[Contents] [Prev] [Next] [Report an Error]

Previous Releases

Release 7.4R3

The following issues have been resolved since JUNOS Release 7.4R2.6. The identifier following the description is the tracking number in our bug database.

Platform and Infrastructure

If you configure both destination class usage (DCU) and output interface sampling, all traffic exiting the sampling-enabled interface will stop incrementing the DCU counters. As a workaround, configure an output filter, then deactivate and activate the sampling configuration. [PR/57023: This issue has been resolved.]
If your configuration file is very large, a memory mapping issue might occur, and you might see the error message: "pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC". [PR/60742: This issue has been resolved.]
IPv6 unicast reverse-path forwarding (RPF) check drops packets that have identical IPv6 link-local addresses. [PR 63084: This issue has been resolved.]
If you upgrade a routing platform to JUNOS 7.3 software, the Network Access Server process (nasd) might cause CPU utilization to increase to near capacity. [PR/63763: This issue has been resolved.]
On Ethernet-based interfaces configured for graceful Routing Engine switchover, if the next hop reaches the replicated kernel before the tag family for that interface, in some cases the replication of the tagged next hops might fail. [PR/65136: This issue has been resolved.]
If you configure the copy-plp statement and a source lookup feature (such as unicast reverse-path forwarding [RPF]), in rare cases the interfaces involved might drop all the ingress traffic. As a workaround, deactivate and reactivate the source lookup features. [PR/65219: This issue has been resolved.]
On a T320 router acting as a provider edge (PE) router, if the router receives Dynamic Host Control Protocol (DHCP) request packets from the DHCP server and forwards them across an MPLS backbone, the DHCP relay service might fail to determine which interface should forward the DHCP inform packets received from clients. [PR/65866: This issue has been resolved.]
After removing a faulty PIC and installing another PIC, an erroneous error message might continue to be generated. A workaround is to take the PIC offline and back online again. [PR/66083: This issue has been resolved.]
For IPv4 TACACS and ICMP packets, routers use the default local address, which is the loopback (lo.0) address, as the source address, instead of the egress interface. [PR/66304: This issue has been resolved.]
When you configure IPSec authentication on OSPFv3, there is no facility for suppressing the IPSec authentication packet log or modifying its parameters. [PR/66527: This issue has been resolved.]
The Real Time Streaming Protocol (RTSP) process (rtspd) might generate and handle system log messages even when there are no listeners interested in the messages. [PR/66666: This issue has been resolved.]
Abnormal PFE discards were not recorded in system log messages. [PR/67612: This issue has been resolved.]
If you configure an output filter on a discard interface, the filter might not work, traffic might not be forwarded, and the firewall filter counters might not increment in the output of the show firewall filter command. [PR/67663: This issue has been resolved.]
When service filter configurations on Fast Ethernet interfaces are modified, a core dump might occur. [PR/67943: This issue has been resolved.]
When using RADIUS, the ssh process (sshd) sets the template user as the username rather than the actual username used to log in. The login and telnet processes use the actual username. [PR/67947: This issue has been resolved.]
When you reboot an FPC with a Tunnel PIC, it might stop forwarding traffic on some virtual private LAN service (VPLS) instances. As a workaround, reduce the number of VPLS instances, if possible. [PR/68295: This issue has been resolved.]
On T-series routing platforms, Enhanced FPCs might corrupt Direct Memory Addressing (DMA) transactions between a PowerPC host bus and the JBUS. [PR/68820: This issue has been resolved.]
On an M-series or T-series router, when a tunnel route next hop points to a discard next hop, it might cause the router to spontaneously restart under certain conditions. [PR/69003: This issue has been resolved.]
When DHCP response packets are sent to a DHCP client, the client performs an IP TTL decrement before accepting IP packets for processing. [PR/69160: This issue has been resolved.]
Any configuration that requires a PIC reset can result in a filter without an associated index. If a backup RE is present, this can cause the platform to dump core. [PR/69452: This issue has been resolved.]

User Interface and Configuration

When you configure TACACS+ authentication on a routing platform to interoperate with another vendor's tac_plus server (which returns a sign on successful message), then you attempt to log in to the routing platform by using JUNOScope, the login attempt might fail. [PR/66244: This issue has been resolved.]
On a TX Matrix platform, when you switch mastership between Routing Engines, you can do so only on a single SCC or LCC at a time. [PR/66324: This issue has been resolved.]
If you use the copy configuration mode command to copy a statement that includes the apply-groups statement, the new object might fail to expand the configuration groups. [PR/67225: This issue has been resolved.]
On the TX Matrix platform, when graceful Routing Engine switchover (GRES) is configured and you enter the request chassis routing engine master switch all-chassis command, the graceful switchover operation might not function properly, producing the message "chassis-control subsystem is not running. [PR/67539: This issue has been resolved.]
For certain configuration modifications, the commit synchronize operation does not enable synchronization between Routing Engines. On the TX Matrix platform, this situation causes a kernel failure on the backup Routing Engine. [PR/69461: This issue has been resolved.]]

Interfaces and Chassis

Changes to DS0 timeslots on a channelized interface do not synchronize with the parent multilink frame relay (MLFR) bundles on the Link Services II PIC. The new interface speed is updated on the channelized interface but the link speed tracked on the MLFR bundle displays the original value. As a workaround, deactivate and reactivate the channelized interface. [PR/53030: This issue has been resolved.]
On M10i routers configured with graceful Routing Engine switchover, when Routing Engine 1 is the master Routing Engine, the fxp0 interface link state is always up, even when the port on the interface is not connected. [PR/58911: This issue has been resolved.]
On a VRRP-enabled Fast Ethernet interface, the virtual address corresponding to the logical unit (not 0) does not respond to ARP requests if vlan-vpls encapsulation is configured on the physical interface. [PR/63972: This issue has been resolved.]
When a show interfaces queue command is issued on one of the non-LSQ interfaces, the LSQ interface returns the following error message: "IFRT: 'IFL Queue Stats info' (opcode 127) failed". [PR/63999: This issue has been resolved.]
On an Automatic Protection Switching (APS) switchover to the other interface in the APS pair, the operational state for the logical interface unit is not updated upon deactivating the Operation, Administration, and Maintenance (OAM) state for that unit. This results in an incorrect operStatus value being returned on the SNMP query. [PR/64091: This issue has been resolved.]
While committing a Frame Relay interface with the ANSI or ITU LMI type and a large number of DLCIs, the commit fails with the error message: "The current MTU configured is less than the minimum MTU value required." However, the required minimum MTU value displayed as part of the CLI commit failure message is incorrect (off by 14 bytes for ANSI LMI and 13 bytes for ITU LMI). As a workaround, you can add 14 or 13 bytes (based on the LMI type configured) to the minimum MTU value displayed in the error message to find out the real minimum MTU value required and configure this value on the physical interface. [PR/64209: This issue has been resolved.]
If you disable an LSQ MLPPP interface, then clear statistics on the interface, re-enable the interface and enter the show interface command, the output for the command momentarily displays abnormally high input and output packet and byte counts. [PR/65410]
On ATM2 PICs, under certain conditions, the K1 byte TLV signaled by the APS process is not sent to the kernel. This results in an incorrect K1 byte value. [PR/65648: This issue has been resolved.]
When you configure a logical interface on an aggregated Ethernet interface, the logical interface might not come up. [PR/65945: This issue has been resolved.]
On J-series Services Routers, 2-byte Frame Relay DLCI header support might not operate properly. [PR/66875: This issue has been resolved.]
If an FPC stopped operating, the routing platform might have stopped operating and dumped core. A workaround is to reload the FPC. [PR/66958: This issue has been resolved.]
On T640 platforms, a major alarm was erroneously raised for the rear fan tray. It had no operational impact. [PR/67093: This issue has been resolved.]
If you enable Automatic Protection Switching (APS) to work in a multirouter environment, when the working circuit is active and the working router fails, the protect circuit is not used until the APS adjacency timeout expires. [PR/67443: This issue has been resolved.]
Under heavy traffic conditions, the AS PIC and the Adaptive Services module on the M7i platform stopped operating. [PR/67517: This issue has been resolved.]
The show interface snmp-index snmp-index terse operational mode command does not execute properly and generates a core dump file. [PR/67591: This issue has been resolved.]
On T-series routing platforms, when you perform an online insertion of a Switch Interface Board (SIM), the following error message might appear: "Error during SGBUS read". [PR/67642: This issue has been resolved.]
Adaptive Services PICs configured for stateful firewall and NAT services might spontaneously restart and dump core because of a timeout handler issue. [PR/67753: This issue has been resolved.]
Another vendor's equipment zeroed out the Source ID field in Operation, Administration, and Maintenance (OAM) Loopback cells, causing the cells to be dropped by the JUNOS kernel. [PR/68290: This issue has been resolved.]
On M7i routers, under certain conditions, JUNOS software does not perform a Compact Forwarding Engine Board (CFEB) switchover following a CFEB failure. [PR/68313: This issue has been resolved.]
On T-series routing platforms, when you unplug or plug in a small form-factor pluggable transceiver (SFP), an event is not generated and the information is not logged to the system mesage log. This differs from the behavior on M-series routing platforms. [PR/68401: This issue has been resolved.]
LCP_CONF_NAK was sent with the multiclass MLPPP parameters received from the peer instead of with the expected parameters. This caused an interoperability issue with Cisco routers. [PR/69005: This issue has been resolved.]
While changing the DS0 timeslot values, the logical interface bandwidth is set incorrectly. As a workaround, deactivate and reactivate the logical interface configuration. [PR/69136: This issue has been resolved.]

