Resolved Issues: 21.4R1

ALG traffic might be dropped. PR1598017

In a Junos Fusion deployment, dynamically removing and adding a logical interface under interface-set could lead to traffic control profile on the interface-set not working PR1593058

Child mgd processes might get stuck when multiple sessions continuously ask for interface information PR1599024

Traffic loss might be observed if per-unit-scheduler is configured on AE interface PR1599857

802.1p rewrite policies might not have any effect if the rewrite is tied to CCC interfaces PR1603909

IEEE 802.1 rewrite rule might not work on MPC10 linecard PR1604943

The fabric queues priority might not get changed after activate/deactivate CoS configuration PR1613541

Baseline EVPN-VXLAN transition from IPv4 to IPv6 or vice verse does not work in certain sequence. PR1552498

The BUM traffic might be dropped after changing any configuration on the device without router-id. configured PR1576943

Traffic loss might be seen under EVPN scenario when MAC-IP moves from one CE interface to another PR1591264

Transit Traffic gets dropped post disabling one of the PE-CE link on a remote Multi-Home PE in EVPN-MPLS A-A setup with Dynamic-List NextHop configured PR1594326

EVPN might not work properly in multi-homing setup PR1596723

The device announces router-mac, target, and EVPN VXLAN community to BGP IPv4 NLRI. PR1600653

Traffic loss for profile TI2-Inter-VN-Traffic_Stream-SH-MH is seen when testing evpn with vxlan. PR1628586

Traffic loss ia seen for profile TI2-Inter-VN-Traffic_Stream-SH-MH when testing EVPN with VxLAN. PR1628586

Logical interface statistcs for as(aggregated sonet) are displayed double value then expected. PR1521223

The snmpwalk might not poll the mib for dual-stack interface. PR1601761

On MX10003, despite of having all AC low/high PEM, "Mix of AC PEMs" alarm is raised PR1315577

RE switchover does not work as expected while SSD failure occurs. PR1437745

SSL-FP Logging for non SNI session PR1442391

Inaccurate allocated memory for 'nh' and 'dfw_rulemask' under kernel might be observed PR1475478

The following error messages are observed: unable to set line-side lane config (err 30) PR1492162

New fan failure alarm that would be reported after 3 consecutive failure interrupt status is high. PR1500920

With multi-services scaled config and Jvision monitoring running after routing-restart, protocols/services remains down and rpd doesn't respond/recover PR1520977

The BFD session status remains down at the non-anchor FPC even though BFD session is up after the anchor FPC reboots or panic. PR1523537

CSPRNG is changed to the HMAC-DRBG and cannot be changed to either the FreeBSD Fortuna or the Juniper DYCE RNGs PR1529574

cli show chassi picd fpc-slot pic-slot did not display qsfp modules firmware properly PR1533645

The MACsec PICs may stay offline in the new primary after performing ISSU PR1534225

Pfe statistics not shown GNF in sublc mode having PFE mapping from non-zero pfe PR1547890

FPC crash may occur after flapping the multicast traffic PR1548972

Some transmitting packets may get dropped due to the "disable-pfe" action is not invoked when the fabric self-ping failure is detected PR1558899

The device may run out of service post GRES/ISSU PR1558958

The MX150 device might reboot after performing request system snapshot recovery command. PR1565138

Na-grpcd process can core during longevity tests PR1565255

CLI-command "show pfe statistics traffic" shows wrong output PR1566065

Junos OS and Junos OS Evolved: Local Privilege Escalation and Denial of Service PR1568654

When using log templates (introduced in 21.1R1) with Unified Policies, logs were not generated in a predictable manner. A new construct has been added that allows you to define a default log profile (set security log profile name default-profile) that can be used to improve this behaviour when multiple log profiles are defined. PR1570105

High CPU usage may occur on rpd for routes that use static subscriber PR1572130

The fxpc process might crash and cause traffic loss in the IFBD scenario PR1572305

DCPFE/FPC crash may be observed on the QFX10000 series platforms if ARP MAC move happens PR1572876

Only root user is allowed to execute commands on host using vhclient. PR1574240

DS-Lite throughput degradation might be seen on MS-MPC PR1574321

MIC specific alarms are not cleared after MIC reboot PR1576370

MPC7E, MPC10E, MX-SPC3 and LC2103 line cards might become offline when the device is running on FIPS mode PR1576577

