Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Open Issues

Learn about open issues in this release for EX Series switches.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Forwarding and Sampling

  • Traffic drop is seen and filter does not hit as expected for match condition traffic class with flt statement configured. PR1573350

General Routing

  • On an EX9208 switch, a few xe- interfaces go down with the error message "if_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error". PR1377840

  • On the EX9214 device, if the MACsec-enabled link flap after reboot, "errorlib_set_error_log(): err_id(-1718026239)" error is seen.PR1448368

  • When you execute show pfe filter hw filter-name <filter name> command, it fails to retrieve the Packet Forwarding Engine programming details of the filter. PR1495712

  • When a VLAN member is specified as a string, the 'IF_MSG_IFL_VADDR' TLV is not generated with the VLAN information. The TRIO afttriostream is not updated with the nativevlanId and nativevlanenable flags. Thus, the packet is treated as untagged, and when it reaches the trunk egress interface, the packet is dropped because the trunk interface does not allow untagged traffic to pass through. The issue is specific to platforms with ZT line cards, including EX9200-SF3 and EX9200-15C. PR1506403

  • Adding a delay of 35 seconds to the reboot time in Junos OS Release 20.2R1 comparing to the Junos OS Release 19.4R2. PR1514364

  • License daemon will restart and start providing the required support when intermittent license-check.core file is seen during the device initialization. There is no service impact. PR1545175

  • When ICMP packets egress from the device, that might take Best-Effort queue. This avoids congestion case protocol flap when huge number of ICMP traffic being generated. Other control protocol such as OSPF and others take network-control queue, which is in parity with other QFX5000 line of switches. PR1550293

  • When dot1x server-fail-voip vlan-name is configured, ensure that both server-fail-voip vlan-name and voip vlan are configured using vlan-name and not by using vlan-id. PR1561323

  • Observing traffic drop during a unified ISSU because of the LAG interface flap. PR1569578

  • BUM traffic replication over VTEP with a loop in topology is sending out more packets than expected. PR1570689

  • On all Junos platforms, traffic loss might be observed due to a rare timing issue when performing frequent Interface Bridge Domain (IFBD) configuration modifications. This behavior is seen when the Packet Forwarding Engine receives out-of-order IFBD(s) from Routing Engine and might lead to the fxpc process crash and traffic drop. PR1572305

  • On EX Series line of switches, the dcpfe might crash because of the interface flap where a large number of MAC based VLAN clients are registered. The Packet Forwarding Engine will restart and all the traffic related to the Packet Forwarding Engine might be dropped. After that, the PFE could be self-recovery. PR1578859

  • On the QFX5100 platforms, some 40G ports may not be channelized successfully and may stay down after upgrading host OS along with Junos OS using ZTP or doing manually via CLI. PR1582105

  • On QFX/EX series switches with Broadcom chip as Packet Forwarding Engine (PFE), if IS-IS is enabled on an integrated routing and bridging (IRB) interface and the maximum transmission unit (MTU) size of the IRB interface is configured with a value great than 1496 bytes, the IS-IS hello (IIH) PDUs with jumbo frame size (i.e., great than 1496 bytes) might be dropped and not sent to the IS-IS neighbors. The following is the product list of QFX/EX series switches with Broadcom chip as PFE. QFX3500/QFX3600/QFX5100/QFX5110/QFX5120/QFX5130/QFX5200/QFX5210/QFX5220 EX2300/EX3400/EX4300/EX4600/EX4650 PR1595823

  • EX4400 platforms have a Cloud LED on the front panel to indicate the onboarding of the device to cloud (day0) and management after onboarding (day1). If MIST is used as a Management entity in cloud then, the cloud LED will display green in situations where device would have lost connectivity to cloud. This is dues to MIST using outbound SSH for management. This behavior is not applicable to any other management entity which uses outbound https and LED will display appropriate states to indicate the loss on connection to cloud. PR1598948

  • On a EX4400 Virtual Chassis operating with scaled configurations and traffic, the line card console might fail to redirect to the current virtual chassis master member. User will be logged into linecard and not all cli functionality will be available on the linecard. Use "request session member virtual_chassis_member_id" command from linecard cli prompt to login to virtual chassis master cli. PR1599625

  • On EX2300, After VC split and restore, L2/L3 unicast/multicast partial traffic loss might be observed. PR1600309

  • There is a remote possibility that during many reboots, the Junos VM goes into a state where NMI is needed to continue the reboot. There is no workaround for this and a subsequent reboot does not seem to hit this issue. PR1601867

  • When a EX4400 Virtual Chassis is operating under scaled configurations and stressed traffic, a fxpc core might be observed during any mastership switchover event. PR1603602


  • On EX Series switches, if you are configuring a large-scale number of firewall filters on some interfaces, the FPC might crash and generate core files. PR1434927

  • "IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) error message is observed continuously in AD with base configurations. PR1485038

  • A double free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Refer to: for more information. PR1497768

  • When you receive a unicast EAPOL (0x888e) with vlan588 tag at ae1, in this example, you can forward the packet to ae0 without changing the vlanID to 3054. set vlans vlan588 vlan-id 588, set vlans vlan588 interface ae1.0, and set vlans vlan588 interface ae0.0 mapping 3054 swap.PR1580129

  • On EX4400 family of devices, sometimes login prompt is not shown after the login session ends. PR1582754

Layer 2 Features

  • The memory leak might happen due to eswd daemon on EX Series platforms. A message like the following is displayed in the system log: eswd[1330]: JTASK_OS_MEMHIGH: Using 212353 KB of memory, 158 percent of available /kernel: KERNEL_MEMORY_CRITICAL: System low on free memory, notifying init (#2). /kernel: Process (1254,eswd) has exceeded 85% of RLIMIT_DATA: used 114700 KB Max 131072 KB. PR1262563

Platform and Infrastructure

  • On EX4300 POE switches, the pfex process CPU utilization becomes high after 6-8 weeks. There is no functional impact. PR1453107

  • When the DHCP relay mode is configured as no-snoop, the offer gets dropped due to incorrect ASIC programing. PR1530160

  • This issue might be seen only in back to back GRES in about more than 40 to 50 iterations. No workaround available and FPC gets restarted. PR1579182

Routing Policy and Firewall Filters

  • On all Junos OS platforms with set policy-options rtf-prefix-list configured, if you upgrade to a specific version, the device might fail to validate its configuration, which eventually causes the rpd to crash unexpectedly due to a software fault. PR1538172

User Interface and Configuration

  • The issue is seen on EX Series Virtual Chassis only which can be avoided with a simple workaround as to providing a valid package during upgrade command PR1557628