set the PIC mode to intraconnect by entering the request chassis pic-mode intraconnect operational mode command.

    [This is a known software limitation.]

  • The automatic software update feature is not supported on EX4500 switches that are members of a Virtual Chassis. [PR/541084: This is a known software limitation.]
  • When an EX4500 switch becomes a member of a Virtual Chassis, it is assigned a member ID. If that member ID is a nonzero value, then if that member switch is downgraded to a software image that does not support Virtual Chassis, you cannot change the member ID to 0. A standalone EX4500 switch must have a member ID of 0. The workaround is to convert the EX4500 Virtual Chassis member switch to a standalone EX4500 switch before downgrading the software to an earlier release, as follows:
    1. Disconnect all Virtual Chassis cables from the member to be downgraded.
    2. Convert the member switch to a standalone EX4500 switch by issuing the request virtual-chassis reactivate command.
    3. Renumber the member ID of the standalone switch to 0 by issuing the request virtual-chassis renumber command.
    4. Downgrade the software to the earlier release.

    [PR/547590: This is a known software limitation.]

  • When you add a new member switch to an EX4200 Virtual Chassis, EX4500 Virtual Chassis, or mixed EX4200 and EX4500 Virtual Chassis in a ring topology, a member switch that was already part of the Virtual Chassis might become nonoperational for several seconds. The member switch returns to the operational state with no user intervention. Network traffic to the member switch is dropped during the downtime. To avoid this issue, follow this procedure:
    1. Cable one dedicated or user-configured Virtual Chassis port (VCP) on the new member switch to the existing Virtual Chassis.
    2. Power on the new member switch.
    3. Wait for the new switch to become operational in the Virtual Chassis. Monitor the show virtual-chassis command output to confirm the new switch is recognized by the Virtual Chassis and is in the Prsnt state.
    4. Cable the other dedicated or user-configured VCP on the new member switch to the Virtual Chassis.

    [PR/591404: This is a known software limitation.]

  • On EX4550 Virtual Chassis, the output of the CLI command show virtual-chassis vc-port shows the speed of dedicated Virtual Chassis ports (VCPs) to be 32G and bidirectional, while it is actually 16G and unidirectional. [PR/913523: This is a known software limitation.]

Related Documentation

Modified: 2016-06-09