Mirrored packets are corrupted when port-mirror and discard actions are both applied. PR1576914

MPC7E/8E/9E/11E line card might be stuck in "Unresponsive" state in a Junos Node Slicing setup PR1580168

The static MACs configured over AE might not get programmed in forwarding after the FPC restart PR1581325

Certain fields in the GNMI extension header and show network-agent statistics cli will have incorrect values if the input subscription path contains a ":" character PR1581659

Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE) (CVE-2021-31354) PR1582419

Traffic drop might be observed on MX platforms with SPC3 in the DS-LITE scenario PR1582447

Load balancing is not working correctly on AMS interfaces for CGNAT traffic on MX USF mode with SPC3 PR1582764

The bcmd process might crash on the MX150 platform PR1583281

Firewall filter is not getting programmed after deleting a large filter and adding a new one in a single commit on QFX5000 line of switches. PR1583440

The Layer 2 multicast VXLAN instance goes down since local vtep logical child interface is not associated to the EVPN instance. PR1584109

The secure web proxy continues to send the DNS query for the unresolved DNS entry even after removing the entry. PR1585542

Packet loss might be seen during global repair of FRR. PR1586122

show security idp counters do not have tenant statement in it's syntax. PR1586220

The RPD_KRT_KERNEL_BAD_ROUTE error message is seen in certain scenarios when the rpd process restarts or GRES happens when NSR is enabled. This error has no functional impact.PR1586466

Remove SIB without turning offline first might impact traffic. PR1586820

The MVPN traffic loss might be seen due to the flooded multicast next-hop is missed PR1587054

Junos Telemetry Interface leaves such as "used-power" and "allocated-power" under /components do not reflect correct value. PR1587184

PEM capacity shows incorrectly on MX10003 platform. PR1587694

The aftd process might crash in firewall filter scenario. PR1589619

Fabric link training could be seen if the fabric selfping silently gets discarded. PR1590054

The open configuration BGP route community command output is incorrect when you use large BGP communities. PR1590083

PTP synchronization might get unstable. PR1591667

The mobiled daemon might crash after switchover for an AMS interface or crashes on the service PIC with the AMS member interfaces. PR1592345

AMS warm standby with deterministic NAT functionality might not work properly. PR1592437

Routing Engine kernel might crash because the logical interface of aggregated interface fails in the Junos kernel. PR1592456

The duplicate Junos Telemetry Interface leaf of oper-status tag for logical interface index 16386 have mismatch value.PR1592468

The L2cpd-agent might go unresponsive after starting telemetry service. PR1592473

Using the BITS interface from backup RE for clock recovery might not work. PR1592657

The TCP connections to the telemetry server might be stuck in "CLOSE_WAIT" status. PR1593113

On a Junos Node sliced setup if an SLC on MPC11E is restarted on some instances the interfaces on other SLC might also go down. PR1593500

IPv6 neighbor might remain unreachable in VRRP for IPv6 scenario. PR1593539

Jweb Deny log nested-application displays unknown instead of the specific application. PR1593560

The dcpfe process might crash in an EVPN-VxLAN scenario. PR1593950

PICD restart or crash might result in junks statistics for carrier transition. PR1594253

The next-hop used for lawful intercept might not get installed correctly on the Packet Forwarding Engine of MPC10E or MPC11E line card which does not host the tunnel interface used for flow-tap service. PR1594380

The BFD session for MPLS LSP goes down after enabling ultimate-hop-popping. PR1594621

The label field for the EVPN Type 1 route is set to 1. PR1594981

Inconsistent component name for FPC CPU is observed. PR1595109

Application error alarms and trace-writer core files are generated due to defunct rcp zombie. PR1595409

Layer 2 VPN stops forwarding when interface encapsulation is changed to vlan-ccc from ethernet-ccc and back. PR1595455

Some TCP sessions might not be established after performing the request system snapshot command. PR1595470

The interface down might be delayed after you issue the set interface interface name disable command. PR1595682

Firmware might fail to be downloaded to MIC on the MX Virtual Chassis setup. PR1595693

Mismatch in the master and backup Routing Engines with inetcolour tables and BGP-SRTE tunnels occur after rpd-restart on the primary Routing Engine. PR1596095

Packet Forwarding Engine wedge might occur if many IPv4 packets are received that need to be fragmented. PR1596100

