Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Release Notes for EX Series Switches


These release notes accompany Junos OS Release 20.1R2 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at

What's New

Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.


The following EX Series switches are supported in Release 20.1R2: EX2300, EX2300-C, EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.

What’s New in Release 20.1R2

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release 20.1R2.

What’s New in Release 20.1R1


  • Routing traffic between a VXLAN and a Layer 3 logical interface (EX4650 and QFX5120)—Starting in Junos OS Release 20.1R1, EX4650 and QFX5120 switches support the routing of traffic between a Virtual Extensible LAN (VXLAN) and a Layer 3 logical interface. (You can configure the Layer 3 logical interface using the set interfaces interface-name unit logical-unit-number family inet address ip-address/prefix-length or the set interfaces interface-name unit logical-unit-number family inet6 address ipv6-address/prefix-length command.) This feature is enabled by default, so you do not need to take any action to enable it.


    By default, this feature is disabled on QFX5110 switches. To enable the feature on QFX5110 switches, you must perform the configuration described in Understanding How to Configure VXLANs and Layer 3 Logical Interfaces to Interoperate.

Interfaces and Chassis

  • Support for static link protection on aggregated interfaces (EX4650, QFX5120-32C, and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, you can enable link protection on aggregated interfaces for a specified static label-switched path (LSP). You can designate a primary and a backup physical link to support link protection. Egress traffic passes only through the designated primary link. This traffic includes transit traffic and locally generated traffic on the router. When the primary link fails, traffic is routed through the backup link.

    [See link-protection.]

Junos OS XML, API, and Scripting

  • The jcs:load-configuration template supports loading the rescue configuration (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the jcs:load-configuration template supports the rescue parameter to load and commit the rescue configuration on a device. SLAX and XSLT scripts can call the jcs:load-configuration template with the rescue parameter set to "rescue" to replace the active configuration with the rescue configuration.

    [See Changing the Configuration Using SLAX and XSLT Scripts and jcs:load-configuration Template.]

Junos Telemetry Interface

  • MPLS and local routing sensor streaming support on JTI (EX2300, EX3400, EX4300, EX4600, and EX9200)—Junos OS Release 20.1R1 provides MPLS constrained-path Label Switched Paths (LSPs), RSVP-Traffic Engineering (RSVP-TE) and local routing statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Streaming statistics are sent to an outside collector at configurable intervals.

    The following resource paths are supported:

    • Local routing (resource path /local-routes/)

    • MPLS constrained-path LSPs and RSVP-TE (resource path /network-instances/network-instance/mpls/)

    To provision the sensor to export data through gRPC services, use the telemetrySubscribe RPC.

    Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

  • JTI infrastructure support for (EX2300, EX2300-MP, and EX3400)—Junos OS Release 20.1R1 provides Junos telemetry interface (JTI) infrastructure support for EX2300, EX2300-MP, and EX3400 switches.

Layer 2 Features

  • Q-in-Q support on redundant trunk links using LAGs with link protection (EX4300-MP switches and Virtual Chassis)—Starting in Junos OS Release 20.1R1, Q-in-Q is supported on redundant trunk links (also called “RTGs”) using LAGs with link protection. Redundant trunk links provide a simple solution for network recovery when a trunk port on a switch goes down. In that case, traffic is routed to another trunk port, keeping network convergence time to a minimum.

    Q-in-Q support on redundant trunk links on a LAG with link protection also includes support for the following items:

    • Configuration of flexible VLAN tagging on the same LAG that supports the redundant links configurations

    • Multiple redundant links configurations on one physical interface

    • Multicast convergence

    [See Q-in-Q Support on Redundant Trunk Links Using LAGs with Link Protection.]


  • PIM with IPv6 multicast traffic (EX4650 and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, EX4650 and QFX5120-48Y switches support Protocol Independent Multicast (PIM) with IPv6 multicast traffic as follows:

    • PIM sparse mode (PIM-SM), PIM dense mode (PIM-DM), and PIM sparse-dense mode (PIM-SDM)

    • PIM any-source multicast (PIM-ASM) and PIM source-specific multicast (PIM-SSM)

    • Static, embedded, and anycast rendezvous points (RPs)

    [See PIM Overview.]

