Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Known Issues

 

This section lists the known issues in hardware and software in Junos OS Release 15.1R7 for the ACX Series Universal Metro Routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service

  • When the rewrite-rules statement is configured with the dscp or the inet-precedence options at the [edit class-of-service interfaces] hierarchy level, the expectation is that the DiffServ code point (DSCP) or IPv4 precedence rewrite rules take effect only on IP packets. However, in addition to the IP packets, the DSCP or IPv4 rewrite takes effect on the IP header inside the Ethernet pseudowire payload as well. This is not applicable for ACX4000 router. PR664062

  • In an ACX4000 router, whenever the scheduling and shaping parameters of a port or any of its queues are changed, the entire scheduling configuration on the port is erased and the new configuration is applied. During the time when such a configuration change is taking place, the traffic pattern does not adhere to user parameters. It is recommended that the scheduling configurations are done much earlier before live traffic. PR840313

  • The VLAN packet loss priority (PLP) is incorrectly set when untagged VLAN frames are received on the ingress interface with DSCP or IP precedence classification enabled and the NNI (egress) interface does not contain IEEE 802.1p rewrite rules. PR949524

  • On the ACX4000 router, when class of service is not configured, traffic egressing out of the UNI port is going through all the queues instead of a default queue with code point 000. This issue is seen with the 500 pseudowire. As a workaround, you can use the following CLI command to avoid this issue:

    user@host# set class-of-service system-defaults classifiers exp default

    PR1123122

CoS limitations on PPP and MLPPP interfaces

The following are the common limitations on PPP and MLPPP interfaces:

  • Traffic loss is observed when a CoS configuration is changed.

  • Scheduling and shaping feature is based on CIR-EIR model and not based on weighted fair queuing (WFQ) model.

  • The minimum transmit rate is 32 Kbps and the minimum supported rate difference between transmit rate and shaping rate is 32 Kbps.

  • Buffer size is calculated based on the average packet size of 256 bytes.

  • Low and High are the only loss priority levels supported.

  • The mapping between forwarding class and queue is fixed as follows:

    • best-effort is queue 0

    • expedited-forwarding is queue 1

    • assured-forwarding is queue 2

    • network-control is queue 3

The following are the specific CoS limitations on MLPPP interfaces:

  • Percentage rate configuration is not supported for shaping and scheduling. Rate configuration is only supported in terms of bits per second.

  • Buffer size is calculated based on a single member link (T1/E1) speed and is not based on the number of member links in a bundle.

  • Supports only transmit-rate exact configuration without fragmentation-map. Shaping and priority will not be supported without fragmentation-map.

  • If fragmentation-map configured, shaping is supported on forwarding class with different priorities. If two or more forwarding classes are configured with the same priority, then only transmit-rate exact is supported for the respective forwarding class.

  • Supports only one-to-one mapping between a forwarding class and a multiclass. A forwarding class can only send traffic corresponding to one multiclass.

The following is the specific CoS limitation on PPP interfaces:

  • The distribution of excess rate between two or more queues of same priority happens on a first-come first-served basis. The shaping rate configured on the respective queue remains valid.

EVPN

  • ACX1000/ACX2000/ACX4000 Series routers do not support EVPN. PR1208248

Firewall Filters

  • In ACX Series routers, the following Layer 2 control protocols packet are not matched (with match-all term) by using the bridge family firewall filter applied on a Layer 2 interface:

    • Slow-Protocol/LACP MAC (01:80:c2:00:00:02)

    • E-LMI MAC ((01:80:c2:00:00:07)

    • IS-IS L2 MAC (01:80:c2:00:00:14/09:00:2B:00:00:14)

    • STP BPDU (01:80:c2:00:00:00)

    • VSTP BPDU (01:00:0C:CC:CC:CD)

    • LLDP/PTP (01:80:c2:00:00:0E)

    When layer rewrite is configured:

    • VTP/CDP (01:00:0C:CC:CC:CC)

    • L2PT RW MAC (01:00:0C:CD:CD:D0)

    • MMRP (01:80:C2:00:00:20)

    • MVRP (01:80:C2:00:00:21)

    As a workaround, to match the Layer 2 control packet flows with a bridge family filter term, you must explicitly specify the destination MAC match (along with other MAC matches) in the firewall filter term and in the match term. PR879105