The DCI InterVNI and IntraVNI traffic might silently be dropped and discarded in a gateway node due to the tagged underlay interfaces. PR1596462

Mcscnoopd might crash when deleting and then adding layer-2 forwarding configuration after performing unified ISSU. PR1596483

The nsd process generates a core file when you verify the session-limit rate and issue the bypass-traffic-on-exceeding-flow-limits command. PR1596578

Traffic loss might occur periodically in the MACsec-used setup if the Routing Engine works under a pressure situation. PR1596755

SR-TE tunnel initiated from a non-juniper PCE might fail PR1596821

bbesmgd core generated after RE goes down. PR1596848

Traffic fails to recover after multiple quick dot1xd restarts when you enable the MACsec suspend-for option. PR1596854

The interface might not learn mac-address if it is configured with vlan-id-list starting with VLAN id 1 and native-vlan-id. PR1597013

Major alarms on all FPCs in chassis might be seen after some time from bootup. PR1597066

The MAC/IP withdraw route might be suppressed by rpd in the EVPN-VxLAN scenario. PR1597391

On MX10016 router, the SFB Plane not online alarm gets generated after the primary Routing Engine switchovers. PR1597630

Major host 13 Ethernet interface link goes down with false alarm after RE1 is manually replaced. PR1597763

MPC10E log messages will be observed with 'Temp Sensor Fail' alarm set/clear and 'cmtfpc_cpu_core_temp_get: Fail to get temp CPU7_PMB' messages. PR1597798

The cfmman process might crash on MPC10 linecard running on FPCs. PR1597812

Deletion of MACsec configuration on a logical interface does not take effect. PR1597848

Inconsistency in the platform name used in multiple places, version, snmp mibs, and so on. PR1597999

[subscriber_services][MX480] :: subinfo core file is generated with L2 node scaling. PR1598187

Primary-only IP address keeps in old primary (new backup) and device becomes inaccessible after Routing Engine switchover. PR1598173

arpd and ndp daemon crashes in scale setups. PR1598217

Subscriber management daemons might continuously generate a core file and shutdown with Routing Engine sensor invalid configuration. PR1598351

On MX10016 routers with JNP10K-RE1, unknown SMART attributes for StorFly VSFBM8CC200G SSD occurs.PR1598566

Upper backplane type for the MX2020 router are incorrectly reported as Chassis. PR1598594

The packet loop might occur after you receive the PCP request packets, which are destined to softwire concentrator address. PR1598720

Component sensor does not export logs. PR1598816

The l2ald process might crash due to memory leak when all active interfaces in a VLAN are unstable. PR1599094

False fan failure alarm flaps (set and cleared) frequently. PR1599183

NSR switchover performed with BGP SR-TE tunnels might generate an rpd core file. PR1599446

On MX SPC3 services card, ICMP protocol is not detected and does not allow user to modify inactivity-timeout values. PR1599603

gNMI Telemetry might stop working after Routing Engine switchover. PR1600412

The multiservices card does not drop the TCP acknowledgment packet received as a reply to the self-generated TCP keepalive. PR1600619

The config interface ip remove command is not working appropriately. PR1600932

Duplicate address detection (DAD) flags appear for the IRB interfaces after removing the configuration and restoring which might lead to traffic block. PR1601065

Traffic loss might be seen on MPC10E and MPC11E under EVPN scenario. PR1601177

The BBE-SMGD process generates core files at bbe_dequeue_and_deliver bbe_process_work_queues bbe_smd_main_post_dispatch. PR1601203

Unable to commit configuration due to the Check-out failed error message for the mobility process. PR1601785

Traffic might be dropped at NAT gateway if you enable EIM. PR1601890

Kernel crash might be seen when static routes are configured with GRE interfaces being used as next-hop. PR1601996

The IPv6 traffic might be impacted on the QFX Series or PTX Series platforms when an IPv6 route resolves over a dynamic tunnel. PR1602007

A few line cards might not come up online with increased-bandwidth mode. PR1602080

Under certain scaling scenarios, with EVPN-VXLAN configurations, l2ald might abort and recover. PR1602244

After upgrading, configured firewall filters might be applied on incorrect interfaces (CVE-2021-31382). PR1602292

Traffic might be lost when rewrite rules are configured on an aggregated Ethernet egress interface of MX Series platforms with MPC10E linecards. PR1602307