Routing Policy and Firewall Filters

  • Support for flexible-match-mask match condition (EX4650 and QFX-Series)—Starting with Junos OS Release 20.1R1, for EX4650, QFX5120-32C, and QFX5120-48Y switches, the flexible-match-mask match condition in firewall filters is supported for the inet, inet6, and ethernet-switching families. With this feature, you can configure a filter by specifying the length of the match (4 bytes maximum) starting from a Layer 2 or Layer 3 packet offset.

    [See Firewall Filter Flexible Match Conditions.]

Storage and Fibre Channel

  • FIP snooping (EX4650-48Y and QFX5120-48Y)—Starting in Junos OS Release 20.1R1, EX4650-48Y and QFX5120-48Y switches support Fibre Channel over Ethernet (FCoE) Initialization Protocol (FIP) snooping. With FIP snooping enabled on these switches, you prevent unauthorized access and data transmission to a Fibre Channel (FC) network by permitting only those servers that have logged in to the FC network to access the network. You enable FIP snooping on FCoE VLANs when the switch is being used as an FCoE transit switch that connects FC initiators (servers) on the Ethernet network to FCoE forwarders at the FC storage area network (SAN) edge.

    [See Understanding FCoE Transit Switch Functionality and Understanding VN_Port to VN_Port FIP Snooping on an FCoE Transit Switch.]

System Management

  • Change status LED for network port to chassis beacon light (EX4300-48MP switch and EX4300-48MP Virtual Chassis)—By default, when a network port and its associated link are active, the status LED for that port blinks green 8 times per second. Starting in Junos OS Release 20.1R1, you can use the request chassis beacon command to slow down the current blinking rate to 2 blinks per second. The slower-blinking and steadier green light acts as a beacon that leads you to an EX4300-48MP switch or a particular port in a busy lab.

    Using options with the request chassis beacon command, you can do the following for one or all network port status LEDs on a specified FPC:

    • Turn on the beacon light for:

      • 5 minutes (default)

      • A specified number of minutes (1 through 120)

    • Turn off the beacon light:

      • Immediately

      • After a specified number of minutes (1 through 120)

    After the beacon light is turned off, the blinking rate for the network port’s status LED returns to 8 blinks per second.

    [See request chassis beacon.]

Virtual Chassis

  • Virtual Chassis support for up to four member switches (EX4650)—Starting in Junos OS Release 20.1R1, you can interconnect up to four EX4650-48Y switches into a Virtual Chassis managed as a single device. The Virtual Chassis:

    • Contains only EX4650-48Y switches.

    • Has two member switches in Routing Engine role (master, backup) and the remaining members in linecard role.

    • Supports 100GbE QSFP28 or 40GbE QSFP+ ports on the front panel (ports 48 through 55) as Virtual Chassis ports (VCPs).

    • Supports NSSU.

    A EX4650-48Y Virtual Chassis with two to four members now also supports the following protocol features that were not previously supported on a two-member EX4650-48Y Virtual Chassis:

    • IEEE 802.1X authentication

    • Layer 2 port security features, including IP source guard, IPv6 router advertisement (RA) guard, DHCP, and DHCP snooping

    • MPLS

    • Redundant trunk groups (RTG)

    EX4650-48Y Virtual Chassis has limitations on protocol feature support compared to the standalone switch. The following protocol features are not supported:


    • Junos telemetry interface (JTI)

    • Multichassis link aggregation (MC-LAG)

    • Priority-based flow control (PFC)

    Configuration and operation are the same as for other EX Series and QFX Series Virtual Chassis.

    [See Virtual Chassis Overview for Switches, 802.1X Authentication, MPLS Overview, DHCP Snooping, Understanding DHCP Snooping (ELS), Understanding IP Source Guard for Port Security on Switches, and Understanding IPv6 Router Advertisement Guard.]

