Outstanding Issues in JUNOS Software Release 9.5 for J-series
Services Routers
Application Layer Gateways (ALGs)
On J2350 Services Routers, an SCCP call cannot be set up after
disabling and enabling SCCP ALG. The call does not go through. [PR/409586]
Authentication
In some operating systems, your attempt
to log in to the router from a management device through FTP or Telnet
might fail if you type your username and password in quick succession
before the prompt is displayed. As a workaround, type your username
and password after getting the prompt. [PR/255024]
Chassis Cluster
In a chassis cluster, the show interface terse command
on the secondary Routing Engine does not display the same details
as that of the primary Routing Engine. [PR/237982]
On J4350 Services Routers, because the clear security alg
sip call command triggers a SIP RTO to synchronize sessions in
a chassis cluster, use of the command on one node with the node-id, local, or primary option might result in a SIP
call being removed from both nodes. [PR/263976]
When a new redundancy group is added to a chassis cluster, the
node with lower priority might be elected as primary when the preempt option is not enabled for the nodes in the redundancy
group. [PR/265340]
When you commit a configuration for a node belonging to a chassis
cluster, all the redundancy groups might fail over to node 0. If graceful
protocol restart is not configured, the failover can destabilize routing
protocol adjacencies and disrupt traffic forwarding. To allow the
commit operation to take place without causing a failover, we recommend
that you use the set chassis cluster heartbeat-threshold 5 command on the cluster. [PR/265801]
In a chassis cluster, J-Web does not enable you to commit
any configuration. We recommend that you use the command-line interface
(CLI) for configuration. [PR/281986]
In a chassis cluster,
a high load of SIP ALG traffic might result in some call leaks in
active resource manager groups and gates on the backup router. [PR/268613]
On J2300, J2320, J2350, J4350, and J6350 Services Routers, in
an active/active chassis cluster, when the fabric link fails and then
recovers, services with a short time-to-live, such as ALG
FTP, stop working. [PR/419095]
On J4350 Services Routers in a chassis cluster, the FTP session
is lost after Routing Engine failover, although it still exists on
the DUT active session. [PR/432203]
Class of Service
J4350 and J6350 Services
Routers might not have the requisite data buffers needed to meet expected
delay-bandwidth requirements. Lack of data buffers might degrade CoS
performance with smaller-sized (500 bytes or less) packets. [PR/73054]
With a CoS configuration, when you try
to delete all the flow sessions using the clear security flow
session command, the WX application acceleration platform might
fail over with heavy traffic. [PR/273843]
Enhanced switching
If the access
port is tagged with the same VLAN that is configured at the port,
the access port accepts tagged packets and determines the MAC. [PR/302635]
VLAN output traffic statistics are not
being updated. [PR/305845]
Flow and Processing
On J2350, J4350, and J6350 Services Routers, OSPF over GRE over
IPsec does not work. [PR/105279]
In JUNOS software, the TTL value on the
Internet control message protocol (ICMP) responses is set to 65. [PR/233844]
Even when forwarding options are set to
drop packets for the ISO protocol family, the router forms End System-to-Intermediate
System (ES-IS) adjacencies and transmits packets because ES-IS packets
are Layer 2 terminating packets. [PR/252957]
OSPF over a multipoint interface connected as a hub-and-spoke
network does not restart when a new path is found to the same destination.
[PR/280771]
On J-series Services Routers, outbound filters will be applied
twice for host-generated IPv4 traffic. [PR/301199]
On J6350 Services Routers, when a basic SCCP call is made and
the primary node is rebooted when the call is active, call information
hot sync fails. The log on secondary node shows that the SCCP call
information is not sychronized correctly, while the rm session will
be synchronized successfully. [PR/426289]
On J-series Services Routers, NAT traffic that is going to the
WXC ISM 200 and returning back in clear (that is, not accelerated
by the WXC ISM 200) does not work. [PR/438152]
Infrastructure
On J-series Services Routers,
you cannot use a USB device that provides U3 features (such as the
U3 Titanium device from SanDisk Corporation) as the media device during
system boot. You must remove the U3 support before using the device
as a boot medium. For the U3 Titanium device, you can use the U3 Launchpad
Removal Tool on a Windows-based system to remove the U3 features.
The tool is available for download at http://www.sandisk.com/Retail/Default.aspx?CatID=1415. (To restore the U3 features, use the U3 Launchpad Installer Tool
accessible at http://www.sandisk.com/Retail/Default.aspx?CatID=1411). [PR/102645]
If the device does not have an ARP entry
for an IP address, it drops the first packet from itself to that IP
address. [PR/233867]
On J2320, J2350,
J4350, and J6350 Services Routers, when you press the F10 key to save
and exit from BIOS configuration mode, the operation might not work
as expected. As a workaround, use the Save and Exit option
from the Exit menu. This issue can be seen on the J4350 and
J6350 routers with BIOS Version 080011 and on the J2320 and J2350
routers with BIOS Version 080012. [PR/237721]
On J2320, J2350,
J4350, and J6350 Services Routers, the Clear NVRAM option in
the BIOS configuration mode does not work as expected. This issue
can be seen on the J4350 and J6350 routers with BIOS Version 080011
and on the J2320 and J2350 routers with BIOS Version 080012. To help
mitigate this issue, note any changes you make to the BIOS configuration
so that you can revert to the default BIOS configuration as needed.