Jflow-syslog for CGNAT might use 0x0000 in IPv4 identification field for all fragments. PR1602528

The show system errors fru detail command is not displaying "reset-pfe" as the cmerror configured action. PR1602726

The Packet Forwarding Engine might get disabled by a detected major CMERROR event when you ungracefully remove the MIC from MPC2E-3D-NG/MPC3E-3D-NG. PR1602939

Junos OS: When using J-Web with HTTP an attacker might retrieve encryption keys via Person-in-the-Middle attacks. (CVE-2021-31386). PR1603199

Packet loss might be seen on filter-based GRE deployments. PR1603453

21.3TOT:TCP_TLS_SYSLOG:core-usf-qnc-a-fpc3.pic1-flowd_spc3.elf.0.tgz is seeing while verifying TCP based logging functionality with GRES with AMS-Nexthop style PR1603466

NSSU performed with MACsec configuration might generate fxpc core file. PR1603602

The adapted sample rate might get reset to the configured sample rate without changing the sampling rate information in sFlow datagrams after configuring a new logical interface and enabling sFlow technology on this new logical interface at the same time. PR1604283

NPC logs are observed when vrf localisation is enabled. PR1604304

The following error message is observed: evo-aftmand-bt[18089]: [Error] IfStats:map entry not present for ifl:1039. PR1604334

Interface hold-time up does not work on vMX and MX150 platforms. PR1604554

The channel 0 physical interface does not come up after adding the correct speed configuration. PR1604810

The interface on MCP3-NG HQoS/MPC7E flaps continuously after enabling LACP on aggregated Ethernet

interface. PR1605446

The MPLS transit router might push an extra Entropy label to the LSP. PR1605865

Multicast streams might stop flooding in VXLAN setup. PR1606256

Segment Routing License issue might occur by default chained-composite-next-hop configuration. PR1606377

Observing continuous SNMP trap for "Over Temperature!" for all the MX10016 line cards (FPC: JNP10K-LC480). PR1606555

With dslite prefix-based subscriber and PCP the APP mapping for multiple PCP requests with suggested external ports is not behaving as expected. PR1606687

New subscribers might not connect due to the CR-features service object missing on FPC. PR1607056

TCP traffic might be dropped on source port range 512 to 767 when the FlowSpec IPv6 filter is configured. PR1607185

In subscriber management scenario, under a rare condition, the Routing Engine reboots and generates a vmcore. PR1607282

When l2ald restart, the following error message might be present, "L2ALIPC : L2AL IPC client is not connected to l2ald on restart l2-learning" PR1607580

On MX Series platforms, error messages might be seen on triggering restart routing when sensors are configured. PR1608120

Traffic load balance issue might be seen while toggling link-protection mode of RLT interface on-the-fly. PR1608300

Address error case in open message to comply to RFC 8664 in PCCD and PCE_Server. PR1608511

Memory leak might be observed on the l2cpd process when performing certain LLDP operations. PR1608300

On PTX10K EVO platforms, defunct rcp processes increase which might cause master Routing Engine reboot. PR1608776

High priority queue might not get the expected bandwidth on the EVO platforms. PR1609823

The single-vlan tagged subscribers might fail to reconnect through dynamic-vlan over PS interface. PR1609844

The authd process and RADIUS might have stale L2BSA subscriber entries. PR1610476

"No filter found" error might be seen while deactivating the filter attached to the interface after MPC reboot. PR1616067

After picd restart interface is down in channelized 100G link. PR1611379

The service PICs are unable to come up when dnsf package is configured. PR1612316

The Routing protocol engine CPU is getting stuck at 100 percent. PR1612387

The B4 client traffic will be dropped on MX-SPC3 based AFTR in DS-Lite with EIM activated CGNAT scenario. PR1612555

Some of the fabric links might go into faulty state after swapping FPC LC1201 with LC1202. PR1612624

l2ald core file is generated during routing-instance configuration change. PR1612738

Memory might be exhausted when both BGP rib-sharding and BGP Optimal Route Reflection (ORR) are enabled. PR1613104

Traffic loss might occur due to the shaping rate being adjusted incorrectly in a subscriber environment on MX Series routers. PR1613126

IGP routing updates might be delayed to program in Packet Forwarding Engine after interface flaps in a scaled BGP route environment. PR1613160