Services Applications

Adaptive Services PICs configured with the Real-Time Streaming Protocol (RTSP) application-level gateway (ALG) might spontaneously restart. [PR/63572: This issue has been resolved.]
When you issue a sufficiently large number of show services CLI commands, the AS PIC memory becomes fragmented and does not permit any more new show commands. [PR/64626: This issue has been resolved.]
On an M10i router that is configured with multilink PPP over L2TP, MLPPP fragments are dropped by the LNS. Additionally, protocol compression is not supported for L2TP MLPPP sessions. [PR/66169: This issue has been resolved.]
System log messages display incorrect source and destination addresses for statefull firewall flows. [PR/66427: This issue has been resolved.]
Overlapping destination NAT pools are not supported. [PR/67983: This issue has been resolved.]
On T-series routers with Adaptive Services PICs, traffic incorrectly matches the reject term of an output firewall filter on an 'sp-inside' interface, possibly because of a changed header encapsulation. [PR/68176: This issue has been resolved.]
Export data flows on the Monitoring Services PIC on an M120 router might time out after approximately seven weeks, irrespective of the active and inactive flow timeout configuration. [PR/68986: This issue has been resolved.]
When configuring more than 600 Service PIC units to attach L2TP sessions, all units above the 600th might not be created properly in the kernel when the Service PIC or the router reboot. All attempt of attaching new PPP/L2TP sessions to these units will fail. [PR/71285: This issue has been resolved.]

General Routing

When a modification is made to the routes that contribute to an aggregate route, the routing protocol process (rpd) might stop functioning. [PR/67760: This issue has been resolved.]
If you enable and then disable Bidirectional Forwarding Detection (BFD), the routing protocol process (rpd) might leak memory. [PR/68011: This issue has been resolved.]
When an export policy with an install next-hop action is configured for VPN routes and the indirect next hop for these routes changes, a new indirect next hop is installed, instead of modifying the underlying forwarding next hops. [PR/69470: This issue has been resolved.]

Routing Protocols

A provider edge (PE) router acting as a rendezvous point (RP) for a PIM routing instance might not send a register-stop message if the designated router (DR) of the multicast source is sending PIM registers in version 1 format. This situation results in redundant traffic on the network, in the form of data-encapsulated PIM register packets. The workaround is to configure the source DR as PIM version 2. [PR/65101: This issue has been resolved.]
For multicast virtual private networks (VPNs), if the forwarding cache downstream interface list excludes a customer edge (CE) router interface containing local receivers, the local receivers do not receive traffic. As a workaround, deactivate and reactivate IGMP. [PR/65875: This issue has been resolved.]
If a PIM multicast router has a local source, local receiver, and remote receiver for the same group, and the local source stops sending traffic, the PIM state might not be removed from the router. Additionally, Multicast Source Discovery Protocol (MSDP) might continue to advertise source active (SA) messages for the local source, even after the source has stopped sending traffic. As a result, incorrect PIM state and forwarding state information might remain on other routers in the network. [PR/65919: This issue has been resolved.]
After an OSPF graceful restart, the restarted router becomes the designated router (DR) or the backup designated router (BDR), even though it was not a DR or BDR before the restart. [PR/65940: This issue has been resolved.]
For multicast VPNs, if you include the interface all statement at the [edit routing-instances protocols pim] hierarchy level, the multicast data for the instance might get newly initialized. As a result, there is a brief multicast traffic interruption. The workaround is to configure all interfaces defined for this instance explicitly at the [edit routing-instances protocols pim] hierarchy level, instead of including the interface all statement. [PR/66966: This issue has been resolved.]
If BGP is configured with a RIB group and damping is enabled, issuing the clear bgp damping command might cause the routing protocol process (rpd) to restart. [PR/67189: This issue has been resolved.]
When you enable IS-IS traffic engineering in conjunction with Constrained Shortest Path First (CSPF)-enabled RSVP label-switched paths (LSPs), and a bad FPC corrupts inbound IS-IS LSP updates, CPU usage by the routing protocol process (rpd) might escalate and remain high. As a workaround, take the FPC offline or replace it. [PR/67548: This issue has been resolved.]
If you configure the BGP path-selection statement at the [edit protocols bgp] hierarchy level when an aggregate or generated route that references a more specific static route is present, then you restart the routing platform, the routing protocol process (rpd) might stop operating. [PR/67567: This issue has been resolved.]
When you issue the show route protocol receive-protocol rip ip-address command, the routing protocol process (rpd) might produce a core dump. [PR/67717: This issue has been resolved.]
If BGP refresh processing coincides with a peer going down, processing of the clear bgp neighbor soft operational mode command or a REFRESH request might cause the routing protocol process (rpd) to restart. [PR/68299: This issue has been resolved.]
For multicast VPNs, if a default mode is not specified at the [edit protocols pim interface all] hierarchy level, the multicast data for the mtun interface is newly initialized. As a result, there is a brief multicast traffic interruption. As a workaround, configure the interface all statement for this instance explicitly at the [edit protocols pim] hierarchy level and specify a default mode. [PR/69162: This issue has been resolved.]
When a route reflection client session closes, the routing protocol process (rpd) might restart. [PR/69645: This issue has been resolved.]
The remove-private configuration statement might incorrectly cause removal of private autonomous systems past public AS values. [PR/69721: This issue has been resolved.]
IS-IS does not check for common subnets on point-to-point interfaces or check for duplicate IP adresses on all interface types. [PR/70816: This issue has been resolved.]

MPLS Applications

When you configure RSVP refresh reduction, if the destination IP address in the request is not the same as the source address in the acknowledgement, the RSVP sessions do not become established. [PR/61181: This issue has been resolved.]
RSVP might accept incoming hello packets and establish neighbor relationships arriving from any source address, even if the routing platform originated a hello packet from one of its own interfaces. This is a cosmetic issue and there is no operational impact. [PR/65172: This issue has been resolved.]
If you configure explicit NULL on egress, P2MP graceful restart does not work. [PR/66942: This issue has been resolved.]
When an RSVP-based MPLS LSP is preparing to switch over to an optimized path and there is a change in Record Route Object (RRO) on the active path, if the switchover to the optimized path fails, RRO information might be inaccurate in the output of the show mpls lsp ingress detail | extensive commands. As a workaround, issue the show rsvp session detail command to display the correct RRO. There is no operational impact. [PR/67420: This issue has been resolved.]
When LSP node link protection is configured, there might be a 5-second delay during switchover between nodes. [PR/69143: This issue has been resolved.]
If the main LSP goes down before a switchover is completed, the newly-designated primary LSP might not have inet.3 entries in its routing table. [PR/70325: This issue has been resolved.]