What's Changed

Learn about what changed in Junos OS main and maintenance releases for EX Series.

What’s Changed in Release 20.1R2

There are no changes in behavior and syntax for EX Series in Junos OS Release 20.1R2.

What’s Changed in Release 20.1R1

Class of Service (CoS)

  • We’ve corrected the output of the show class-of-service interface | display xml command. The output is of the following sort: <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container> will now appear correctly as <container> <leaf-1> data </leaf-1><leaf-2>data </leaf-2> <leaf-3> data</leaf-3></container> <container> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container>.

Interfaces and Chassis

  • Logical Interface is created along with physical Interface by default (EX Series switches, QFX Series switches, MX Series routers)—The logical interface is created on ge, et, xe interfaces along with the physical interface, by default. In earlier Junos OS Releases, by default, only physical interfaces were created. For example, for ge interfaces, earlier when you view the show interfaces command, by default, only the physical interface (ge-0/0/0), was displayed. Now, the logical interface (ge-0/0/0.16386) is also displayed.


  • Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the QFX5000 line of switches)—Starting in Junos OS Release 20.1R1, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps, pps, and packets do not provide valid statistics for multicast traffic at Layer 2.

    [See show multicast snooping route.]

Known Limitations

Learn about known limitations in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • The following error message might appear: Failed to complete DFE tuning. This error message has no functional impact and can be ignored. PR1473280


  • On the EX4650 device, inter-VNI multicast is not supported in the EVPN-VXLAN edge routing model. PR1517082


  • File system panic might occur after repeated power loss. PR1444941

Platform and Infrastructure

  • On the EX4300-MP device, ge and mge ports have different color contrasts due to different vendors. PR1470312

Open Issues

Learn about open issues in this release for EX Series. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • On the EX9208 device, a few XE interfaces go down with the following error message: if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840

  • Unicast RPF in the Strict mode does not work. PR1417546

  • Legacy EX Series platforms might reboot when removing or adding input egress all for the analyzer. PR1448123

  • On the EX9214 device, the following error message is observed after reboot and MACsec-enabled link flaps: errorlib_set_error_log(): err_id(-1718026239). PR1448368

  • On the EX4300 Virtual Chassis, a switch might drop the Dot1x client TLS packet. PR1464365

  • The following error message might appear: Failed to complete DFE tuning. This error message has no functional impact and can be ignored. PR1473280

  • Classifiers binding applied on a wildcard gets overwritten by a different classifier type when applied on a single interface. PR1490699

  • While verifying the Last-change op-state value through XML, the rpc-reply message is inappropriate. PR1492449

  • On the EX4300-48MP device, the reboot time, FPC uptime, and interface uptime are degraded by 20 percent when compared with Junos OS Releases 19.1R3, 19.2R2, and 19.4R2. PR1514364

  • On the EX3400 and EX2300 switches, the upgrade fails due to the lack of available storage. PR1539293

  • Domain and VLAN parameters are not as expected while verifying the show dot1x interface detail command. PR1553596

  • OSPF and OSPF3 adjacencies uptime is more than expected after NSSU upgrade and outage is higher than the expected. PR1551925

  • SNMP POE MIB walk produce withers no results or sometimes result from the master Virtual Chassis whenever the Virtual Chassis is renamed as one. PR1503985

  • The DHCP traffic might not be forwarded correctly while sending the DHCP unicast packets. PR1512175

  • On the EX4300 device, script fails while committing the IPSEC authentication configuration due to the missing algorithm statement. PR1557216

High Availability (HA) and Resiliency

  • On the EX9204 devices, the process generates core file with traces 0xffffffff80590e97 in timercb,0xffffffff805ba5c1 in lapic_handle_timer, 0xffffffff80543df3 in uma_zfree_arg on the AD or SD setup. PR1557571


