Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Known Limitations

Learn about known limitations in this release for vSRX.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Chassis Clustering

  • Currently max BFD detection interval tested by RLI is 16s. If the detection interval is too large, no BFD down event will be posted by BFDD daemon to jsrpd and jsrpd cannot be aware that ICL once goes down since BFD is the single source of MNHA ICL link failure detection. We don't have other (or plan to add other) ways to detect ICL link going down as it introduces extra complexity. So currently this is a product-limitation.PR1671622

VPNs

  • In case of IKEv2, if the IKE and IPsec SA setup fails in the IKE-SA-AUTH exchange at the initiator end(due to authentication failure), it will lead to a situation where in the responder would have already brought up the IKE and IPsec SA and there would be no delete notification sent from initiator to the responder. To avoid such a scenario, it is recommended to enable dead-peer-detection (DPD) on the responder end which will ensure that the IKE and IPsec SAs gets deleted on the responder. PR1680885