Your attempt to log in to the router from
a management device through FTP or Telnet might fail if you type your
username and password in quick succession before the prompt is displayed,
in some operating systems. As a workaround, type your username and
password after getting the prompts. [PR/255024]
Chassis Cluster
In a chassis cluster, the show interface
terse command on the secondary Routing Engine does not display
the same details as that of the primary Routing Engine. [PR/237982]
Because the clear security alg sip
call command triggers a SIP RTO to synchronize sessions in a
chassis cluster, use of the command on one node with the node-id, local, or primary option might result in a SIP
call being removed from both nodes. [PR/263976]
When a new redundancy group is added to
a chassis cluster, the node with lower priority might be elected as
primary when the preempt option is not enabled for the nodes
in the redundancy group. [PR/265340]
When you commit a configuration for a
node belonging to a chassis cluster, all the redundancy groups might
fail over to node 0. If graceful protocol restart is not configured,
the failover can destabilize routing protocol adjacencies and disrupt
traffic forwarding. To allow the commit operation to take place without
causing a failover, we recommend that you use the set chassis
cluster heartbeat-threshold 5 command on the cluster. [PR/265801]
In a chassis cluster, a high load of SIP
ALG traffic might result in some call leaks in active resource manager
groups and gates on the backup router. [PR/268613]
In a chassis cluster, J-Web does not enable you to configure
the address book. We recommend that you use the command-line interface
(CLI) to configure the address book. [PR/281986]
Class of Service
J4350 and J6350 Services
Routers might not have the requisite data buffers needed to meet expected
delay-bandwidth requirements. Lack of data buffers might degrade CoS
performance with smaller-sized (500 bytes or less) packets. [PR/73054]
With a CoS configuration, when you try
to delete all the flow sessions using the clear security flow
session command, the WX application acceleration platform may
fail over with heavy traffic. [PR/273843]
In J2350 Services Routers, the CoS does not work when
the data sent to the egress GE interface is more than 100 MB. [PR/281367]
Enhanced switching
In case of traffic going through one of
the ports of a LAG running LACP, any change in remote port (for example,
port going down) does not change the distribution of traffic at the
local switch. [PR/292136]
When a native VLAN is removed from a port,
it still accepts untagged traffic and untagged traffic is still transmitted
out of it. Restarting chassisd corrects this behavior. [PR/299961]
If the access port is tagged with the
same VLAN that is configured at the port, the access port accepts
tagged packets and determines the MAC. [PR/302635]
Flow
OSPF over GRE over IPsec does not work.
[PR/105279]
In JUNOS software with enhanced services,
the TTL value on the Internet control message protocol (ICMP) responses
is set to 65. [PR/233844]
Even when forwarding options are set to
drop packets for the ISO protocol family, the router forms End System-to-Intermediate
System (ES-IS) adjacencies and transmits packets because ES-IS packets
are Layer 2 terminating packets. [PR/252957]
OSPF over a multipoint interface connected as a hub-and-spoke
network does not restart when a new path is found to the same destination.
[PR/280771]
On J-series Services Routers, outbound
filters will be applied twice for host-generated IPv4 traffic. [PR/301199]
When route aggregation is configured,
the source mask length and the destination AS fields in the CFLOW
record will be 0. [PR/308083]
When RPF processes configuration changes,
it prunes all the previously joined multicast flows and immediately
rejoins them, causing momentary multicast traffic interruption. [PR/309904]
Infrastructure
On J-series Services Routers,
you cannot use a USB device that provides U3 features (such as the
U3 Titanium device from SanDisk Corporation) as the media device during
system boot. You must remove the U3 support before using the device
as a boot medium. For the U3 Titanium device, you can use the U3 Launchpad
Removal Tool on a Windows-based system to remove the U3 features.
The tool is available for download at http://www.sandisk.com/Retail/Default.aspx?CatID=1415. (To restore the U3 features, use the U3 Launchpad Installer Tool
accessible at http://www.sandisk.com/Retail/Default.aspx?CatID=1411). [PR/102645]
If the router does not have an ARP entry
for an IP address, it drops the first packet from itself to that IP
address. [PR/233867]
On J2320, J2350,
J4350, and J6350 Services Routers, when you press the F10 key to save
and exit from BIOS configuration mode, the operation might not work
as expected. As a workaround, use the Save and Exit option from the Exit menu. This
issue can be seen on the J4350 and J6350 routers with BIOS Version
080011 and on the J2320 and J2350 routers with BIOS Version 080012.
[PR/237721]
On J2320, J2350,
J4350, and J6350 Services Routers, the Clear NVRAM option in
the BIOS configuration mode does not work as expected. This issue
can be seen on the J4350 and J6350 routers with BIOS Version 080011
and on the J2320 and J2350 routers with BIOS Version 080012. To help
mitigate this issue, note any changes you make to the BIOS configuration
so that you can revert to the default BIOS configuration as needed.
[PR/237722]
If you enable security trace options,
the log file might not be created in the default location at /var/log/security-trace. As a workaround, manually set the log file to the directory /var/log/security-trace. [PR/254563]
Interfaces and Chassis
The link status of the onboard Gigabit
Ethernet interfaces (ge-0/0/0 through ge-0/0/3)
or the 1-port Gigabit Ethernet ePIM interface on J4350 and J6350 Services Routers
fails when you configure these interfaces in loopback mode. [PR/72381]
Routing
Asymmetric routing, such as tracing
a route to a destination behind J-series routers running JUNOS software
with enhanced services with Virtual Router Redundancy Protocol (VRRP),
does not work. [PR/237589]
System
The ping status of the generic routing interfaces (gr-x/y/x)
connection established through ISDN simulator fails. As a workaround,
deactivate and reactivate the generic routing interfaces. [PR/282588]
VPN
The proxy-identity statement is valid for route-based
VPN configuration only. Policy-based VPN does not support the proxy-identity
statement. [PR/296468]
WXC Integrated Services Module
When two J-series routers with WXC Integrated Services Modules
(WXC ISM 200s) installed are configured as peers, traceroute fails
if redirect-wx is configured on both peers. [PR/227958]
JUNOS software with enhanced services
does not support policy-based VPN with WXC Integrated Services Modules
(WXC ISM 200s). [PR/281822]
Resolved Issues
Authentication
During user authentication, the firewall
authentication table in the output of the security firewall-authentication
users command displayed multiple failures even though the network
table in the output of show network-access requests statistics showed successful authentications. [PR/250780: This issue has been
resolved.]
Chassis Cluster
In a chassis cluster, CA certificate enrollment
from the secondary Routing Engine did not work. [PR/278420: This issue
has been resolved.]