  • Some PIM groups are not able to send out native multicast traffic. PR1209585

  • HSRPv2 IPv6 packets might be dropped if IGMP snooping is enabled. PR1232403

  • The FPC crashes with pfem generating a core file if a large-scale number of firewall filters are configured. PR1434927

  • The following error message is observed continuously in the AD with base configurations: IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) failed. PR1485038

  • On an EX4300-MP device, 9000 IPv6 MC routes can be installed. If more IPv6 MC routes are added, error messages are displayed. PR1493671

Interfaces and Chassis

  • The GRES and VSTP ports cost on the aggregated Ethernet interfaces might get changed, leading to a topology change. PR1174213

Junos Fusion Provider Edge

  • On a Junos fusion system, intermediate traffic drop is sometimes seen between AD and SD when sFlow is enabled on the ingress interface. When sFlow technology is enabled, the original packet is getting corrupted for those packets that hit the sFlow filter. This is because a few packets transmitted from the egress of AD1 are short of FCS (4 bytes) + 2 bytes of data, due to which the drops occur. It is seen that the normal data packets are of size 128 bytes while the corrupted packets are 122 bytes. PR1450373

Layer 2 Ethernet Services

  • The DHCP decline packets are not forwarded to the DHCP server when forward-only is set within dhcp-reply. PR1429456

Layer 2 Features

  • G-ARPs are sent from the switch once in every 10 minutes. PR1192520

Platform and Infrastructure

  • On the EX9208 devices, traffic loss is observed if ingress and egress ports are in different FPCs. PR1429714

  • On the EX9208 device, 33 percent degradation with MAC learning rate is observed in Junos OS Release 19.3R1 compared to Junos OS Release 18.4R1. PR1450729

  • The pfex_junos process generates core file at 0x01847994 in pfeman_watchdog (arg=< optimized out>) at ../../../../src/pfe/common/applications/pfeman/pfeman_rt_pfex.c:1411. PR1535178

  • The BGP session replication might fail to start after the session crashes on a backup Routing Engine. PR1552603

Routing Protocols

  • Sending multicast traffic to the downstream receiver on the Trio based Virtual Chassis might fail. PR1555518

Resolved Issues

Learn which issues were resolved in Junos OS main and maintenance releases for EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 20.1R2

Authentication and Access Control

  • The authd process might have memory leak in 802.1x scenario with the RADIUS authentication. PR1503117

  • On the EX2300-48MP device, the client does not receive the captive-portal success page by downloading the ACL parameter, because of the authentication failure issue. PR1504818

  • The DOT1XD_AUTH_SESSION_DELETED event is not triggered with a single supplicant mode. PR1512724

  • The 802.1x client does not go to the Held state when the authenticated P-VLAN is deleted. PR1516341


  • The ESI of IRB interfaces does not get updated after the autonomous-system number changes if the interface is down. PR1482790

  • The l2ald memory leakage might be observed in any EVPN scenario. PR1498023

  • The VXLAN function might be broken due to a timing issue. PR1502357

  • Unable to create a new VTEP interface. PR1520078

General Routing

  • The Virtual Chassis splits after the network topology changes. PR1427075

  • The MAC pause frames keep incrementing in the receive direction if half-duplex mode on 10-Mbps or 100-Mbps speed is configured. PR1452209

  • The FPC process might get disconnected from the EX3400 Virtual Chassis briefly after rebooting or upgrading. PR1467707

  • On the EX4600 device, traffic loss might be seen with framing errors or runts if MACsec is configured. PR1469663

  • On the EX4600 device, the DSCP marking might not work as expected if the fixed classifiers are applied to interfaces. PR1472771

  • ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610

  • On the EX4300 device, the output of the show security macsec statisitics command displays high values incorrectly. PR1476719

  • On the EX2300 device, the SNMP traps are not generated when the MAC addresses limit threshold is reached. PR1482709

  • Incorrect frame length of 132 bytes might be captured in the packet header. PR1487876

  • DHCP binding might fail when the P-VLAN is configured with a firewall to block or allow certain IPv4 packets. PR1490689