[PR/237722]
If you enable security trace options,
the log file might not be created in the default location at /var/log/security-trace. As a workaround, manually set the log file to the directory /var/log/security-trace. [PR/254563]
Interfaces and Routing
The link status
of the onboard Gigabit Ethernet interfaces (ge-0/0/0 through ge-0/0/3) or the 1-port Gigabit Ethernet ePIM interface on J4350
and J6350 Services Routers fails when you configure these interfaces
in loopback mode. [PR/72381]
Asymmetric routing, such as tracing a route to a destination
behind J-series routers running JUNOS software with Virtual Router
Redundancy Protocol (VRRP), does not work. [PR/237589]
On J2320 Services Routers, when you enable the DHCP client, the
default route is not added to route-table. [PR/296469]
On J2320, J2350, J4350, and J6350 Services Routers, boadcast TFTP
is not supported when flow is enabled on the device. [PR/391399]
On J-series Services Routers, the RPM operation will not work
for the probe-type tcp-ping when the probe is configured
with the option destination-interface. [PR/424925]
J2350 Services Routers configured as a DHCP client will not receive
the DNS server IP address passed on by the DHCP server. Without name-server,
license updates, and AV attack object, updates will fail. [PR/428445]
On J2300, J2320, J2350, J4350, and J6350 Services Routers, doing an redundancy group 0 failover
with 1000 ifls on the reth interface causes replication errors
that causes ksyncd to generate a core file. [PR/428636]
J-Web
On J4350 Services Routers, when the user adds LACP interface
details, a pop-up window appears in which there are two buttons to
move the interface left and right. The LACP page currently does not
have images incorporated with these two buttons. [PR/305885]
On J2350, J4350, and J6350 Services Routers if the user opens
J-Web using Internet Explorer, the Configuration>Switching>LACP Sorting option for Aggegate Interface column
will not work. [PR/421634]
On J-series Services Routers, the Ajax calls need
to be optimized and should be in synchronization with the existing
configuration screens [STP, GVRP and IGMP-Snooping]. [PR/422523]
On J2350, J4350, and J6350 Services Routers when J-Web users
select the tabs on the bottom-left menu, the corresponding screen
is not displayed fully, so users must scroll the page to see all content.
This issue occurs when the computer is set to a low resolution. As
a workaround, set the computer resolution to 1280 x 1024. [PR/423555]
On J-series Services Routers in the spanning tree configuration
page, Edit interface/msti window does not save the data before
committing the configuration. [PR/433506]
Unified Access Control (UAC)
On J-series Services Routers, MAC address based authentication
does not work when the router is configured as UAC L2 Enforcer. [PR/431595]
Unified Threat Management (UTM)
On J-series Services Routers, under stress conditions, it is
possible that UTM sessions do not get cleaned up properly. The user
will continue to see outstanding UTM sessions even after traffic is
stopped and flow sessions have been released. If the number of outstanding
leaked sessions exceeds desirable levels causing UTM not to handle
new traffic, the forwarding daemon will need to be restarted. [PR/424426]
On J2320, J2350, J4350, and J6350 Services Routers, Outlook
Express is sending infected mail (with an EICAR test file) to a mail
server (directly, not through DUT). Eudora 7 is using the IMAP protocol
to download this mail (through DUT). Mail retrieval is slow, and
the EICAR test fille is not detected. [PR/424797]
On J2300, J2320, J2350, J4350, and J6350 Services Routers, Websense
server stops taking new connections after http stress. All
new sessions get blocked. As a workaround, reboot the WebSense server.
[PR/435425]
Virtual Private Network (VPN)
The proxy-identity statement is valid for route-based
VPN configuration only. Policy-based VPN does not support the proxy-identity statement. [PR/296468]
WXC Integrated Services Module
When two J-series devices with WXC Integrated Services Modules
(ISM 200s) installed are configured as peers, traceroute fails if redirect-wx is configured on both peers. [PR/227958]
JUNOS software does not support policy-based
VPN with WXC Integrated Services Modules (ISM200s). [PR/281822]
Resolved Issues in JUNOS Software Release 9.5 for J-series
Services Routers
The following issues from JUNOS Release 9.5 R2 have been resolved
in this release. The identifier following the description is the
tracking number in our bug database.
Interfaces and Routing
On J-series Services Routers with ISM cards, the ISM card
went offline/online many times, and the user encountered kern.maxfiles
limit exceeded by uid 0, please see tuning(7) messages. These
messages indicated that the system had run out of FDs. The system
state was recovered by using the request restart chassis-control command or rebooting the device. [PR/437857: This issue has been
resolved.]
J-Web
On J2350, J4350, and J6350 Services Routers, a fatal error
message was seen upon navigating to Configuration>WAN
acceleration>manage page.[PR/423573: This issue has
been resolved.]
Unified Access Control (UAC)
On J-series Services Routers, http sessions did
not go through when the router was configured as UAC L2 Enforcer.
[PR/309758: This issue has been resolved.]