For PS Service logical interface configured in MPC2-NG/MPC3-NG interface statistics do not show correct (shaped) value when shaping is applied. PR1613395

IPsec tunnels are not deleted on disabling the AMS physical interface. PR1613432

Enabling security-metadata-streaming DNS policy might cause a dataplane memory leak. PR1613489

The rpd process might crash in BGP rib-sharding scenario. PR1613723

Modifying the input-service-filter via COA might fail in subscriber management environment. PR1614903

Line cards might be unstable due to the continuous growing memory usage of evo-cda-bt app. PR1614952

Export memory and temperature metrics for all existing components when it subscribes to telemetry sensor. PR1615045

The l2ald process might crash in EVPN scenario. PR1615269

Request to provide an API which gives list of potential policy given a session id. PR1615355

show subscribers accounting-statistics, show services l2tp session interface asi0.xx statistics might not work on LNS with asi- interfaces. PR1616454

The dual Routing Engine system might not be GRES ready after backup Routing Engine reboot in a subscriber management environment. PR1616611

Inconsistent error counts in show interfaces brief and show interfaces extensive. PR1616765

In MXVC spcd running on SPC3 crashes. PR1617280

MPC8E in 1.6T bandwidth mode might not work correctly. PR1617469

Automatic Routing Engine switchover might not happen after migration. PR1617720

Traceroute packets might get dropped in SFW service-set when other service-sets with asymmetric traffic processing are also enabled on the same MS-MIC/MS-MPC. PR1617830

The traffic loss of CGNAT might be seen after cleaning the large-scaled CGNAT sessions in MS-SPC3 based Inter-Chassis High Availability scenario. PR1618360

[macsec] [fips] Lowest acceptable PN do not reflect correct value when replay-window-size is more than zero. PR1618598

The clksyncd might crash and PTP/SyncE might not work. PR1618929

The nsd might crash while validating NAT translation on MX Series platforms with SPC3. PR1619216

/interfaces/interface/subinterfaces/subinterface/state/counters are not exported during initial synchronization for on-change. PR1620160

EVPN type 5 routes might not be installed. PR1620808

All ports from the same Packet Forwarding Engine goes down at the same time causes mqchip_disable_ostream timeout then triggers host loopback path wedge and disable-pfe. PR1621286

Invocation of netconf get command will fail if there are no L2 interfaces in the system. PR1622496

Port speed might show as 100G even though chassis configuration is set for 40G manually. PR1623237

The aggregated Ethernet member link might not be correctly populated on the Packet Forwarding Engine after FPC restart on MX Series platforms. PR1624772

Implement show task scheduler-slip-history to display number of scheduler slips and last 64 slip details. PR1626148

S-PTX10K-144C License SKUs do not load, 400G SKUs do load. PR1627459

Evpn flood filter is not working for MPC10. PR1628270

Commit related to dynamic profile configuration changes might fail upon executing "request vmhost reboot routing-engine both" on MX platforms PR1607494

Adding and removing VLANs might cause traffic loss. PR1632444

When MTU is configured on an interface a rare ifstate timing issue might occur at a later point resulting in ksyncd process crash on backup Routing Engine. PR1606779

In tcpdump command processing allows an attacker to bypass configured access protections and execute arbitrary shell commands (CVE-2021-31357). PR1596122

Upgrade might fail when upgrading from legacy release. PR1602005

The fxpc process might crash and generate core file. PR1611480

Traffic might be interrupted while adding xe-/ge- interfaces as member of aggregated Ethernet interface bundle. PR1569399

ARP resolution failure might occur during VRRP failover. PR1578126

Junos Telemetry Interface optics sensor's alarm data type changed from " bool_val" to "str_val". PR1580113

The dcd process might crash after performing Routing Engine switchover/reboot/management interface configuration change. PR1587552

The dcd process crash might be observed after removing aggregated Ethernet logical interface from the targeted distribution database. PR1591032

SIB might get stuck at an "offlining" state after performing offline and online operations. PR1591076

Duplicate source and destination pair check is done only across same tunnel encapsulation type for FTI. PR1599266

The dcd process might crash and FPC might be stuck in ready state on MX Series platforms. PR1601566

The aggregated Ethernet interface might flap upon configuration changes. PR1602656

LACP system priority might take a value of 0 and cause an LACP interoperability issue . PR1602724