  • In ACX Series routers, a firewall filter cannot be applied to a logical interface configured with vlan-id-list or vlan-range. As a workaround, you can configure the interface-specific statement, which can be applied to the bridge, inet, or mpls family firewall filter. PR889182

  • In ACX Series routers, packet drops in the egress interface queue are also counted as input packet rejects under the Filter statistics section in the output of the show interface input-interfaces extensive command when the command is run on the ingress interface. PR612441

  • When the statistics statement is configured on a logical interface—for example, [edit interface name-X unit unit-Y ]; the (policer | count | three-color-policer) statements are configured in a firewall filter for the family any—for example, [edit firewall family any filter filter-XYZ term term-T then] hierarchy level; and the configured filter-XYZ is specified in the output statement of the logical interface at the [edit interface name-X unit unit-Y filter] hierarchy level, the counters from the configuration of another firewall family filter on the logical interface do not work. PR678847

  • The policing rate can be incorrect if the following configurations are applied together:

    • The policer or three-color-policer statement configured in a firewall filter—for example, filter-XYZ at the [edit firewall family any filter filter-XYZ term term-T then] hierarchy level, and filter-XYZ is specified as an ingress or egress firewall filter on a logical interface—for example, interface-X unit-Y at the [edit interface interface-X unit unit-Y filter (input|output) filter-XYZ] hierarchy level.

    • The policer or three-color-policer statement configured in a firewall filter—for example, filter-ABC at the [edit firewall family name-XX filter filter-ABC term term-T then] hierarchy level, and filter-ABC is configured as an ingress or egress firewall filter on a family of the same logical interface interface-X unit-Y at the [edit interface interface-X unit unit-Y family name-XX filter (input|output) filter-ABC] hierarchy level.

    Note

    If one of these configurations is applied independently, then the correct policer rate can be observed.

    PR678950

Interfaces and Chassis

  • Egress maximum transmission unit (MTU) check value of an interface is different for tagged and untagged packets. If an interface is configured with CLI MTU value as x, then the following would be the checks depending on outgoing packet type:

    • Egress MTU value for unatagged packet = x − 4

    • Egress MTU value for single-tagged packet = x

    • Egress MTU value for double-tagged packet = x + 4

    Note

    The ingress MTU check is the same for all incoming packet types.

    There is no workaround available. PR891770

  • In ACX Series routers, when STP is configured on an interface, the detailed interface traffic statistics show command output does not show statistics information but displays the message Dropped traffic statistics due to STP State. However, the drop counters are updated. There is no workaround available. PR810936

  • When the differential-delay number option is configured in the ima-group-option statement at the [edit interfaces at-fpc/pic/ima-group-no] hierarchy level, with a value less than 10, some of the member links might not come up and the group might remain down resulting in traffic loss. A workaround is to keep the differential delay value above 10 for all IMA bundles.PR726279

  • The ACX Series routers support logical interface statistics, but do not support the address family statistics. PR725809

  • BERT error insertion and bit counters are not supported by the IDT82P2288 framer. PR726894

  • All 4x supported TPIDs cannot be configured on different logical interfaces of a physical interface. Only one TPID can be configured on all logical interfaces of a physical interface. But different physical interfaces can have different TPIDs. As a workaround, use TPID rewrite. PR738890

  • The ACX Series routers do not support logical interface statistics for logical interfaces with vlan-list or vlan-range configured. PR810973

  • CFM up-MEP session (to monitor pseudowire service) does not come up when output VLAN map is configured as push on AC logical interface. This is due to a hardware limitation in the ACX4000 router. PR832503

  • For ATM interfaces with atm-ccc-cell-relay and atm-ccc-vc-mux encapsulation types configured, and with shaping profile configured on the interfaces, traffic drop is observed when the configured shaping profile is changed. This problem occurs with 16-port Channelized E1/T1 Circuit Emulation MICs on ACX4000 routers. As a workaround, you must stop the traffic on the Layer 2 circuit before changing any of the traffic shaping profile parameters. PR817335

  • In the case of normalized bridge domain, with double-tagged aggregated Ethernet interface as ingress, the classification based on inner tag does not work for ACX4000. To do classification based on inner tag, configure the bridge domain with explicit normalization and configure input and output VLAN map to match the behavior. PR869715

  • The MAC counter behavior of 10-Gigabit Ethernet is different compared to 1-Gigabit Ethernet.