VPNs

If you configure a policer and apply it to RSVP LSPs that carry Layer 2 circuit traffic, the policer might be split between the circuit cross-connect (CCC) encapsulated interfaces and heavy traffic loads might not trigger the policer bandwidth limits. [PR/66197: This issue has been resolved.]

Class of Service

Modifying a drop profile with an oversubscribed interface might cause the FPC to reset. [PR/59083: This issue has been resolved.]
When you remove an IEEE 802.1p classifier from a logical interface, IEEE 802.1p classification does not function correctly on other logical interfaces that are still configured with IEEE 802.1p classifiers. [PR/63381: This issue has been resolved.]
Although the CLI allows you to include the per-unit-scheduler statement on a T1 interface, even if the interface was not associated with a channelized IQ PIC, this configuration is not supported. [PR/64546: This issue has been resolved.]
If a Gigabit Ethernet IQ PIC has at least one IEEE classifier defined and the router is restarted, the class of service (Cos) process (cosd) might crash repeatedly and generate core dumps. This is caused by the CoS process mistakenly expecting an interface to already have been defined. As a workaround, after the router has initialized, issue the restart class-of-service command. [PR/65244: This issue has been resolved.]
On M320 and T-series routing platforms, if you configure both the copy-plp and vrf-table-label statements, packet loss priority (PLP) mapping might not work as expected. [PR/65448: This issue has been resolved.]
Enabling an IEEE rewrite rule on a Gigabit Ethernet PIC (non-IQ) causes the CFI bit to be set incorrectly in IEEE 802.1p bits 1, 3, 5, and 7. This causes the neighboring router to drop this traffic on receipt. [PR/68259: This issue has been resolved.]
On Gigabit Ethernet IQ PICs, when IEEE rewrite is configured for interface on the PIC, the PLP bit is not taken into account. [PR/70356: This issue has been resolved.]

Forwarding and Sampling

On aggregated Ethernet or aggregated SONET output interfaces, the sampling process (sampled) reports the wrong ifIndex in cflowd records. [PR/59441: This issue has been resolved.]
The cflowd records for BGP might not include the actual next-hop address. [PR/66365: This issue has been resolved.]
On a routing platform configured to send cflowd records, if there is a mismatch of metadata information between the sampling process (sampled) and the routing protocol process (rpd), the sampling process log might continuously receive the system log message "rr DELETE: pref len 24 doesn't exist." [PR/66620: This issue has been resolved.]
When you configure two prefix lists in a firewall term and one of the prefix lists includes the default route, while the other prefix list is empty and you commit the configuration, the system returns an error message and the commit fails. [PR/67407: This issue has been resolved.]

Network Management

For the TX Matrix platform, when a line-card chassis (LCC) Routing Engine switches over, the chassis process (chassisd) on the new LCC master might not connect properly with the SNMP agent. As a result, the new LCC master instances might not appear in the output of the show snmp mib walk command. [PR/66113: This issue has been resolved.]
If an SNMP Get request asks for Juniper Networks MIB values that do not exist, the SNMP process (snmpd) dumps core. [PR/68288: This issue has been resolved.]

Release 7.4R2

The following issues have been resolved since JUNOS Release 7.4R1.7. The identifier following the description is the tracking number in our bug database.

Platform and Infrastructure

If a router receives rapid multicast traffic from various groups or sources that do not have entries in the forwarding table, the router might generate the "router-name feb NH: resolutions from iif X throttled" system log message and might delay the installation of forwarding table entries for some of these multicast packets. [PR/46474: This issue has been resolved.]
When the number of Telnet sessions on a router nears the connection limit, and a user enters characters followed by the Ctrl + C key combination before the router's login prompt appears, one or more Telnet sessions might not open properly. [PR/58461 This issue has been resolved.]
Routes to remote next hops that resolved through fxp0 are not accepted by the kernel. [PR/58972: This issue has been resolved.]
Configuring the set system ntp source-address source-address statement so that the last octet of the NTP source address is in the range of 224 to 239 causes an “attempt to configure invalid address” system log error message. [PR/60200: This issue has been resolved.]
On T-series platforms, the Address Resolution Protocol (ARP) next-hop resolution might stop working as expected. [PR/61488: This issue has been resolved.]
On M-series routers, when a Multichannel DS3 PIC is removed and reinstalled, the FPC might stop functioning, producing a core file. [PR/63175: This issue has been resolved.]
When using TACACS+ to log in to a J-series or M-series router through Telnet or SSH, the following Pluggable Authentication Modules (PAM) facility system log messages might appear; however, the user is granted access to the router:
timestamp router-name login: PAM option: conf=/var/etc/pam_tacplus.conf invalid

timestamp router-name login: PAM option: template_user=remote invalid

[PR/63269: This issue has been resolved.]
On J-series routers, when a firewall filter is configured, the system log might not report the UDP/TCP port number correctly. [PR/63678: This issue has been resolved.]
For discard (dsc) interfaces, the following system log message might appear: “create_sockets: ioctl (SIOCGIFBRDADDR): Can't assign requested address, no broadcast addr on interface”. [PR/64235: This issue has been resolved.]
To match only on a source address, destination address, source port, or destination port, include the appropriate matching condition (source-address, destination-address, source-port, or destination-port, respectively) at the [edit firewall filter filter-name term term-name from] hierarchy level instead of using the port or address matching condition at the same hierarchy level. [PR/64313: This issue has been resolved.]
On E1 and T1 interface links, very low BGP and TCP throughput might be observed. A workaround is to increase the physical interface MTU value to 9K. [PR/64682: This issue has been resolved.]
When you include the on-disk-failure statement at the [edit chassis redundancy failover] hierarchy level and the graceful-switchover enable statement at the [edit chassis redundancy] hierarchy level, the commit fails. As a workaround, also include the on-loss-of-keepalives statement at the [edit chassis redundancy failover] hierarchy level. [PR/64817: This issue has been resolved.]
Output filters do not function on interfaces configured with port mirroring. [PR/65444: This issue has been resolved.]
On an IPv6-over-IPv4 tunnel, when a downstream IPv4 destination is unreachable because of an MTU mismatch, the router at the tunnel entry point does not lower the protocol MTU on the tunnel interface. The protocol MTU value must be lowered to prevent traffic from being dropped without sending a notification. [PR/65486: This issue has been resolved.]
On M-series routers, IPv6 tunnels might not function properly when the tunnel destination is an indirect next-hop address. [PR/65791: This issue has been resolved.]
On multihop BGP peers, when there is an intermediate MTU mismatch, incoming maximum segment size (MSS) calculations might be incorrect, causing traffic to be dropped without notification being sent. [PR/65953: This issue has been resolved.]