  • On the EX2300 device, high CPU load due to the receipt of specific multicast packets on Layer 2 interface is observed. PR1491905

  • On the EX4300 device, traffic loss might be observed in a mixed Virtual Chassis setup. PR1493258

  • On the EX4650 device, traffic loss might be seen in an MC-LAG scenario. PR1494507

  • The authentication session might be terminated if the PEAP request is retransmitted by an authenticator. PR1494712

  • The fxpc process might crash when renumbering the primary member ID value of the EX2300 or EX3400 Virtual Chassis. PR1497523

  • Outbound SSH connection flap or memory leak issue might be observed during a push configuration to an ephemeral database with a high rate. PR1497575

  • Traffic might get dropped if the aggregated Ethernet member interface is deleted or added, or an SFP transceiver of the aggregated Ethernet member interface is unplugged or plugin. PR1497993

  • In some cases, if we have an OSPF session on the IRB over LAG interface with a 40-Gigabit Ethernet port as member, the session gets stuck at restart. PR1498903

  • On the EX4300, EX3400, and EX2300 Virtual Chassis with NSB and xSTP enabled, continuous traffic loss might be observed while performing GRES. PR1500783

  • The mge interface might still stay up while the far end of the link goes down. PR1502467

  • LLDP is not acquired when the native VLAN ID and the tagged VLAN ID are the same on a port. PR1504354

  • The isolated VLAN from RADIUS is not deleted when the interface flaps. PR1506427

  • The output VLAN push might not work. PR1510629

  • LLDP might not work when P-VLAN is configured. PR1511073

  • On the EX4300 device, LACP goes down after a Routing Engine switchover if MACsec is enabled on the LAG members. PR1513319

  • The 100-Mbps SFP-FX transceiver is not supported on a satellite device in the Junos fusion setup. PR1514146

  • 802.1x memory leak is observed. PR1515972

  • The dcpfe process might crash due to memory leak. PR1517030

  • MPPE-Send or Recv-key attribute is not extracted correctly by dot1xd. PR1522469

  • Drops and dropped packets counters in the output value of the show interface extensive command are counted twice. PR1525373

  • On the EX2300 device, the following PoE message is observed: poe_get_dev_class: Failed to get PD class info. PR1536408

  • Traffic impact might be observed on the EVPN-VXLAN scenario due to ARP reply not working properly with native-vlan-id configured. PR1483167

  • IRB MAC does not get programmed in hardware when the MAC persistence timer expires. PR1484440

  • BIND does not sufficiently limit the number of fetches during the referrals processing. PR1512212

  • Memory leakage is observed while processing specific DHCP packets. PR1514145

  • On the EX4300-MP router, ARP learning issue might be observed when configuring the Layer 3 gateway interfaces. PR1514729

High Availability (HA) and Resiliency

  • Kernel generates core file on the backup Routing Engine causing traffic drop if multicast-MAC is configured on the IRB interface. PR1467847


  • On the EX2300 and EX3400 devices, the kernel might generate core files when deactivating the daemon. PR1483644

  • The fxpc might crash when configuring scaled configuration with 4093 VLANs. PR1493121

  • On the EX4600 device, the IP communication between directly connected interfaces might fail. PR1515689

  • DUT did not receive the LLDP packet from phone. PR1538482

  • On the EX4600 and EX4300 Virtual Chassis or Virtual Chassis Fabric, the VSTP configurations device goes unreachable and becomes nonresponsive after commit. PR1520351

Interfaces and Chassis

  • The following syslog message is observed after MX-VC local or global switchover: scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments fru_send_msg Global FPC x. PR1428254

  • The MC-LAG configuration-consistency ICL-configuration might fail after committing some changes. PR1459201

  • A stale IP address might be seen after a specific order of configuration changes in the logical-systems scenario. PR1477084

  • Traffic might get dropped as the next hop points to the ICL even though the local MC-LAG is up. PR1486919

