Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
[+] Expand All
[-] Collapse All

Known Behavior

The following are changes in known behavior in Junos OS Releases 14.1X53 for the EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service

  • On EX4550 switches, 128-byte packets are dropped if the CPU is at 97 percent load or greater. Packets of different sizes are not dropped under these conditions. PR1057408

High Availability

  • On an EX4300 Virtual Chassis that has performed a nonstop software upgrade (NSSU), multicast traffic is dropped for approximately ten minutes immediately after the NSSU because multicast groups do not immediately refresh. PR1033594
  • During a nonstop software upgrade (NSSU) on an EX4300 Virtual Chassis, a traffic loop or loss might occur if the Junos OS software version that you are upgrading and the Junos OS software version that you are upgrading to use different internal message formats. PR1123764
  • On an EX4300 or a QFX5100 Virtual Chassis, when you perform an NSSU, there might be more than five seconds of traffic loss for multicast traffic. PR1125155
  • On EX8200 Virtual Chassis, traffic might be lost for multicast and Layer 3 protocols (such as RIP, OSPF, BGP, and VRRP) during a nonstop software upgrade (NSSU). PR1185456
  • In a rare scenario, GRES might not reach the ready state and might fail to start, because the Routing Engine does not receive the state ack message from the Packet Forwarding Engine after performing GRES. This is a timing issue. It might also stop Routing Engine resource releasing and then cause resource exhausting. Reboot the system if this problem occurs. PR1236882


  • On an EX4200 switch, you might see permanent ARP entries in the ARP table, even if for those entries there is no static MAC set. During the time of issue, the connectivity to those hosts might be lost. PR1258489
  • On QFX5100, returns an error message for the following SNMP walk: show snmp mib walk decimal 1.2.840.10006.300.43.1.2. As a workaround, restart the MIB process using the CLI command restart mib-process. PR1276501

Interfaces and Chassis

  • On an EX4300 switch, if you disable autonegotiation on an interface, auto-MDIX is disabled at the same time.
  • On EX4200 and EX4500 switches, if you configure an IPv4 GRE interface on an IPv6 interface, the GRE tunnel might not work properly. Traffic is not forwarded through the tunnel. PR1008157
  • If a transceiver is removed from a port on a QFX5100, QFX3600, or EX4300 switch within 30 seconds of converting the port into a Virtual Chassis port (VCP), the port might not get initialized as a VCP. PR1029829
  • When an EX4600 or QFX5100 switch is downgraded from Junos OS Release 14.1X53-D15 or later to Junos OS Release 14.1X53-D10 or earlier, the 40-Gbps Ethernet interfaces on QSFP+ transceivers might not return to the up state. As a workaround, power cycle the switch after the Junos OS upgrade. PR1061213

    On 40-gigabit links between EX4300 and QFX5100 switches, you must disable auto-negotiation on both ends of the link for the interfaces to remain up. On each switch, issue the set interface et-x/y/z ether-options no-auto-negotiation command. Also, because auto-negotiation is disabled, you must also explicitly configure the link-mode and speed options on those interfaces. PR1118318

  • On an EX4300 switch or an EX4300 Virtual Chassis that has a generic routing encapsulation (GRE) tunnel configured on an integrated routing and bridging interface (IRB), the associated GRE statistical counters might not be updated after the GRE interface is deactivated and then reactivated. PR1183521
  • On EX4300 switches, an aggregated interface goes down if the AE member VLAN is a PVLAN and LACP is enabled. PR1264268
  • Configuring link aggregation group (LAG) hashing with the [edit forwarding-options enhanced-hash-key] inet vlan-id statement uses the VLAN ID in the hashing algorithm calculation. On some switching platforms, when this option is configured for a LAG that spans FPCs, such as in a Virtual Chassis or Virtual Chassis Fabric (VCF), packets are dropped due to an issue with using an incorrect VLAN ID in the hashing algorithm. As a result, the vlan-id hashing option is not supported in a Virtual Chassis or VCF containing any of the following switches as members: EX4300, EX4600, QFX3500, QFX3600, QFX5100, or QFX5110 switches. Under these conditions, use any of the other supported enhanced-hash-key hashing configuration options instead. PR1293920


  • On an EX4300 Virtual Chassis, if you use the J-Web user interface to request support information for all members at the same time, the switch might not be able to retrieve the information. As a workaround, request support information for each member one at a time.
  • In the J-Web interface, you cannot commit some configuration changes in the Ports Configuration page or the VLAN Configuration page because of the following limitations for port-mirroring ports and port-mirroring VLANs:
    • A port configured as the output port for an analyzer cannot be a member of any VLAN other than the default VLAN.
    • A VLAN configured to receive analyzer output can be associated with only one interface.


  • In the J-Web interface for EX4500 switches, the Ports Configuration page (Configure > Interfaces > Ports), the Port Security Configuration page (Configure > Security > Port Security), and the Filters Configuration page (Configure > Security > Filters) display features that are not supported on EX4500 switches. PR525671
  • The J-Web interface does not support role-based access control; it supports only users in the super-user authorization class. Therefore, a user who is not in the super-user class, such as a user with view-only permission, is able to launch the J-Web interface and can configure everything, but the configuration fails on the switch, and the switch displays access permission error messages. PR604595
  • On an EX3300 Virtual Chassis, if you use the J-Web interface to request support information for all members at the same time, the switch might not be able to retrieve the information. As a workaround, request support information for each member one at a time. PR911551
  • In the Maintain > Update J-Web page, Select Application package > Update J-Web> local file does not work in Microsoft IE9 and later releases, due to default security options set on IE9 and later releases. As a workaround, increase the security level by using one of the following methods:

    Method 1:

    1. Navigate to Internet Options > Security.
    2. Select the zone Local intranet.
    3. Click the custom level button.
    4. Disable the option Include local directory Path when uploading file to the server in the Settings > miscellaneous section.
    5. Repeat Steps 3 and 4 for the zone Internet.