User Interface and Configuration

The apply-macro statement should not have been included in the XML schema. [PR/59112: This issue has been resolved.]
The commit synchronize function fails when a line in the configuration contains more than 16,000 characters. [PR/62071: This issue has been resolved.]
When RADIUS accounting is not configured on the router at the time a CLI session is established, but is configured before the session ends, the session-time attribute that is sent to the RADIUS accounting server for that session contains an invalid value. [PR/63099: This issue has been resolved.]
The J-Web interface displays logical interfaces that cannot be configured. In the Quick Configuration>Interfaces window, any logical interface index that is greater than 16385 is created automatically by the router and is not configurable. [PR/63471: This issue has been resolved.]
JUNOS Release 6.4R4 does not recognize trailing spaces included in secret passwords generated by encryption algorithms. Previous releases handled this occurrence differently, causing a disparity in behavior. [PR/63967: This issue has been resolved.]
When RADIUS accounting is not configured on the router at the time a CLI session is established, but is configured before the session ends, the NAS-Identifier attribute that is sent to the RADIUS accounting server for that session contains an invalid value. [PR/64061: This issue has been resolved.]
When you include the disable statement at the [edit chassis redundancy graceful-switchover] hierarchy level and configure BFD for various routing protocols, then issue a show command in configuration mode for a particular routing protocol, you see the following error message: "invalid path element 'enable'". This message is harmless and the configuration is valid. [PR/64073: This issue has been resolved.]
When the user logs into a router using Telnet, the message configured at the [system login message] hierarchy is not displayed. [PR/64609: This issue has been resolved.]
A login class name configured at the [edit groups group-name system login] hierarchy level might not be properly propagated to login.config, preventing a user from having a valid login class. This issue does not occur for classes configured at the [edit system login] hierarchy level. [PR/65146: This issue has been resolved.]
With certain apply-group configurations, the command-line parser may hang when executing a commit or commit check function. [PR/65365: This issue has been resolved.]

Interfaces and Chassis

On ATM interfaces with Automatic Protection Switching (APS), both the working and protect circuits are erroneously placed in enabled state at the same time because of a file corruption issue. [PR/55493: This issue has been resolved.]
When the fxp0 (management Ethernet) link goes down, it raises an alarm even if this interface is disabled in the configuration. [PR/58314: This issue has been resolved.]
A CLI session freezes if the show interfaces command is issued when a configuration operation, such as interface creation or deletion, is in progress. This situation happens rarely. Ending the particular session is harmless, and the users can run the same command through another CLI session. The router will continue to respond normally even when this issue happens. [PR/59707: This issue has been resolved.]
When Dead Peer Detection (DPD) is activated, the output of the show services ipsec-vpn ipsec statistics service-set command displays an incorrect remote gateway address. This issue has no operational impact. [PR/60331: This issue has been resolved.]
On M20 routers with ATM2 Intelligent Queuing (IQ) OC12 PICs configured for ATM Layer 2 circuit mode cell relay operation, when the cell-bundle-size statement at the [edit interfaces at-fpc/pic/port atm-options] hierarchy level is set to a value greater than 1, spurious cell output event notifications are sometimes sent by an egress channel when it has recently changed status from active to idle. This situation might result in the loss of all traffic on the ATM2 OC-12 PIC. When all channels on the PIC are configured with a cell bundle size value of 1, this problem does not occur. [PR/61158: This issue has been resolved.]
On ATM2 IQ PICs installed in M-series and T-series platforms, ATM PVCs that have been idle longer than a few seconds might experience a start delay of approximately five to ten seconds, during which the output rate is slower than normal, followed by output at the nominal shaping rate. This situation occurs even when the ATM PVCs are not at their shaping limit and the ATM port is transferring less than the full line-rate potential. [PR/61746: This issue has been resolved.]
For IQ PICs on M160 and M40e platforms, the physical interface traffic statistics for input packets and bytes are sometimes displayed incorrectly as all zeroes. [PR/61864: This issue has been resolved.]
On M40e and M160 platforms, when the Switching and Forwarding Module (SFM) or a Flexible PIC Concentrator (FPC) panics, the software does not send offline or online SNMP traps, even though the software is configured to send traps. [PR/62707: This issue has been resolved.]
On Routing Engine graceful switchover, the following message might be logged on the backup Routing Engine: “CHASSISD_UNSUPPORTED_FPC: FPC with I2C ID of 0x0 is not supported message on downgrade.” This message is harmless in this situation and does not cause any operational impact. [PR/62896: This issue has been resolved.]
When you install an FPC on a T-series platform and bring the FPC online, you might see a CHASSISD_GENERIC_WARNING error, and the FPC might fail to boot up properly. As a workaround, you might need to remove and reinstall the FPC. [PR/63155: This issue has been resolved.]
If you configure both a manual and a dynamic security association (SA) in the same service set, the dynamic SA might not work. [PR/63282: This issue has been resolved.]
On an M7i router with an ASM, incoming packets classified as expedited forwarding (EF) might be dropped when routed through a GRE tunnel that has the clear-dont-fragment-bit option set. [PR/63357: This issue has been resolved.]
On an Automatic Protection Switching (APS) switchover to the other interface in the APS pair, the operational state for the logical interface unit was not being updated upon deactivating the Operation, Administration, and Maintenance (OAM) state for that unit. This resulted in an incorrect operStatus value being returned on the SNMP query. [PR/64091: This issue has been resolved.]
When a large number of logical interfaces are configured on an ATM2 PIC and the FPC is first brought online, some of the logical interfaces might remain in the operational down state. The logical interface can be brought to the up state by issuing this series of commands: deactivate at-pim/pic/port unit logical-unit-number, commit, activate at-pim/pic/port unit logical-unit-number, commit. [PR/64162: This issue has been resolved.]
If a Routing Engine switchover occurs due to GRES, and APS is used in a multirouter configuration, traffic on the APS-protected circuit might be lost for up to five seconds. [PR/64211: This issue has been resolved.]
When an FPC has a PIC that has a hardware error, a PIC failure alarm is generated. This alarm is not cleared when the FPC is taken offline or removed. A workaround is to restart the chassis process (chassisd). [PR/64429: This issue has been resolved.]
The output from the show aps detail and show aps extensive operational mode commands provide correct information, but the data is not well formatted. [PR/64662: This issue has been resolved.]
Issuing the show interfaces controller interface-name command might cause a core dump. [PR/65284: This issue has been resolved.]
When an FPC has 10-port 1-Gigabit Ethernet PICs and copper SFPs are plugged into the PICs, ping response might be delayed by several hundred milliseconds. [PR/65315: This issue has been resolved.]
On services interfaces, when the PIC or the platform reboots, the MTU configured for the protocol family might be overwritten by the device MTU. [PR/65331: This issue has been resolved.]
When you issue the show chassis hardware command on Routing Engine 2, the serial number in the output might not match the output of the SNMP jnxContentsSerialNo object. [PR/65443: This issue has been resolved.]
When a 1-port OC48 SONET SFP PIC is configured in nonconcatenated mode, only the first interface can carry traffic. The remaining three interfaces cannot carry traffic. [PR/65510: This issue has been resolved.]
On channelized IQ PICs, when time slots are configured for E1 or T1 interfaces, running the commit full operation when the configuration has not changed causes T1 and E1 interfaces to flap. [PR/65838: This issue has been resolved.]

Services Applications

If you issue operational mode show commands while the Dynamic Flow Capture PIC is restarting, and continuous traffic is being transmitted to the PIC, the PIC dumps core and the following error message is displayed: "error: the dfc-daemon subsystem is not running." [PR/64782: This issue has been resolved.]
If you configure the Trivial File Transfer Protocol (TFTP) and destination Network Address Translation (NAT), TFTP might not work as expected. [PR/64896: This issue has been resolved.]
The following options for the show services l2tp sessions command options were not available in JUNOS Release 7.2: interface local-gateway, local-gateway-name, local-tunnel-id, peer-gateway, peer-gateway-name, and tunnel-group. [PR/65135: This issue has been resolved.]
AS PICs with a stateful firewall enabled might stop operating under heavy traffic. [PR/65399: This issue has been resolved.]
When no traffic is received from a PPP client, the Layer 2 Tunneling Protocol (L2TP) network server (LNS) might not send a PPP keepalive. [PR/65855: This issue has been resolved.]
On M7i and M10i routers configured with L2TP services, even though no RADIUS accounting port is configured, the router attempts to use accounting on the default port. [PR/65956: This issue has been resolved.]
If the authentication type is Password Authentication Protocol (PAP), and Link Control Protocol (LCP) renegotiation is enabled, the username in the Layer 2 Tunneling Protocol (L2TP) PPP radius accounting record is incorrect. [PR/66099: This issue has been resolved.]

