Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Known Limitations

Learn about known limitations in this release for SRX Series devices.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Authentication and Access Control

  • Unified access control drops packet at uac-plugin receives interest check event when jbuf is null. When flow get uac return value, the flow process would drop packet and log again. Normally when flow process did the log, it will check the flag on jbuf. The flag would flow this drop had been logged and then flow won't log again. Sometimes, the jbuf was not there hence no flag can be set so two logs were seen. PR1555850

Flow-Based and Packet-Based Processing

  • For accelerated flows such as Express Path, the packet or byte counters in the session close log and show session output take into account only the values that accumulated while traversing the NP. PR1546430

General Routing

  • In SRX380, MACsec show security macsec statistics command, when encryption-offset is enabled, the encrypted bytes and encrypted packets will include both encrypted and protected bytes. PR1534840

  • Due to enhancements in AppID starting Junos OS Release 21.1R1, database files are not compatible with earlier releases. Hence, this issue is expected to be seen during downgrade from Junos OS Release 21.1R1 to earlier releases. PR1554490


  • In SPC2 and SPC3 mixed-mode HA deployments, tunnel per second (TPS) is getting affected while dead peer detection (DCD) is being served on existing tunnels. This limitation is due to a large chunk of CPU being occupied by infrastructure (gencfg) used by IKED to synchronize its DPD state to the backup nodes. PR1473482