Junos Fusion Enterprise

  • The following error message is observed with duplicate ECID values for cluster or extended ports on member ports of the same cluster: jnh_dot1br_ktree_entry_create(1098): Entry Already Exists . PR1408947

  • The SDPD generates core files at vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry. PR1454335

Junos Fusion Satellite Software

  • On the EX4300 device, the temperature sensor alarm is seen. PR1466324

Layer 2 Ethernet Services

  • Issues with the DHCPv6 relay processing confirm and reply packets are observed. PR1496220

  • Default-route might not be added to the Juniper OS device configured as the DHCPv4 client device. PR1504931

Layer 2 Features

  • The third VLAN tag does not get pushed onto the stack. Instead, it gets swapped. PR1469149

  • Traffic imbalance might be observed if hash-params is not configured. PR1514793

  • The MAC address in the hardware table might become out of synchronization between the primary devices and the member devices in the Virtual Chassis after the MAC flaps. PR1521324

  • The dcpfe or the FPC process might crash due to the memory leakage during the VLAN addition or deletion operation. PR1505239


  • BGP session flaps between two directly connected BGP peers because of the wrong TCP-MSS in use. PR1493431

Platform and Infrastructure

  • MAC learning under bridge-domain stops after the MC-LAG interface flaps. PR1488251

  • The traffic destined to VRRP VIP might be dropped after the IRB interface is disabled on the initial VRRP primary device. PR1491348

  • IPv6 neighbor solicitation packets might be dropped in a transit device. PR1493212

  • Packets get dropped when the next hop is an IRB-over-lt interface. PR1494594

  • On the EX4300 device, NSSU might fail due to a storage issue on the /var/tmp directory. PR1494963

  • On the EX4300 device, high CPU load due to receipt of specific IPv4 packets is observed. PR1495129

  • On the EX4300 device, traffic loss might be seen with framing errors or runts if MACsec is configured. PR1502726

  • On the EX4300 device, the redirected IP traffic is being duplicated. PR1518929

  • LLDP neighborship might not come up on EX4300 non-aggregated Ethernet interfaces. PR1538401

  • Memory leaks in the Packet Forwarding Engine due to the flapping of the 802.1X authenticator port interface. PR1480706

  • Trio-based MPC memory leaks when the IRB interface is mapped to a VPLS instance or a Bridge-Domain. PR1525226

  • On the EX4300-VC devices, the FBF functionality might be broken after rebooting the Virtual Chassis or on modifying the IRB configuration. PR1531838

Routing Protocols

  • The MUX state in the LACP interface does not go to the Collecting and Distributing states and remains in the Attached state after enabling the aggregated Ethernet interface. PR1484523

  • The FPC process goes to the NotPresent state after upgrading the Virtual Chassis or Virtual Chassis Fabric. PR1485612

  • The BGP route target family might prevent the route reflector from reflecting Layer 2 VPN and Layer 3 VPN routes. PR1492743

  • On the EX4300-MP and EX4600 devices, high CPU load due to receipt of specific Layer 2 frames in EVPN-VXLAN deployment. PR1495890

  • Firewall filter does not work in certain conditions under the Virtual Chassis setup. PR1497133

  • The rpd might report 100 percent CPU usage with BGP route damping enabled. PR1514635

  • Packet loss might be observed while verifying traffic from access to core network for IPv4 or IPv6 interfaces. PR1520059

  • The OSPFv3 adjacency should not be established when IPsec authentication is enabled. PR1525870

  • Packets drop might be observed when the multicast MAC with static ARP is configured on one IRB interface. PR1489374

User Interface and Configuration

  • On the EX2300 and EX3400 devices, installing J-Web application package might fail. PR1513612

  • J-Web does not display the correct flow-control status. PR1520246

Virtual Chassis

  • On the EX4650 device, the following error message is observed during booting: kldload: an error occurred while loading the module. PR1527170

Resolved Issues: 20.1R1

Authentication and Access Control

  • On EX4600 and EX4300 switches, MAC entry is missing in the Ethernet switching table for Mac-radius client in server fail scenario when tagged is sent for two client. PR1462479