    On 1-Gigabit Ethernet interfaces, if the packet size is greater than 1518 bytes, irrespective of whether the packet is tagged or untagged, the Oversized counter gets incremented. If the packet has a CRC error, then the Jabber counter gets incremented.

    On 10-Gigabit Ethernet interfaces, if the packet is size is greater than 1518 bytes and the packet is untagged, then the Oversized counter gets incremented. If the packet has a CRC error, then the Jabber counter gets incremented.

    If the packet is tagged (TPID is 0x8100), then the Oversized counter is incremented only if the packet size is greater than 1522 bytes (1518 + 4 bytes for the tag). The Jabber counter is incremented only if the packet size is greater than 1522 bytes and the packet has a CRC error.

    The packet is considered as tagged if the outer TPID is 0x8100. Packets with other TPIDs values (for example, 0x88a8, 0x9100, or 0x9200) are considered as untagged for the counter. There is no workaround available. PR940569

  • Layer 2 RFC2544 benchmarking test cannot be configured to generate dual-tagged frames when the UNI interface is configured for the QnQ service. This occurs when the input VLAN map push is configured on the UNI interface. There is no workaround available. PR946832

  • After running RFC2544 tests, PTP stops working when the tests are performed on the same router. A workaround is to reboot FEB after running the RFC2544 tests. PR944200

  • When an ACX1100 router with AC power is configured as PTP slave or boundary clock, the router does not achieve PTP accuracy within the specification (1.5 us), even if the PTP achieves the state Phase Aligned. PR942664

  • Layer 2 RFC2544 benchmark test fails for packet sizes 9104 and 9136 when the test bandwidth is less than 10-MB and the NNI interface link speed is 10-MB. This behavior is also seen when the 10-MB policer or shaper is configured on the NNI interface. The issue will not be seen if the egress queue is configured with sufficient queue buffers. PR939622

  • Limitations on logical tunnel interfaces—The following limitations apply when you configure logical tunnel (LT) interfaces in ACX Series Universal Metro Routers:

    • ACX router supports a total of two LT interfaces in a system, one of bandwidth 1G and another of bandwidth 10G.

    • The bandwidth configured on the LT interface is shared between upstream and downstream traffic on that interface. The effective available bandwidth for the service is half the configured bandwidth.

    • Supported encapsulations on LT interface are ethernet-bridge, ethernet-ccc, vlan-bridge, vlan-ccc.

    • Total number of LT logical interfaces supported on a router is 30.

    • If an LT interface with bandwidth 1G is configured and port-mirroring is also configured on the router, then LT physical interface statistics may not be accurate for that LT interface.

    • Default classifiers are not available on the LT interface if a non-Ethernet PIC is used to create the LT interface.

    • LT interfaces do not support protocol configuration.

  • ACX Series routers do not support chassis-scheduler but reports chassis scheduler-related messages and error logs on the PFE. This message does not have any impact on the traffic. PR1000296

  • On ACX Series routers, when link-speed is configured, the aggregate interface goes down permanently after reboot. PR1022248

Integrated Routing and Bridging

The following are the limitations on integrated routing and bridging (IRB) for ACX Series Universal Metro Routers.

At the IRB device level, the following limitations apply:

  • Behavior aggregate (BA) classifiers are not supported

  • Statistics are not supported.

On an IRB logical interface, the following limitations apply:

  • Statistics and Layer 2 policers are not supported

  • Only inet and iso families are supported

On an IRB logical interface family inet, the following limitations apply:

  • Policer, rpf-check, and dhcp-client are not supported

When firewall is applied on an IRB logical interface family inet, the following limitations apply:

  • Default (global) filters are not supported.

  • Supports only accept, forwarding-class, and loss-priority actions.

  • Supports only input filters

Interface Limitations—IRB configurations supports a maximum of 1000 logical interfaces on a box.

Class-of-service Limitations—The following are CoS limitations for IRB:

  • Maximum of 16 fixed classifiers are supported. Each classifier consumes two filter entries and is shared with RFC 2544 sessions. Total number of shared filter entries is 32.

  • Maximum of 64 multifield filter classifiers are supported. Each classifier takes two filter entries. Total 128 entries are shared between family inet based classifiers on IRB and normal Layer 3 logical interfaces.

