Resolved Issues: 21.2R3
Flow-Based and Packet-Based Processing
General Routing
-
When using log templates introduced in Junos OS release 21.1R1 with Unified Policies, logs were not generated in a predictable manner. A new construct has been added that allows you to define a default log profile set security log profile name default-profile command can be used to improve this behavior when multiple log profiles are defined. PR1570105
-
PKID core during auto-re-enrollment of CMPv2 certificates. PR1580442
-
Getting UNKNOWN instead of HTTP-PROXY for application and UNKNOWN instead of GOOGLE-GEN in RT-FLOW close messages. PR1588139
-
When combining log profiles and unified policies RT_FLOW_SESSION_DENY logs were not being generated corrected. PR1594587
-
High CPU utilisation might be seen when Jflow sampling is configured on vSRX HA setup. PR1604775
-
vSRX might stop forwarding traffic 60 days after Junos upgrade due to the trial license expiring. PR1609551
-
For apps getting classified on first packet, the volume update syslog is not getting generated. PR1613516
-
The interface speed is limited to 1G on vSRX 2.0 even the speed is set as more than 1G. PR1617397
-
During SaaS probing, due to race condition between APP entry addition and session processing, this core is seen. PR1622787
-
On SRX Series devices running DNS security, if a DGA was detected and the action in the configuration was set to permit, under rare circumstances, a log would not be generated by the device. PR1624076
-
Running DNS on all SRX Series devices, a memory leak on Packet Forwarding Engine might occur. PR1624655
-
The application package installation might fail with error in SRX Series devices. PR1626589
-
vSRX3 on VMware ESXi versions 7.0u2 or 7.0u3 with i40e SR-IOV, traffic stopped after reboot. PR1627481
-
Resource errors in show interfaces extensive command output. PR1629986
-
On SRX Series devices running DNS Security, a dataplane memory leak may occur within the DNSF plugin when entries age-out of the DNSF cache. PR1633519
-
Application group name is not found for micro apps in CLI show output. PR1640040
-
The Packet Forwarding Engine might stop on Junos OS SRX Series devices. PR1642914
Infrastructure
-
The failover process may become slow in a vSRX cluster if the gstatd process stops running. PR1626423
Interfaces and Chassis
-
Static route might not work on vSRX. PR1613430
Intrusion Detection and Prevention (IDP)
-
SRX Series devices pause while checking the CLI show security idp attack attack-list policy combine-policy command. PR1616782
J-Web
-
J-Web might only allow certain types of interfaces to be added in a routing-instance. PR1637917
Routing Protocols
User Interface and Configuration
-
A low privileged user can elevate their privileges to the ones of the highest privileged J-Web user logged in. PR1593200