General Routing

If you configure an aggregate route or generated route with a large number of contributing routes, then issue the show route extensive or show route detailed command, the routing protocol process (rpd) might experience scheduler slips. As a workaround, issue the show route brief or show route terse commands. [PR/60411: This issue has been resolved.]
Generated routes incorrectly inherit AS_PATH information from contributing routes. [PR/63247: This issue has been resolved.]
When the BGP path-selection configuration is changed, the routing protocol process (rpd) might stop operating. [PR/65323: This issue has been resolved.]
The routing protocol process (rpd) might stop functioning when a modification is made to the routes that contribute to an aggregate route. [PR/67058: This issue has been resolved.]

Routing Protocols

Under certain circumstances, the routing protocol process (rpd) might restart when cleaning up the PIM neighbor. [PR/42423: This issue has been resolved.]
When a packet is originated by the router to a multicast address and routing is required and DVMRP is the configured multicast protocol, routing may restart. [PR/50913: This issue has been resolved.]
When an existing source active (SA) route to the rendezvous point (RP) changes, the Multicast Source Discovery Protocol (MSDP) active-source limit might not work correctly. [PR/61754: This issue has been resolved.]
The software might send malformed Protocol Independent Multicast (PIM) multicast distribution tree (MDT) join type/length/value (TLV) data structures. [PR/62612: This issue has been resolved.]
If a BGP peer flaps while a routing instance is added to the configuration, the routing protocol process (rpd) might restart. [PR/64625: This issue has been resolved.]
If Protocol Independent Multicast (PIM) is not running on the designated router (DR) interface that is receiving register stops, the register stop packets are not processed. As a workaround, enable PIM on all interfaces on which you expect to receive PIM packets. [PR/65504]
If the router receives a S,G,RPT join for a S,G for which it has S,G,RPT prune state, the router stops operating. This happens only if no data packet has been sent out by the source yet. [PR/65571]
If graceful restart is enabled and the routing protocol process (rpd) is restarted, rpd consumes a large amount of memory because of a memory leak. [PR/65597: This issue has been resolved.]

MPLS Applications

If you toggle the Routing Engine mastership, RSVP might stop working. [PR/63300: This issue has been resolved.]
If you enable fast reroute on an LSP and configure a reoptimization timer, there might be packet loss for traffic passing through the affected LSP. [PR/64426: This issue has been resolved.]
The routing protocol process crashes if LDP statistics are gathered via SNMP when the LDP database contains a 0/0 route. [PR/64563: This issue has been resolved.]
When you change the RSVP LSP bandwidth configuration and the new bandwidth requirement cannot be met, it is not apparent that the new bandwidth setting fails, sometimes the number of retries are insufficient, and RSVP might retain the old bandwidth state indefinitely. [PR/64870: This issue has been resolved.]
RSVP might send packets with duplicate sequence numbers in the Integrity Object out of the same physical interface to different RSVP sessions. This is not in compliance with RFC 2747. [PR/64968: This issue has been resolved.]
After an RSVP signaling failure, MPLS might not accurately enforce bandwidth changes. The show mpls lsp command displays the bandwidth that you configure, but it does not show the bandwidth that is actually reserved; this is shown in the output of the show rsvp session command. [PR/65608: This issue has been resolved.]

VPNs

When a provider-edge (PE) router receives advertisements for new remote sites, it is supposed to advertise new label blocks for these sites. In some cases, this does not happen correctly and the VPLS connections do not come up with the error code 'OL' which stands for "no outgoing label." The workaround is to remove the VPLS instance with the problem and reconfigure it. [PR/64588: This issue has been resolved.]

Class of Service

On TX Matrix platforms with enhanced FPCs, high-priority fabric queues might experience tail dropping of packets when the line rate is greater than 40 percent. [PR/64178: This issue has been resolved.]
The class-of-service (CoS) process leaks memory when any attribute is configured for a logical interface. [PR/65047: This issue has been resolved.]
Copy-PLP actions need to be attached to the families for LSI interfaces. [PR/65448: This issue has been resolved.]

Routing Policy and Firewall Filters

When you issue the test policy command with a regular expression to test multiple policies, the routing protocol process (rpd) dumps core. A workaround is to test a single policy at a time. [PR/64619: This issue has been resolved.]
A CoS next-hop map that matches by address might incorrectly match against an LSP next hop. [PR/66127: This issue has been resolved.]

Network Management

The SNMP ifType value for aggregated SONET is incorrect; it should be reported as a composite link in the MIB. [PR/61061: This issue has been resolved.]
If the software performs an snmpget operation on jnxPingCtlTable objects with nonexisting indices, the remote operations process (rmopd) might dump core. [PR/65106: This issue has been resolved.]
When objects that are part of a table are displayed in the output of the show snmp mib command, there is a memory leak that might cause the SNMP process (snmpd) to stop operating. [PR/65570: This issue has been resolved.]

Release 7.4R1

The following issues have been resolved since JUNOS Release 7.3R1.6. The identifier following the description is the tracking number in our bug database.

Software Installation

You might not have been able to upgrade to JUNOS Release 7.4 using the request system software add package-name command. [PR/61378: This issue has been resolved.]

Platform and Infrastructure

Except for local traffic generated by the router, an outbound IPv6 firewall filter counter does not work on the logical loopback interface. [PR/22409: This issue has been resolved.]
If there is a corruption in the PIC microcode, some outgoing packets on the interface might also be corrupted but no error message is generated. [PR/52379: This issue has been resolved.]
For Ethernet-based interfaces in a Layer 2 circuit topology, if you apply the same circuit cross-connect (CCC) input filter on multiple logical interfaces in different VLANs, and the state of the associated physical interface changes from up to down to up, all Layer 2 circuit traffic might travel over only one of the logical interfaces. As a workaround, apply a unique CCC input filter to each logical interface. [PR/57276: This issue has been resolved.]
For J20 routers, an I-PIC treats UDP ports 9200 and 49200 as connectionless and ports 9201 and 49201 as connection oriented. A Wireless Transaction Protocol (WTP) gateway redirecting traffic to ports other than these might result in an incorrect classification. [PR/59517: This issue has been resolved.]
On an E3 IQ interface configured with PPP encapsulation, if you include the unsupported per-unit-scheduler statement at the [edit interfaces interface-name] hierarchy level, the routing platform might become unresponsive. [PR/60048: This issue has been resolved.]
On J-series Services Routers, filter-based forwarding might not work. [PR/60751: This issue has been resolved.]
On M-series and T-series routing platforms with a backup Routing Engine, when graceful switchover is configured, convergence times are delayed. [PR/61216: This issue has been resolved.]
On an M40e router containing an E3 Intelligent Queuing (IQ) PIC, if you configure graceful Routing Engine switchover and issue the commit synchronize command, the backup Routing Engine might stop operating. [PR/61434: This issue has been resolved.]
On J20 routers, if the U-PIC stops operating and you then update the configuration and commit the changes, the I-PIC might dump core. [PR/61605: This issue has been resolved.]
On a GGSN-C PIC installed in a J20 router, when a Domain Name System (DNS) server is not reachable and you use a Network File System (NFS) mount to map /var/tmp to /var/crash, the NFS mount process (mountd) might stop operating and generate the following system log message: “mount-crash: mount_nfs failed/timed out for address:/var/tmp”. As a workaround, establish connectivity with the DNS server. [PR/61701: This issue has been resolved.]
On J-series Services Routers, when you configure a firewall filter containing a prefix list, the firewall compiler optimized prefix list might not be handled correctly and the forwarding process (fwdd) might dump core. [PR/61741: This issue has been resolved.]
On routing platforms containing a single hard drive and no compact flash drive, if you include the reboot statement at the [edit chassis routing-engine on-disk-failure] hierarchy level and the hard disk fails, the statement might not take effect and the routing platform might not reboot. [PR/61850: This issue has been resolved.]
When the routing platform learns a route prefix through OSPF or a static route, and the prefix specifies an interface instead of a next-hop IP address, the prefix might not be reachable. [PR/62052: This issue has been resolved.]
On J20 routers, if the U-PIC handles both IPv4 and IPv6 traffic for an APN routing instance and you delete one of these two traffic types from the configuration, traffic for the other traffic type might be dropped. [PR/63065: This issue has been resolved.]
On M-series routers with an Internet Processor II ASIC v2, if you configure an aggressive Automatic Protection Switching (APS) or Virtual Router Redundancy Protocol (VRRP) timer, the interfaces might reset. [PR/63135: This issue has been resolved.]
If you configure a stateful firewall on a J-series Services Router and the router experiences heavy traffic, the forwarding process (fwdd) might dump core. [PR/63465: This issue has been resolved.]