Few links on channelized interface is down after oir_enable and oir_disable in 4X25G. PR1606644

Memory leak on dcd process occurs when committing configuration changes on any interfaces in a setup with AMS interface configured. PR1608281

[interface] [platformtag] mx960 : :: PDT - MX960 : seeing dcd[40867]: %DAEMON-5: lo0 family maximum labels is non-adjustable in syslog messages. PR1611098

J-Web allows a locally authenticated attacker to escalate their privileges to root. (CVE-2021-31372) PR1594516

Reverting mastership from RE1 to RE0 might lead to l2ald daemon crash and cause an outage. PR1601817

The traffic received on a port in LACP detached state might be incorrectly forwarded. PR1582459

The DHCP client might be offline for about 120 seconds after sending the DHCPINFORM message. PR1587982

Delegated prefix IPv6 address is missing in accounting stop messages. PR1588813

The DHCP ALQ queue might get stuck causing subscriber flap. PR1590421

Uneven traffic distribution might be observed between member links of LAG. PR1599029

The rpd scheduler might continuously slip after GRES when there are 7000 DHCP clients in a subscriber management environment. PR1625617

The rpd process might crash in corouted bidirectional RSVP LSP scenario. PR1544890

[mpls][generic] D-CSPF node segment label: unresolved when Node Index 0 configured. PR1564169

The rpd core file is seen in the backup Routing Engine with in mirror_process_recvd_data_queue with mldp NSR configuration. PR1594405

The LDP replication session might not get synchronized when dual-transport is enabled. PR1598174

Sometimes MPLS LSP might go down due to a timing issue when a protected link goes down. PR1598207

Static LDP P2MP might fail after NSR switchover. PR1598344

The rpd might crash with LSP external controller configuration. PR1601763

VPLS connection might get down if dual-transport is configured. PR1601854

RSVP detour LSP might fail to come up when an LSR in the detour path goes down. PR1603613

LDP P2MP traffic might be interrupted post GRES. PR1609559

The rpd process might crash on standby_re LDP module when vpls mac-flush is enabled on peer by default or configuration. PR1610638

Configuring protocols mpls lsp-external-controller also throws commit error if in-place-lsp-bandwidth-update is configured under any LSP. PR1612269

The rpd process might crash if express segments using SR-TE underlay are configured. PR1613372

Intermittent p2mp traffic drop might be seen in MVPN scenario. PR1608311

Services NAT mappings and sessions are incorrect while checking the SIP sessions from public to private and RTP from private to public. PR1577922

The syslog archival transfer might fail if the archive site URL is configured with an IPv6 address. PR1603342

SNMP reflects outdated ARP entries. PR1606600

The L2TP tunnel might not work with filter-based encapsulation. PR1568324

Aggregated Ethernet interface queue statistics will be exported to Junos Telemetry Interface server. PR1571985

FPC crashes on MX Series and EX9200 platforms. PR1579182

The system generates an audit core file while changing TACACS and login user passwords. PR1589953

VLAN tagged traffic might be dropped with service provider style configuration. PR1598251

The service filter might get programmed incorrectly in Packet Forwarding Engine because of the rare timing issue in enhanced subscriber management environment. PR1598830

There might be FPC core file and packet drop in VxLAN-EVPN scenario. PR1600030

The mgd process might crash with an authentication setup. PR1600615

The kernel core file might be seen if BGP connections are restarting after deleting BGP authentication. PR1601492

The ZTP service might not work and the image installation fails. PR1603227

RTT output might not get displayed when show services rpm twamp client history-results command is issued. PR1605243

The FPC might crash if flow-table-size is configured on MX Series platforms. PR1606731

Multicast traffic is dropped when forwarded over VPLS via IRB. PR1607311

FPC crash might be seen because of mac-move between two interfaces under same bridge domain. PR1607767

Degraded traffic processing performance might be observed in case of processing very high PPS rate traffic. PR1619111

CoS custom classifier might not work on logical interface. PR1619630

Configuration commit might fail while configuring authentication-key-chains statement under groups. PR1626400

BGP import policy is not applied to all the routes when CCNH inet is enabled. PR1596436

The configuration check might fail if more than 8 FCs are configured and CBF is enabled. PR1600544

The firewalld might crash if you configure fragment-offset statement outside the range (fragment-offset 1-900000000000). PR1605805