Class of Service (CoS)

  • Shaping does not work after the reboot if shaping-rate is configured. PR1432078

  • The traffic is placed in network-control queue on an extended port even if it comes in with different DSCP marking. PR1433252


  • The rpd might crash after the EVPN-related configuration is changed. PR1467309

Forwarding and Sampling

  • Type 1 ESI/AD route might not be generated locally on the EVPN PE device in the all-active mode. PR1464778

General Routing

  • The l2cpd process might crash and generate a core file when interfaces flap. PR1431355

  • MicroBFD flap is seen when a QSFP transceiver is inserted into other port. PR1435221

  • EX4600 Virtual Chassis does not come up after the Virtual Chassis port fiber connection is replaced with a DAC cable. PR1440062

  • MAC addresses learned on an RTG might not be aged out after a Virtual Chassis member reboots. PR1440574

  • Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for ingress traffic. PR1449568

  • On EX3400 switches with half-duplex mode on 10-Mbps or 100-Mbps speed at medium traffic egress, traffic flow might stop on the port and MAC pause frames will be incrementing in the receive direction. PR1452209

  • The l2ald and eventd processes are hogging 100 percent after the clear ethernet-switching table command is issued. PR1452738

  • A firewall filter might not be applied in a particular Virtual Chassis or Virtual Chassis Fabric member as TCAM is running out of space. PR1455177

  • Packet drop might be seen after removing and reinserting the SFP transceiver of the 40G uplink module ports. PR1456039

  • Link-up delay and traffic drop might be seen on mixed SP L2/L3 and EP L2 type configurations. PR1456336

  • The syslog timeout connecting to peer database-replication message is generated when the show version detail command is issued. PR1457284

  • Overtemperature SNMP trap messages appear after an update even though the temperature is within the system thresholds. PR1457456

  • The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic VoIP VLAN assignment is used. PR1458559

  • The FXPC process might crash due to several BGP IPv6 session flaps. PR1459759

  • On EX2300 and EX3400 switches, storage space limitation leads to image installation failure during phone home. PR1460087

  • MAC addresses learned on redundant trunk group (RTG) might not be aged out after the aging time if the source interface is configured as RTG. PR1461293

  • RTG link is down for nearly 20 seconds when the backup node is rebooting. PR1461554

  • Configuring any combination of VLANs and interfaces under VSTP/MSTP might cause the VSTP/MSTP-related configuration to fail. PR1463251

  • The Virtual Chassis function might be broken after an upgrade on EX2300 and EX3400 devices. PR1463635

  • A few command lines to disable MAC learning are not working. PR1464797

  • The jdhcpd might consume a high CPU and no further subscribers can be brought up if there are more than 4000 DHCP relay clients in the MAC move scenario. PR1465277

  • On EX2300 switches, an FXPC core file is seen after mastership election based on the user's priority. PR1465526

  • The broadcast and multicast traffic might be dropped over an IRB or a LAG interface in a Virtual Chassis scenario. PR1466423

  • The MAC move message might have an incorrect from interface when MAC moves rapidly. PR1467459

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

  • SSH session closes while you check the show configuration | display set command for both local and non-local users. PR1470695

  • EX3400 switch is advertising only 100 Mbps when a speed of 100 Mbps is configured with autonegotiation enabled. PR1471931

  • On EX4600 switches, the shaping of CoS does not work after reboot. PR1472223

  • On EX3400 switches, CoS 802.1p bits rewrite might not happen in Q-in-Q mode. PR1472350

  • The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685

  • The dhcpd process might crash in a Junos fusion environment. PR1478375

  • MX Series with MPCs/MICs based line-card might crash when there is a bulk route update failure in a corner case. PR1478392

  • TFTP installation from loader prompt might not succeed on EX Series devices. PR1480348

  • In an EVPN-VXLAN scenario, ARP request packets for an unknown host might be dropped in remote PE device. PR1480776


