Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Open Issues

Learn about open issues in Junos OS Rlease 21.4R2 for EX Series switches.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • When running the command show pfe filter hw filter-name <filter name>, the command fails to retrieve the Packet Forwarding Engine programming details of the filter. PR1495712

  • A delay of 35 seconds is added in reboot time in Junos OS Release 20.2R1 compared to Junos OS Release 19.4R2. PR1514364

  • The FPC process might not get spawned after hard reboot in a rare case, which causes the FPC to not come online successfully. PR1540107

  • Pause frames counters are not getting incremented when pause frames are sent. PR1580560

  • On EX4400 family of devices, sometimes login prompt is not shown after the login session ends. PR1582754

  • In rare circumstances when doing routing-engine switchover, the routing protocol daemon in former active routing-engine (new backup routing-engine) might restart with a coredump while in process of being terminated.PR1589432

  • On EX series devices with vendor chip as Packet Forwarding Engine (PFE), if IS-IS is enabled on an integrated routing and bridging (IRB) interface and the maximum transmission unit (MTU) size of the IRB interface is configured with a value great than 1496 bytes, the IS-IS hello (IIH) PDUs with jumbo frame size (i.e., great than 1496 bytes) might be dropped and not sent to the IS-IS neighbors. The following is the product list of EX series devices with vendor chip as Packet Forwarding Engine. EX2300, EX3400, EX4300, EX4600, and EX4650. PR1595823

  • EX4400 platforms have a Cloud LED on the front panel to indicate the onboarding of the device to cloud (day0) and management after onboarding (day1). If MIST is used as a Management entity in cloud then, the cloud LED will display green in situations where device would have lost connectivity to cloud. This is dues to MIST using outbound SSH for management. This behavior is not applicable to any other management entity which uses outbound https and LED will display appropriate states to indicate the loss on connection to cloud. PR1598948

  • EX4400-48MP - VM cores and VC split might be observed with multicast scale scenario. PR1614145

  • Issue: DHCP binding will not happen, when MLD snooping is enabled. Root cause: During DHCPv6 binding process, ICMPv6 neighbour discovery packets will be transacted between DHCP server device and client device tp learn adjacency. As per the design, ICMPv6 multicast packets will get dropped in DHCP security device and DHCPv6 binding will not happen as well. This issue is applicable only for Trinity based line cards and this is in parity with the older legacy Line cards. So, this config is not supported on this platform. DHCP-security vlan config: set vlans dhcp-vlan vlan-id 100 set vlans dhcp-vlan forwarding-options dhcp-security option-82 circuit-id set interfaces xe-0/1/3:1 unit 0 family ethernet-switching vlan members dhcp-vlan set interfaces xe-0/1/3:3 unit 0 family ethernet-switching interface-mode trunk set interfaces xe-0/1/3:3 unit 0 family ethernet-switching vlan members dhcp-vlan set interfaces xe-0/2/2:0 unit 0 family ethernet-switching interface-mode trunk set interfaces xe-0/2/2:0 unit 0 family ethernet-switching vlan members dhcp-vlan Committing MLD snooping on the vlan: set protocols mld-snooping vlan dhcp-vlan. PR1627690

  • Mixing of GBP and non GBP terms in a single firewall filter is not supported and commit error is provided at CLI. PR1630982

  • On EX4600 devices, show dot1x firewall output for clients authenticated in CP (after fallback) might show incorrect packet count.PR1636503

  • On all EX3400 and EX4400 devices, the Virtual-Chassis (VC) port might not be formed automatically after executing the command request system zeroize.PR1649338

  • The EX4300-48mp does not generate ICMPv6 too long messages causing path MTU discovery to fail. As a result IPv6 session establishment fails. Path MTU discovery (PMTUD) is mandatory for IPv6, when MTU discovery fails IPv6 session establishment also will fails. In customer side SSH fails to establish due to keys too big to be fragmented.PR1655654

  • On a EX2300 and EX4400 device, while configuring access control lists, dfwd core might be observed. PR1656219

  • When a EX4400 Virtual Chassis is upgraded to 21.4R2 release using non-stop image upgrade process, the Virtual Chassis might report a alarm indicating a Virtual Chassis member is having different software version though all members are running same software versions. This alarm will be cleared on subsequent reboot of the chassis.PR1658508

  • The port/MAC gbp tags might not be carried forward to the spine. PR1659384

Forwarding and Sampling

  • The fast-lookup-filter with match not supported in FLT hardware might cause the traffic drop. PR1573350


  • A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks operating system allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. PR1497768

Network Management and Monitoring

  • A minor memory leak is seen in the event-daemon process when multiple GRES switchovers are performed. PR1602536

Platform and Infrastructure

  • When the DHCP relay mode is configured as no-snoop, we are observing the offer gets dropped due to incorrect ASIC programming. This issue only affects while running DHCP relay on EVPN/VXLAN environment. PR1530160

  • During Routing Engine switchover interface flap might be seen along with Scheduler slippage. PR1541772

  • When a EX4400 Virtual Chassis is scaled with different features configurations and device is stressed with traffic, device might not respond for CLI commands for a short period of time and a vmcore might be reported at that time. Once VM core is saved, device will continue to operate normally. PR1599498

  • During VCCP flaps, Packet Forwarding Engine socket might get closed due to Virtual Chassis disconnection, and core might be observed due to access of freed memory, as a side effect. Due to a race condition between ukern threads, some API might free a memory while it might be being accessed from other API.PR1655530