Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

Known Issues

This section lists known issues for the Juniper Networks Cloud CPE Solution Release 3.0.1.

  • Administration Portal might take a short while to update data fields after you delete objects.

    [CXU-1806]

  • Some notifications about the success or failure of create and delete operations in Administration Portal are difficult to understand.

    Workaround: Monitor the create, update, or delete status of the object in the object table.

    [CXU-2364]

  • You cannot add a firewall rule for the UTM function in a network service that uses the vSRX VNF.

    [CXU-2846]

  • Deactivating an SRX Series Services Gateway acting as a CPE device might not remove all configuration settings from the device.

    Workaround: Manually delete the configuration settings from the SRX Series Services Gateway.

    [CXU-3754]

  • You cannot deploy two network services simultaneously on a CPE device.

    Workaround: Deploy only one network service on a CPE device.

    [CXU-3756]

  • The device profile srx-deployment-option-1 assigns OAM traffic to the fxp0 interface, which is not available on the SRX Series Services Gateway.

    Workaround: Edit the stage 1 configuration for the CPE device in Customer Portal to use an interface other than fxp0 for OAM traffic. [CXU-3779]

  • The traffic rate value does not change when you monitor a service on an SRX Series Services Gateway in Customer Portal.

    Workaround: None

    [CXU-3822]

  • The NFX250 device does not receive communications to block unicast reverse path forwarding (uRPF) because two interfaces on the NFX250 device communicate separately with one interface on the regional microservices server.

    Workaround: Disable the uRPF check in JDM on all interfaces for each NFX Series device.

    [CXU-3854]

  • You must use a different router for a PE in a distributed deployment and an SDN gateway in a centralized deployment. You cannot use the same router for both of these functions.

    Workaround: None

    [CXU-4173]

  • You must configure the VLAN settings for an NFX250 device before you configure the Silver Peak VX VNF in Customer Portal.

    [CXU-4402]

  • An end user cannot change the password for Customer Portal if the current password is not available.

    Workaround: Delete and re-create the customer with Administration Portal or the API.

    [CXU-4537]

  • You cannot edit the settings for a customer in Administration Portal.

    Workaround: Use Administration Portal to import a JSON file that contains the correct data for the customer. [CXU-4538]

  • You can only view one network service at a time on a CPE device in Customer Portal.

    [CXU-4551]

  • When you configure the MX Series router as an IPsec concentrator in a distributed deployment, you must specify the Internet Gateway of the IPsec concentrator in the default routing instance. Otherwise, the IPsec tunnel is not established.

    [CXU-4566]

  • You must specify a target URL if you select http-get for the probe type when you configure IP monitoring for a CPE device in Customer Portal, Network Service Designer, or the APIs. Otherwise, the configuration fails.

    [CXU-4571]

  • Deployment of the NFX Series device behind NAT is not supported.

    Workaround: None

    [CXU-5296]

  • After you install CSO, the username and password that CSO uses to access Contrail Analytics might not match the corresponding username and password in Contrail Analytics.

    Workaround: Complete the following actions:

    1. Log in to the CSO central infrastructure VM as root.
    2. View the username that CSO uses to access Contrail Analytics.
      root@host:~/# etcdctl get /csp/infra/contrailanalytics/queryuser
      <username>

      <username> is the actual value that the query returns.

    3. View the password that CSO uses to access Contrail Analytics.
      root@host:~/# etcdctl get /csp/infra/contrailanalytics/querypassword
      <password>

      <password> is the actual value that the query returns.

      If the username and password match the values configured in Contrail Analytics, you do not need to take further action. The default username configured in Contrail Analytics is admin and the default password is contrail123.

    If the username and password do not match the values in Contrail Analytics, update them on the central infrastructure VM as follows:

    1. Log in to the CSO central infrastructure VM as root.
    2. Update the username and password with the values configured in Contrail Analytics.
      root@host:~/# etcdctl set /csp/infra/contrailanalytics/queryuser <contrail-analytics-username>
      root@host:~/# etcdctl set /csp/infra/contrailanalytics/querypassword <contrail-analytics-password>

    [CXU-5873]

  • The configuration for a CPE device might not be removed when you deactivate the device in Administration Portal.