  • Maximum 24 forwarding class and loss priority combinations can be rewritten. Each rewrite rule takes single entry from egress filters. Total of 128 entries are shared by rewrite-rules and all other output firewall filters.

  • IRB rewrite is supported only on the ACX4000 Series router.

Firewall Limitations—The following are the firewall limitations for IRB:

  • IRB supports only family inet filters.

  • Only interface-specific and physical-interface specific filters are supported.

  • Only forwarding-class and loss-priority actions are supported, other actions are not supported.

Layer 2 Services

Limitations on Layer 2 bridging

The following Layer 2 bridging limitations apply for ACX Series Universal Metro Routers:

  • A bridge domain cannot have two or more logical interfaces that belong to the same physical interface.

  • A bridge domain with dual VLAN ID tag is not supported.

  • The following input VLAN map functions are not supported because the bridge domain should have a valid service VLAN ID after normalization:

    • pop-pop on double-tagged logical interface.

    • pop on a single-tagged logical interface.

    • VLAN map with VLAN ID value set to 0.

  • swap-push and pop-swap VLAN map functions are not supported.

  • The maximum number of supported input VLAN maps with TPID swap is 64.

  • MAC learning cannot be disabled at the logical interface level.

  • MAC limit per logical interface cannot be configured.

  • All STP ports on a bridge domain must belong to the same MST (multiple spanning tree) instance.

  • If a logical interface is configured with Ethernet bridge encapsulation with push-push as the input VLAN map, normalization does not work when single-tagged or double-tagged frames are received on the logical port. Untagged frames received on the logical interface are normalized and forwarded correctly.

  • On a priority-tagged logical interface with the output VLAN map function pop, egress VLAN filter check does not work.

  • Output VLAN map function push cannot work on a dual-tagged frame egressing a logical interface.

  • In a bridge domain configured with vlan-id statement, when a dual-tagged frame enters a non-dual-tagged logical interface and exits a dual-tagged logical interface, the VLAN tags are not translated correctly at egress.

Limitations on integrated routing and bridging

The following integrated routing and bridging (IRB) limitations apply for ACX Series Universal Metro Routers:

At the IRB device level, the following limitations apply:

  • Behavior aggregate (BA) classifiers are not supported

  • Statistics are not supported.

On an IRB logical interface, the following limitations apply:

  • Statistics and Layer 2 policers are not supported

  • Only inet and iso families are supported

On an IRB logical interface family inet, the following limitations apply:

  • Policer, rpf-check, and dhcp-client are not supported

When firewall is applied on an IRB logical interface family inet, the following limitations apply:

  • Default (global) filters are not supported.

  • Supports only accept, forwarding-class, and loss-priority actions.

  • Supports only input filters

MPLS Applications

  • The scaling numbers for pseudowires and MPLS label routes published for the ACX Series routers are valid only when the protocols adopt graceful restart. In case of non-graceful restart, the scaling numbers would become half of the published numbers. PR683581

  • The following error message is seen when multiple MPLS service scale configuration is replaced with another multiple MPLS service scale configuration:

    This does not have any functional impact. PR1093326

Network Management

  • In a connectivity fault management (CFM) up-mep session, when a remote-mep error is detected, the local-mep does not set the RDI bit in the transmitted continuity check messages (CCM). This problem is not seen in ACX4000 routers and in down-mep sessions. There is no workaround available. PR864247

  • The ACX Series routers do not support the configuration of RPM probes to a routing instance along with the configuration of the hardware-timestamp statement at the [edit services rpm probe owner test test-name] hierarchy level. PR846379

Statistics

  • ACX Series routers do not support route statistics per next hop and per flow for unicast and multicast traffic. Only interface-level statistics are supported.

  • The show multicast statistics command is not supported on ACX Series routers. PR954273

Timing and Synchronization

  • When you use the replace pattern command to toggle from a secure slave to an automatic slave or vice versa in the PTP configuration of a boundary clock, the external slave goes into a freerun state. The workaround is to use the delete and set commands instead of the replace pattern command. PR733276

  • When you configure PTP over IPv4 with a dual logical interface path on the same physical interface, some of the routers in the ring get stuck in a FREERUN mode. This happens while switching from a primary logical interface path to a secondary logical interface path. PR1134121