  • EX2300 switches might stop forwarding traffic or responding to the console. PR1442376

  • On EX4300 switches, the CLI configuration set chassis routing-engine on-disk-failure disk-failure-action (reboot | halt) is not supported. PR1450093

  • EX Series switches might not come up properly after reboot. PR1454950

  • On EX4600 and EX4300 Virtual Chassis, error messages related to soft reset of port due to queue buffers being stuck could be seen. PR1462106

  • Traffic is dropped on an EX4300-48MP device acting as a leaf device in a Layer 2 IP fabric EVPN-VXLAN environment. PR1463318

  • EX3400 switches might reboot because of lack of watchdog patting. PR1469400

  • In an EX2300 Virtual Chassis scenario, continuous dcpfe error messages and eventd process hog might be seen. PR1474808

Interfaces and Chassis

  • VRRPv6 state is flapping with init and idle states after configuring vlan-tagging. PR1445370

  • Traffic might be forwarded to incorrect interfaces in an MC-LAG scenario. PR1465077

  • Executing commit might become unresponsive due to stuck device control process. PR1470622

Junos Fusion Enterprise

  • Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209

Junos Fusion Satellite Software

  • In Junos fusion for enterprise, the dpd crash might be observed on satellite devices running SNOS. PR1460607

Layer 2 Features

  • MAC or ARP learning might not work for copper base SFP-T transceivers on EX4600 switches. PR1437577

  • The Link Layer Discovery Protocol (LLDP) function might fail when a Juniper device connects to a non-Juniper device. PR1462171

  • After rebooting, an FXPC core file might be seen when committing the configuration. PR1467763

  • Traffic might be affected if composite next-hop is enabled. PR1474142

Layer 2 Ethernet Services

  • Member links state might be asynchronized on a connection between PE and CE devices in an EVPN A/A scenario. PR1463791

Platform and Infrastructure

  • NSSU causes traffic loss again after the backup to master transitions. PR1448607

  • In a Virtual Chassis scenario, the IRB traffic might get dropped after master switchover. PR1453025

  • The OSPF neighbor might go down when mDNS/PTP traffic is received at a rate higher than 1400 pps. PR1459210

  • ERP might not revert to IDLE state after reload or reboot of multiple switches. PR1461434

  • On EX4300 Virtual Chassis, traffic loss might be observed longer than 20 seconds when performing NSSU. PR1461983

  • On EX2300 and EX3400 switches, the upgrade might fail as there is not enough space. PR1464808

  • On EX4300 switches, IGMP reports are dropped when mixed enterprise and service provider configuration styles are used. PR1466075

  • On EX4300 switches, an input firewall filter attached to isolated or community VLANs fails to match dot1p bits on the VLAN header. PR1478240

  • Virtual Chassis VRRP peer drops packets destined to the VRRP VIP after IRB is disabled. PR1491348

Routing Protocols

  • Host-destined packets with the filter log action might not reach the Routing Engine if log or syslog is enabled. PR1379718

  • On EX9208 platforms, BGP IPv4 or IPv6 convergence and RIB install or delete time are degraded in Junos OS Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121

  • The other querier present interval timer cannot be changed in an IGMP/MLD snooping scenario. PR1461590

User Interface and Configuration

  • Problem with access to J-Web after updating from Junos OS Release 18.2R2 to Release 18.2R3. PR1454150

  • Error message umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device busy is seen when Junos OS is upgraded with the validate option. PR1478291

Documentation Updates

This section lists the errata and changes in Junos OS Release 20.1R2 documentation for the EX Series.

Dynamic Host Configuration Protocol (DHCP)

  • Introducing DHCP User Guide—Starting in Junos OS Release 20.1R1, we are introducing the DHCP User Guide for Junos OS routing, switching, and security platforms. This guide provides basic configuration details for your Junos OS device as DHCP Server, DHCP client, and DHCP relay agent.

    [See DHCP User Guide.]

Migration, Upgrade, and Downgrade Instructions

This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1, 17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.

You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see