User Interface and Configuration

If the /var/transfer/config directory is not available, automatic configuration uploading might fail and the resulting system log message might not provide enough information to troubleshoot the problem. [PR/47341: This issue has been resolved.]
If you edit the order of terms in a firewall configuration on the master Routing Engine and then issue the commit synchronize command, the revised term order might not be copied to the backup Routing Engine. [PR/58550: This issue has been resolved.]
The explicit-null option at the [edit protocols bgp group group-name family inet6 labeled-unicast] hierarchy level might have been hidden in the command-line interface (CLI). [PR/59042: This issue has been resolved.]
When you issue the load update command, items in grouped configurations might be inserted in the wrong order, especially if you add a term in a hierarchy. [PR/59615: This issue has been resolved.]
If you use a JUNOScript Perl client to connect to an SSH server, the following errors might be generated: “login: LOGIN_FLAGS: Failed to clear flags for /dev/tty??: No such file or directory”, “login: LOGIN_OWNER: Failed to change owner for /dev/tty??: No such file or directory”, and “login: LOGIN_INFORMATION: User username logged in from host host-address on device tty??”. [PR/60288: This issue has been resolved.]
If you issue the deactivate groups group-name command in configuration mode for an option that is currently inactive in the configuration, and then issue the commit command, the system might produce an error message, such as “error: could not add object”. However, the configuration change is still committed. [PR/61825: This issue has been resolved.]
When you use the J-Web user interface to log on to a J-series or M-series routing platform, even if authentication succeeds, you might see error messages such as “initauthconf: unable to open file: /etc/auth.conf”. There is no operational impact. [PR/62034: This issue has been resolved.]
When you configure a long SSH DSA or SSH RSA key (approximately 1020 bytes or larger) and commit the configuration, several “buffer overflow” system log messages might be generated and the management process (mgd) might dump core. [PR/62141: This issue has been resolved.]
When you configure a description for a logical interface by including the description statement at the [edit logical-routers logical-router-name interfaces interface-name unit unit-number] hierarchy level, the description information might not appear in the output from the show interfaces descriptions command. [PR/62280: This issue has been resolved.]
When you configure forwarding class attributes at the [edit groups group-name class-of-service] hierarchy level and try to commit the configuration, the commit might fail. As a workaround, move the configuration statements to the [edit class-of-service] hierarchy level. [PR/62345: This issue has been resolved.]
If you log in to a JUNOScope client using RADIUS authentication, then try to archive, restore, or scan a device configuration, the operation might hang. [PR/64057: This issue has been resolved.]