    Method 2:

    • Navigate to Internet Options > Security > Custom level... and set Reset custom settings to Medium-High or High. This automatically disables the option Include local directory Path when uploading file to the server under the Settings > miscellaneous section.


  • When you try to commit your changes to the switch from your laptop by using the EZsetup procedure, the status of the commit operation is displayed as Success, even if the laptop is disconnected from the switch. As a workaround, reconnect your laptop to the switch and commit the changes again. PR866976
  • In the Monitor > Interface page, the background color of the graph changes after refresh. No workaround is required because this issue does not affect functionality. PR994915
  • J-Web software does not compare for appropriateness of the Application package or restrict you from installing an inappropriate Application package on top of a Platform or Application package. As a workaround, install the appropriate J-Web package. PR1006208
  • The J-Web interface does not display CLI generated certificates in the Certificate section in the Management Access Configuration page (Configure > System Properties > Management Access). Using J-Web interface you cannot create or edit certificates. As a workaround, use the CLI interface for accessing certificate related configurations. PR915069
  • If you uninstall the J-Web Platform package by using CLI, reinstalling the Application package will not restore J-Web. As a workaround, reinstall Junos OS software. PR1026308
  • On EX4300 switches, the structured data format for system log messages is not supported in the J-Web interface. If system log messages are configured to be written in structured data, the event logs in J-Web will not be populated, and you will not be able to view them using Monitor > Events and Alarms > View Events. As a workaround, use the show log operational mode command for viewing structured-data format files. PR959505
  • In the J-Web interface, the Ethernet Switching Monitor page (Monitor > Switching > Ethernet Switching) might not display monitoring details if the switch has more than 13,000 MAC entries. PR425693
  • In mixed EX4200 and EX4500 Virtual Chassis, the J-Web interface does not list the features supported by the backup or linecard members. Instead, it lists only the features supported by the master. PR707671
  • If a Virtual Chassis contains more than six members, the Support Information page (Maintain > Customer Support > Support information) might not load. PR777372

Layer 3 Protocols

  • On EX3300 switches, when there are multiple open Telnet or SSH sessions, the switch might become unresponsive. PR1029340


  • FRR convergence times over pseudo interfaces (aggregate) might be larger than over physical interfaces. PR976737
  • In a scaled configuration for MPLS FRR and L2 circuit, the convergence time for FRR might increase. For L2 circuit, there might be packet drops. PR1016146
  • When link-protection, node-link-protection, or fast reroute is configured on high-traffic MPLS label-switched paths (LSPs), a traffic convergence delay of 680 ms to 1.5 s might occur. (Link protection provides protection against a link failure along an RSVP label-switched path. Node-link protection establishes a bypass label-switched paths (LSP) through a different device. Fast reroute provides redundancy for an LSP path.) PR1039717
  • Up to 100 pseudowires are supported in active/backup configuration (cold standby). When more than 100 pseudowires are configured, traffic might not be forwarded correctly under certain scenarios. PR1048500

Multicast Protocols

  • On EX4300 switches, executing the show igmp snooping membership CLI command continuously while IGMP groups are being processed results in some groups not being displayed in the output. CPU utilization also increases significantly when this command is executed when there are more than 1000 groups. As a workaround, issue the show igmp snooping membership command with filters such as group or interface. This is a known software limitation. PR914908
  • On an EX4550 switch, if you configure IGMP on all interfaces and create a large number of multicast groups, the maximum scale for IGMP can be achieved on some interfaces, but not on all interfaces. PR1025169

Network Management

  • On EX2200 switches, remote MEP flaps might occur every 30 to 200 seconds because of processing delays and lead to iterator delay measurement statistic resets. All delay system measurements remain valid when this issue occurs. As a workaround, use an iterator count of less than 30. PR1005819

Port Security

  • Framing errors on a MACSec-enabled interface might be seen when an AN number is refreshing. We recommend that you enable flow control on MACSec-enabled interfaces to reduce the number of framing errors. PR1261567

Routing Policy and Firewall Filters

  • On EX4300 switches, if you configure a firewall filter policer with action forwarding-class on an egress filter, the software might allow the configuration to commit although that action is not supported. PR1104868

Routing Protocols

  • The device does not properly process a Neighbor Solicitation sent to its Subnet-Router Anycast address. PR693235

Virtual Chassis and Virtual Chassis Fabric

  • When an EX4300 switch is removed from a Virtual Chassis by deleting the Virtual Chassis port (VCP) connecting the switch to the Virtual Chassis, the EX4300 switch splits from the Virtual Chassis. To add the EX4300 switch back into the Virtual Chassis, enter the request virtual-chassis reactivate command to take the switch out of linecard mode and then enter the request virtual-chassis vc-port set pic-slot slot-number port port-number command to create the VCP. PR1013386
  • On a Virtual Chassis with three EX2200 switch members, if you configure more than eight link aggregation groups (LAGs) and eight interfaces per LAG bundle, the LACP links might transition down and up continuously. As a workaround, configure eight or fewer LAGs and eight interfaces per LAG bundle instead. PR1030809

Modified: 2017-11-29