Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Known Issues


This section lists the known issues in hardware and software in Junos OS Release 17.1R2 for the EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Authentication, Authorization, and Accounting (AAA) (RADIUS)

  • On EX9200 and EX4300 switches, 802.1X supplicants might not be reauthenticated by server fail fallback authentication after the server becomes reachable. PR1157032

  • On EX4300 switches, when 802.1X single-supplicant authentication is initiated, multiple "EAP Request Id Frame Sent" packets might be sent. PR1163966

High Availability (HA) and Resiliency

  • During a nonstop software upgrade (NSSU) on an EX4300 Virtual Chassis, a traffic loop or loss might occur if the Junos OS software version that you are upgrading and the Junos OS software version that you are upgrading to use different internal message formats. PR1123764

  • On an EX4300 or a QFX5100 Virtual Chassis, when you perform an NSSU, there might be more than five seconds of traffic loss for multicast traffic. PR1125155

  • In a rare scenario, GRES might not reach the ready state and might fail to start, because the Routing Engine does not receive the state ack message from the Packet Forwarding Engine after performing GRES. This is a timing issue. It might also stop Routing Engine resource releasing and then cause resource exhausting. Reboot the system if this problem occurs. PR1236882


  • On an EX4300 egress VLAN-based firewall filter on a Q-in-Q interface, after a switch reboot, firewall counters might not increment as expected. PR1165450

Interfaces and Chassis

  • On EX Series platforms with a Junos OS release 15.1R1 or later, LLDP PDU gets dropped on the FXP interface. PR1188342

  • On EX Series Virtual Chassis that support PoE, when the master Routing Engine member is rebooted, PoE devices connected to the master might not come back online after the reboot. As a workaround to avoid this issue, when configuring PoE interfaces, use the set poe interface all configuration command instead of configuring specific interfaces individually. To recover connections after seeing this issue, disable and reenable the ports affected by the issue. PR1203880

Junos Fusion Enterprise

  • On a Junos Fusion Enterprise, Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) fast start does not work. PR1171899

  • Loss of connectivity of the link connecting the standalone box might lead to conversion failure from Junos OS to SNOS. PR1232798

  • On a Junos Fusion Enterprise, in order to use a non-default port as a clustering port in a clustering port policy, the policy must include at least one port that is a default uplink/clustering port for that platform. PR1241808

  • On a Junos Fusion Enterprise, the satellite device might not come online when the systems is converted from cluster to non-cluster mode without accompanying topology changes. PR1251790

Network Management and Monitoring

  • On EX9200 switches, analyzer configurations with analyzer input and output stanzas containing members of the same VLAN or the VLAN itself are not supported. With such configurations, packets can mirror in a loop, resulting in LU chip errors. As a workaround, use the mirror-once option if the input is for ingress mirroring. If it is for ingress and egress mirroring, configure the output interface as an access interface. PR1068405

Platform and Infrastructure

  • On EX4300, EX4600, and QFX5100 switches, if a remote analyzer has an output IP address that is reachable through a route learned by BGP, the analyzer might be in a DOWN state. PR1007963

  • On a EX4300-VC platform, if a Q-in-Q S-VLAN interface with MC-LAG is configured, when the backup EX4300 is acting as master, you might lose connection to the management IP address through the interface. As a result, management traffic will be dropped. PR1131755

  • On EX4300 Series switches, certain multicast traffic might impact the network, for example, cause OSPF to flap. Issues might occur when multicast packets use the same interface queue as certain network protocol packets (for example, OSPF, RIP, PIM, and VRRP). PR1244351

Port Security

  • When LACP is configured together with MACsec, the links in the bundle might not all work. Rebooting the switch might solve the problematic links, but could also create the same issue on other child interfaces. PR1093295

  • On a dot1x-enabled interface, sometimes when you log in, log off, and then log in within a short interval (within subseconds), the logical interface plus the bridge domain or VLAN remain in a pending state, and you will not be able to access the network. As a workaround, restart the l2-learning process to recover the port/interface from the problematic state. PR1230073


  • On EX4300 switches, when storm-control or storm-control-profiles with action-shutdown is configured, if the storm-triggered traffic is control traffic such as LACP, the physical interface might be put into an STP blocking state rather than turned down, so valid control traffic might be trapped at the control plane and unrelated interfaces might be set down as an LACP timeout. PR1130099

Virtual Chassis

  • When the linecard role FPC is removed and rejoined to the Virtual Chassis immediately, the LAG interface on the master/backup would not be reprogrammed in the rejoined FPC. PR1255302

  • On an EX4550 switch in a Virtual Chassis configuration, fast-failover function for VCP will work properly when you initially add this configuration. However, if the device is rebooted, the function would not take effect next time. PR1267633