Interfaces and Chassis

On ADSL interfaces installed in J-series Services Routers, if traffic consists of 64-byte packets traveling at line rate, some OSPF hello packets might be dropped and neighbor adjacencies might not be stable. [PR/54840: This issue has been resolved.]
On M7i and M10i routers, if you configured L2TP with RADIUS authentication, the peer IP address received in the Internet Protocol Control Protocol (IPCP) configuration request packet supplied by a PPP client might have been preferred over the framed IP address configured on a RADIUS server. [PR/55008: This issue has been resolved.]
When a small form-factor pluggable transceiver (SFP) is absent on an SFP-based PIC, the chassis process (chassisd) might log the following message repeatedly in the system log: “pic_set_port_info:Got cable_type for FPC 0 PIC 3 port 1 cable num=0, str=”. [PR/56274: This issue has been resolved.]
On T3 interfaces, if you delete the feac-loop-respond statement from the [edit interfaces t3-fpc/pic/port t3-options] hierarchy level, the output of the show interfaces t3-fpc/pic/port extensive command might display the FEAC Loopback field as Active. [PR/58569: This issue has been resolved.]
On ATM2 intelligent queuing (IQ) interfaces, if a circuit cross-connect (CCC) ATM Adaptation Layer 5 (AAL5) virtual circuit (VC) receives alarm indication signal (AIS) cells while the interface is in the CCC_DOWN state, then the VC stops receiving the AIS cells, most of the Operation, Administration, and Maintenance (OAM) processing for all VCs might stop operating. [PR/59069: This issue has been resolved.]
On ATM2 intelligent queuing (IQ) interfaces, when a large number of VCs are configured with the same oam-period value at the [edit interfaces at-fpc/pic/port unit logical-unit-number] hierarchy level, some of the Operation, Administration, and Maintenance (OAM) cells might be dropped and the VCs and logical interfaces might be marked randomly as down. [PR/59183: This issue has been resolved.]
For T3 channels on channelized DS3 intelligent queuing (IQ) interfaces, when you configure the holdtime statement at the [edit interfaces t3-fpc/pic/port] hierarchy level, the T3 interface might not restart when you take the PIC offline and bring it back online. As a workaround, deactivate and reactivate the T3 interface, and delete the holdtime statement from the T3 interface's configuration. [PR/59263: This issue has been resolved.]
On M10 routers, when Internet Protocol Control Protocol (IPCP) negotiation appears to have completed, the router might restart the IPCP negotiation. [PR/59468: This issue has been resolved.]
On aggregated SONET/SDH or aggregated Ethernet interfaces, applications and protocols that require flood-type next hops (such as point-to-multipoint LSPs and VPLS) are not supported. [PR/59655: This issue has been resolved.]
On ISDN interfaces in a J-series Services Router, if you configure a second service provider ID, the second ID might not be sent to the ISDN switch. [PR/59678: This issue has been resolved.]
On Gigabit Ethernet intelligent queuing (IQ) interfaces, when you include the tag-protocol-id statement at the [edit interfaces interface-name gigether-options ethernet-switch-profile] hierarchy level with any value other than the default value of 0x8100, Virtual Router Redundancy Protocol (VRRP) interfaces start going down and up. If VRRP trace options are enabled, the log file includes the message: “vrrpd_rts_get_ifd_state VLAN information for ge-fpc/pic/port mismatch.” [PR/59909: This issue has been resolved.]
On T-series and M320 routing platforms, if you configure unidirectional mode Automatic Protection Switching (APS) and graceful Routing Engine switchover, another vendor's router might not receive a line alarm indication signal (AIS) from the routing platform and the APS switchover might fail. [PR/60211: This issue has been resolved.]
If you configure Virtual Router Redundancy Protocol (VRRP), then restart the routing platform or issue the restart chassis-control command, an unexpected VRRP switchover to the backup router might occur. The startup-silent-period statement at the [edit protocols vrrp] hierarchy level has been added to account for delays and interruptions of incoming VRRP advertisements during the interface startup period, and to prevent incorrect alarms from being generated. [PR/60258: This issue has been resolved.]
When you configure ISDN dialer watch on a J-series Services Router, the router does not monitor routes in different routing instances. [PR/60318: This issue has been resolved.]
On ISDN interfaces in a J-series Services Router, if you disable the ISDN signaling and dial-on-demand processes, and then try to reenable them, the dialer filter might not be activated by interesting traffic. [PR/60517: This issue has been resolved.]
On Gigabit Ethernet Intelligent Queuing (IQ) PICs, if you configure the interface to perform VLAN stacking, all MPLS packets with the EXP bits set to 110 might be dropped. [PR/60526: This issue has been resolved.]
On E1 interfaces installed in J-series Services Routers, if you include the framing g704 option at the [edit interfaces e1-fpc/pic/port e1-options] hierarchy level, random early detection (RED) might drop packets prematurely and might prevent the interface from sending traffic at line rate. [PR/60745: This issue has been resolved.]
On Monitoring Services PICs configured for flow collection services, if the Gigabit Ethernet exit interface that leads to the FTP server goes down and comes back up, then you delete the interface configuration, commit the change, roll back the configuration, and recommit, the routing platform might stop operating. [PR/60994: This issue has been resolved.]
For multipoint ATM2 IQ logical interfaces, if you included the plp-to-clp statement at the [edit interfaces at-fpc/pic/port unit logical-unit-number] hierarchy level, the packet loss priority (PLP) setting might not have been copied to the cell loss priority (CLP) bit. The workaround was to configure the statement for the physical interface instead, at the [edit at-fpc/pic/port atm-options] hierarchy level. [PR/61167: This issue has been resolved.]
On ATM2 intelligent queuing (IQ) interfaces, Operation, Administration, and Maintenance (OAM) cells might be placed into the second-highest priority trail termination point (TTP) queue instead of the highest as expected. [PR/61188: This issue has been resolved.]
On M7i and M10i routers configured for L2TP, if the router receives a second Password Authentication Protocol (PAP) authentication request while the first PAP authentication request is being processed, the L2TP process (l2tpd) might dump core and stop operating. [PR/61207: This issue has been resolved.]
If you configure T1 virtual tributaries on Channelized OC12 Intelligent Queuing (IQ), Channelized OC3 IQ, or Channelized DS3 IQ PICs, then issue the show interfaces command, the interfaces erroneously appear to be operational when in fact they are not. In some cases, the T1 channels might report loss of frame (LOF), alarm indication signal (AIS), and yellow (YLW) errors. Although these errors appear to increment the counters in the output of the show interfaces command, alarms are never generated by the router and the DS1 alarms: field displays none. [PR/61251: This issue has been resolved.]
You might not be able to configure a VLAN identifier larger than 4025 at the [edit interfaces interface-name-fpc/pic/port unit logical-unit-number vlan-tags (inner | outer) tag-protocol-id.vlan-id] hierarchy level. [PR/61404: This issue has been resolved.]
On a virtual loopback tunnel interface (vt), when you configure the bandwidth rate statement at the [edit interfaces interface-name unit logical-unit-number] hierarchy level and commit the configuration, the output from the show interfaces interface-name operational mode command does not display the modified bandwidth. [PR/61499: This issue has been resolved.]
M-series routers configured with Automatic Protection Switching (APS) might not interoperate correctly with other vendors' routers configured with FRF.16. [PR/61693: This issue has been resolved.]
On T-series routing platforms, if the Switch Processor Mezzanine Board (SPMB) on the master Routing Engine fails, a switchover to the standby Routing Engine might not occur and the routing platform might stop forwarding packets. [PR/61910: This issue has been resolved.]
On a virtual loopback tunnel interface (vt), when you configure the bandwidth rate statement at the [edit interfaces interface-name unit logical-unit-number] hierarchy level and commit the configuration, the bandwidth rate is not changed. [PR/61949: This issue has been resolved.]
On Adaptive Services PICs installed in a routing platform not configured for graceful Routing Engine switchover, if you use a next-hop style service set to establish an IPSec tunnel in a VPN routing and forwarding (VRF) instance, then issue the request chassis routing-engine master switch command a few times, an attempt to ping across the IPsec tunnel might fail. [PR/62073: This issue has been resolved.]
For Channelized IQ PICs installed in M40e and M160 routers, the default physical interface MTU might have been more restrictive than was necessary. To resolve this, the default physical interface MTU for these interfaces has been increased to 9192 bytes. [PR/62104: This issue has been resolved.]
On Monitoring Services II PICs configured for flow collection services, when files are completely transferred from the flow collector interface to a destination server but the corresponding FTP connection has not been terminated correctly, some files might remain on the PIC. [PR/62146: This issue has been resolved.]
In a routing matrix, if you take the line-card chassis (LCC) offline and online, then issue the show chassis alarms and show chassis environment scg commands on the TX Matrix platform, the SONET Clock Generator (SCG) might appear to be offline when it is actually powered up and online. There is no operational impact. [PR/62414: This issue has been resolved.]
On an M-series router, when you issue the commit command on a large configuration (greater than 2 megabytes) that contains one or more ATM interfaces set to promiscuous mode, the commit operation might hang. As a workaround, remove the promiscuous mode option from the ATM interfaces and reissue the commit command. [PR/62610: This issue has been resolved.]
On Gigabit Ethernet PICs with small form-factor pluggable transceivers (SFPs), if the interface experiences link-down detection delays of up to 1 second, the operation of fast reroute might be affected. [PR/62682: This issue has been resolved.]
When you configure a large number of ATM virtual circuits (VCs), Operation, Administration, and Maintenance (OAM) processing might become bursty. In rare cases, if very large bursts happen at the same time as an anomaly in alarm indication signal (AIS)/remote defect indication (RDI) cell reception, OAM processing might stop operating after several days. [PR/62719: This issue has been resolved.]
For Adaptive Services (AS) PICs installed in M10i routers, if you configure flow monitoring and PIC sampling, then the router experiences heavy traffic conditions, the AS PIC might stop operating. [PR/63420: This issue has been resolved.]
When you configure Automatic Protection Switching (APS)/Multiplex Section Protection (MSP) in nonrevertive mode, if you take the working interface offline, traffic correctly switches to the protect interface. However, when you bring the working interface back online, the protect interface might go down and up. [PR/63648: This issue has been resolved.]
On Channelized DS3 Intelligent Queuing (IQ) PICs, if you connect the interfaces to another vendor's digital access cross-connect system (DACS), the output of the show interfaces command for the Channelized T3 controller interface might display the Physical interfaces: field as “Physical link is Down” and the Active alarms: field as “FERF”. In addition, T1 channels might appear to be down and not generate any T1 alarms. [PR/63666: This issue has been resolved.]
On Gigabit Ethernet Intelligent Queuing (IQ) PICs and Gigabit Ethernet PICs with small form-factor pluggable transceivers (SFPs), if you configure the interfaces with Virtual Router Redundancy Protocol (VRRP) and a tag protocol ID of 0x9100, VRRP might not work. [PR/63816: This issue has been resolved.]

General Routing

If you disable unicast reverse-path forwarding (RPF) on an interface, the routing protocol process (rpd) might restart. [PR/41964: This issue has been resolved.]
When you configure a BGP group that uses allow statements and a routing table group in any address family, then change the rib-group configuration, memory corruption might occur and the routing protocol process (rpd) might restart. [PR/61019: This issue has been resolved.]
If the router ID is not explicitly configured on a J-series Services Router, the OSPF routing process might select an incorrect router ID. To configure the router ID, include the router-id statement at the [edit routing-options] hierarchy level. [PR/61112: This issue has been resolved.]
When a generated route has a contributing route with an indirect next hop, the routing protocol process (rpd) might restart unexpectedly. [PR/63208: This issue has been resolved.]