BGP session might be down due to BGP-LS TLV received out of order. PR1546416

Conformance issues with draft-ietf-idr-bgp-ext-opt-param. PR1554639

Incorrect authentication-algorithm is set in BGP neighbor. PR1571705

Short multicast packets drop using PIM when multicast traffic is received at a non-RPT/SPT interface. PR1579452

Traffic drop might occur on link flap when IS-IS is configured. PR1585471

The rpd crash might be seen if BGP peer flaps. PR1592123

NTF-AGENT core file is seen at_Tthr_rwlock_unlock CRYPTO_THREAD_unlock OPENSSL_init_crypto. PR1597714

After first parallel ISSU aborts, subsequent ISSU attempts on failed node aborts with 'Aborting Daemon Prepare'. PR1598786

IPv4 static route might still forward traffic unexpectedly even when the static route configuration has already been deleted. PR1599084

Some routes might get incorrectly programmed in the forwarding table in the kernel with next-hop installed as DEAD. PR1601163

The rpd process might be stuck at 100 percent in OSPFv3 scenario. PR1601187

Packet drop might be seen when changing INET MTU for MPLS enabled interface in IS-IS SPRING scenario. PR1605376

MPC10E at [topgun] rpd core file rt_table_flash_job_cancel, rt_instance_set_lsi_ifl_data_shard, and rt_flash_all_internal might be seen after deactivating and then re-activating the interfaces. PR1605620

IS-IS LSP might not be originated if egress protection is configured. PR1605969

The BGP replication might be stuck in "InProgress" state. PR1606420

Multicast traffic might be duplicated on subscriber interface on MX Series platforms. PR1607493

With rib-sharding enabled any commit will flap all BGP sessions with 4 byte peer-as (AS number 65536 or greater). PR1607777

commit might fail when microloop-avoidance post-convergence-path is configured with out SR and SRv6. PR1608992

The rpd might crash after a commit if there are more than one address in the same address ranges configured under [bgp allow]. PR1611070

The rpd crash might be seen on all Junos OS and Junos OS Evolved platforms. PR1613384

Verification of BGP peer count fails, after deleting BGP neighbors. PR1618103

Time delay to export prefixes to BGP neighbors might occur post applying peer-specific bgp export policies. PR1626367

show services l2tp tunnel extensive, show services l2tp session extensive and show subscribers accounting-statistics commands do not work on LTS. PR1596972

Kmd core file has been generated at kmd_gen_fill_sa_pair_sadb_flags @kmd_update_sa_in_kernel @kmd_sa_cfg_children_sa_free. PR1600750

show services l2tp tunnel extensive, show services l2tp session extensive commands provide incorrect outputs on LTS. PR1601886

Subscribers might be stuck in terminated state when the RADIUS server is unreachable. PR1600655

The "Service session entry creation failed" errors are seen during ephemeral commit. PR1603030

Install discard routes is not supported on APM managed BNGs running Junos OS Release 21.3R1. PR1604967

Prefix duplication errors might occur for DHCPv6 over PPPoE subscribers. PR1609403

DHCP session fails with CLI session-limit-per-username statement. PR1612196

BNG does not correctly issue abatement alarm to APM when condition is met. PR1626632

When connectivity between BNG and APM is lost, the BNG does not regenerate pool drained alarms to APM. PR1627974

There is no counter for juniper-local default action. PR1570500

Updates to the system login configuration might not be reflected after a commit. PR1589858

File copy command is not accepting HTTPS URls. PR1596881

The dfwc and dcd processes might crash when a commit-check is performed after a previously terminated (with ctrl+c) commit-check PR1600435

The commitd core file may be observed after committing some configuration change. PR1601159

Configuration transfer-on-commit not working if commit is done via netconf. PR1602331

Invalid JSON and xml output format for command like show system resource-monitor ifd-cos-queue-mapping fpc x | display [json|xml]. PR1605897

The iked process might crash when IKEv2 negotiation fails on MX Series devices. PR1577484

Cannot add BGP standard community to NGMVPN Type-6 and Type-7 routes in VRF export policy. PR1589057

The rpd process might crash if the interface goes down in the BGP-MVPN scenario. PR1597387

Wrong st0 IFL deletion at spoke when multiple VPNs negotiate same destination address as TS. PR1601047