    Workaround: To deactivate the CPE device, first delete the configuration from the CPE device with Customer Portal, and then deactivate the device with Administration Portal. [CXU-6059]

  • You cannot edit or delete login credentials that you configure for a tenant when you create the tenant in Administration Portal.

    Workaround: Delete the tenant and re-create it. [CXU-6217]

  • You cannot edit the Deployment Type (vCPE-Only or uCPE-Only) in a request that you create with Network Service Designer.

    Workaround: Create a new request. [CXU-6474]

  • After you have assigned a device template to a CPE device in Administration Portal, you might not be able to change the device template.

    Workaround: Use Administration Portal to delete the on-premise site for the CPE device and then re-create the site. [CXU-6648]

  • Using Heat v2 API on Contrail 3.0.2, we support only 120 Contrail Service Orchestration instances for a centralized deployment. Use of more Contrail Service Orchestration instances for a centralized deployment results in high latency and timeout issues due to Contrail bug https://bugs.launchpad.net/juniperopenstack/+bug/1676983.

    Workaround: Use fewer than 120 Contrail Service Orchestration instances for a centralized deployment with Heat v2 API or use Heat v1 APi for larger numbers of Contrail Service Orchestration instances.

    [CXU-6697]

  • After you complete an operation in Customer Portal, the GUI might not update to show the latest status.

    Workaround: Refresh the Web page in Customer Portal.

    [CXU-6701]

  • Device templates do not contain an option for configuring the root password of a CPE device.

    Workaround: Configure the root password on the CPE device.

    [CXU-9510]

  • TCP ports other than port 22 are blocked by the security group that is created when a network service in a centralized deployment is activated.

    Workaround: Configure the security group manually to open the required ports.

    [CXU-9841]

  • You might not be able to access a third-party VNF through SSH if you have more than one NFX Series device in the same Layer 2 network.

    Workaround: Use only one NFX Series device in a Layer 2 network.

    [CXU-10139]

  • Information might be missing from the log files associated with importing tenants.

    Workaround: None

    [CXU-11078]

  • The location of a site or POP on the geographical map on the Monitor page in Administration Portal might not be correct, even though the street address is correct.

    Workaround: None

    [CXU-11115]

  • When you design a VNF package with Resource Designer, always select the Direct-OAM-Reachability option for the VNF capability field on the Basic VNF Information page. Selecting this option enables correct operation of service chaining for the VNF.

    Workaround: None

    [CXU-11284]

  • When you install the Cloud CPE solution with for a high availability deployment, the RabbitMQ cluster might not contain all three infrastructure services machines.

    Workaround:

    After you install the Cloud CPE solution and load the microservices data:

    1. Log in to the RabbitMQ dashboard for the central microservices with the following credentials:
      • URL—central-microservices-vip:15672, where central-microservices-vip is the virtual IP address for the HA proxy for the central microservices machine.
      • username—cspmq
      • password—password that you specified for the infrastructure services VM
    2. Check the RabbitMQ overview to see whether all three infrastructure services machines are available in the cluster.
    3. For each infrastructure services machine that does not appear in the cluster, log in to the machine as root and execute the following commands:
      root@host:~/# service rabbitmq-server stop
      root@host:~/# rm -rf /var/lib/rabbitmq/mnesia/
      root@host:~/# service rabbitmq-server start
    4. Check the RabbitMQ overview for the central microservices to see whether all three infrastructure services machines are available in the cluster.
    5. Repeat Steps 1 through 4 for the regional microservices VM, using the virtual IP address of the HA proxy for the regional microservices.

    [CXU-11310]

  • The microservices might not recover immediately after a load balancer VM or an infrastructure services VM failover in a high availability deployment.

    Workaround: Wait for 20 minutes before using CSO GUIs or APIs after a load balancer VM experiences a failover, and wait for 5 minutes before using CSO GUIs or APIs after an infrastructure services VM experiences a failover.

    [CXU-11314]

Modified: 2017-07-27