Routing Protocols

For OSPF networks, when you commit a configuration change, the Age field in the output from the show route detail command is reset to 0. [PR/22719: This issue has been resolved.]
When you remove an IP multicast scope definition by deleting either the interface interface-names or prefix destination-prefix statement at the [edit routing-options multicast scope scope-name] hierarchy level, and you commit the change, the scope definition might not be deleted from the configuration. As a workaround, issue the restart routing command to clear the multicast scope definition. [PR/45355: This issue has been resolved.]
When you configure the routing platform as an automatic rendezvous point (auto-RP) mapping agent, it might fail to interoperate with other vendors' routers that follow a strict implementation of the auto-RP specification. [PR/60391: This issue has been resolved.]
On a broadcast link with a single neighbor, when the neighbor initiates an OSPFv3 graceful restart operation, the restart might be terminated at the point when the local router assumes the role of a helper. At this point, the prefix on the broadcast link is moved from the link's transit intra-area-prefix link-state advertisement (LSA) to the local router's intra-area-prefix LSA. A change in the LSA is considered a topology change, which terminates the neighbor's restart operation. [PR/60629: This issue has been resolved.]
If you configure RIPv2 on logical interfaces between a customer edge (CE) router and a provider edge (PE) router in a Layer 3 VPN, some of the packets might be malformed. As a workaround, deactivate the neighbor and reactivate it. [PR/60759: This issue has been resolved.]
If you configure a routing platform as a provider edge (PE) router and a BGP route reflector or AS boundary router, then configure a routing table group in a VPN routing and forwarding (VRF) instance to share unicast routes with the instance.inet.2 routing table (used for multicast reverse path forwarding [RPF] information), and if you advertise these routes to the BGP inet-vpn multicast family, the routing protocol process (rpd) might restart. [PR/61005: This issue has been resolved.]
When you deactivate an IP multicast scope policy with the deactivate routing-options multicast scope-policy policy-name configuration mode command, the policy might still appear in the output of the show multicast scope operational mode command. [PR/61063: This issue has been resolved.]
If the routing platform receives a multicast prune message from another vendor's router that is a single neighbor on a LAN segment, the routing platform might not immediately stop sending multicast traffic to the neighbor as it should. [PR/61067: This issue has been resolved.]
If you configure a flow route and include the maximum-routes statement at the [edit routing-options rib inetflow.0] hierarchy level, when the routing platform receives a group of routes that exceeds the maximum, the routing protocol process (rpd) might dump core and stop operating. [PR/61239: This issue has been resolved.]
If you configure a multicast scope policy in PIM sparse mode, the PIM encapsulation (pe) interface might not be added to the downstream interface list and the designated router (DR) might not be able to send register packets to the rendezvous point (RP). [PR/61287: This issue has been resolved.]
If an adjacent router does not send the Protocols Supported type-length-value (TLV) in its IS-IS hello packets (number 129), IS-IS does not calculate CLNS routes for the adjacency. [PR/61632: This issue has been resolved.]
If the routing platform generates an OSPFv3 indication link-state advertisement (LSA) that conflicts with the router ID, the routing protocol process (rpd) might stop operating. [PR/62194: This issue has been resolved.]
If you configure a PIM rendezvous point in a routing instance and use an address that is invalid in the inet.0 routing table (for example, an address included at the [edit routing-options martians] hierarchy level), the configuration fails to commit. [PR/62290: This issue has been resolved.]
If you configure a Fast Ethernet or Gigabit Ethernet interface as an OSPF point-to-point interface by including the p2p statement at the [edit protocols ospf area area-number interface interface-name interface-type] hierarchy level, and include this interface in a not-so-stubby-area (NSSA), routes containing a next hop across the interface might not be reachable. [PR/62423: This issue has been resolved.]
You might not be able to configure BGP group and neighbor descriptions containing more than 126 characters. To resolve this issue, the maximum description length has been increased to 254 characters. [PR/62445: This issue has been resolved.]
When a multicast router reboots and stops being the designated router (DR) on a LAN interface, a <*,g> PIM upstream state entry might not be updated and might cause traffic to be pruned incorrectly. [PR/62992: This issue has been resolved.]
If a PIM multicast router does not succeed in an assert and receives an <S,G> Join message containing its own upstream interface address, the assert timer is not cleared. [PR/63150: This issue has been resolved.]
If you issue the show route advertising-protocol msdp command, the routing protocol process (rpd) might restart. As a workaround, issue the more specific show route table inet.4 advertising-protocol msdp command. [PR/63375: This issue has been resolved.]
If the routing platform receives an inet-flow route with a 0/0 prefix length, the routing protocol process (rpd) might stop operating. [PR/63520: This issue has been resolved.]
If you disable Multicast Source Discovery Protocol (MSDP) in a configuration, then make routing-related changes to the configuration and issue two commits, the routing protocol process (rpd) might restart. As a workaround, deactivate or remove MSDP from the configuration. [PR/63576: This issue has been resolved.]

MPLS Applications

When you configure fast reroute or link protection, the routing platform might not support the FAST_REROUTE object for facility backups or acknowledge flags in the Session attribute. To resolve this, the JUNOS software now supports these requirements of RFC 4090. [PR/59554: This issue has been resolved.]
If you configure traffic-engineering shortcuts for IS-IS, an IP hop-by-hop path might be preferred for a short time even though an RSVP LSP path is available. This temporary problem corrects itself within a few seconds. As a workaround, configure appropriate metrics on the MPLS LSPs. [PR/61894: This issue has been resolved.]
If the routing platform reoptimizes the Constrained Shortest Path First (CSPF) algorithm after one of the current MPLS LSP transit links goes down, the value of the CSPF metric: field in the output of the show mpls lsp name detail command might be lower than expected and future CSPF recomputations might not find a shorter path. [PR/64059: This issue has been resolved.]

VPNs

In an IPv6 over IPv4 tunnel network, when the routing platform rewrites a next hop to an interface address, it does not rewrite the associated BGP or VPN label. [PR/57930: This issue has been resolved.]
When the routing platform uses labeled BGP to advertise reachability to destinations connected by indirect next hops, the MPLS transit route added by BGP might not track the forwarding next-hop changes on the indirect next hops correctly. [PR/61225: This issue has been resolved.]
If you issue a Layer 2 VPN or VPLS MIB walk of the pseudowire table, the routing protocol process (rpd) might stop operating. [PR/61626: This issue has been resolved.]
If Layer 3 VPN interface up/down events occur, Layer 3 VPN interface up/down traps might not be sent. [PR/63071: This issue has been resolved.]

Class of Service

On J-series Services Routers, even if you oversubscribe a T1 interface that is part of a multilink PPP (MLPPP) bundle, the output of the show interfaces queue ls-fpc/pic/port and show interfaces queue t1-fpc/pic/port commands might not display any queue drops. [PR/57516: This issue has been resolved.]
On 1-port 10-Gigabit Ethernet or 10-port Gigabit Ethernet interfaces installed in T-series and M320 routing platforms, if you include the ieee-802.1 statement at the [edit class-of-service interfaces ge-fpc/pic/port unit logical-unit-number rewrite-rules] hierarchy level, class-of-service (CoS) IEEE VLAN rewrite rules might not work. [PR/59493: This issue has been resolved.]

Forwarding and Sampling

When output packet filtering is performed on packets generated by the Routing Engine, the egress interface might be mistaken for the ingress interface. [PR/60726: This issue has been resolved.]
When the routing platform updates the /var/etc/rpd.record file, if a partial write occurs and the file is corrupted, the sampling process (sampled) might dump core. [PR/61616: This issue has been resolved.]
If you upgrade a routing platform that has a configuration with prefix lists containing the except option in the firewall filter and the apply-path statement in the policy options, the configuration fails the upgrade validation check. As a workaround, configure the prefix list manually instead of using the apply path, or include at least one manually added entry in the prefix list in addition to the apply-path statement. [PR/61965: This issue has been resolved.]

Routing Policy and Firewall Filters

If you reference an unused routing table in a policy statement, then issue the commit command several times, the policy might become corrupt and display the name of the routing table incorrectly. [PR/63351: This issue has been resolved.]

Network Management

When a subagent (SA) control block is not found and a duplicate request is filtered, the SNMP process might leak memory. [PR/58353: This issue has been resolved.]
If you issue an SNMP request to query LDP MIB statistics (jnxLdpStats), the request might time out. [PR/62109: This issue has been resolved.]

[Contents] [Prev] [Next] [Report an Error]