Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Open Issues

Learn about open issues in this release for MX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • If a vmhost snapshot is taken on an alternate disk and there is no further vmhost software image upgrade, the expectation is that if the current vmhost image gets corrupted, the system boots with the alternate disk so the user can recover the primary disk to restore the state. However, the host root file system and the node boots with the previous vmhost software instead of the alternate disk. PR1281554

  • VXLAN VNI (multicast learning) scaling on QFX5110 traffic issue is seen from VXLAN tunnel to Layer 2 interface. PR1462548

  • For the MPC10E card line, the IS-IS and micro-BFD sessions do not come up during baseline. PR1474146

  • When there are hardware link errors occurred on all 32 links on an FPC 11. Because of these link errors, all FPCs reported destination errors towards FPC 11 and FPC 11 was taken offline with reason "offlined due to unreachable destinations". PR1483529

  • runt, fragment and jabber counters are not incrementing on EX4300-MPsPR1492605

  • When launching a guest Virtual Machine (VM) to run a third party application on Junos OS 15.1R1 and above, the guest VM might be shown as "UNAVAILABLE" even after successfully installing the third party application. This is due to duplicated device ID assigned to different disks. PR1529596

  • The Sync-E to PTP transient simulated by Calnex Paragon Test equipment is not real network scenario. In real network deployment model typically there will be two Sync-E sources (Primary and Secondary) and switchover happens from one source to another source. MPCE7 would pass real network SyncE switchover and associated transient mask PR1557999

  • VE and CE mesh groups are default mesh groups created for a given Routing instance. On vlan/bridge-domain add, flood tokens and routes are created for both VE and CE mesh-group/flood-group. Ideally, VE mesh-group doesn't require on a CE router where IGMP is enabled on CE interfaces. Trinity based CE boxes have unlimited capacity of tokens, so this would not be a major issue. PR1560588

  • Pim Vxlan not working on TD3 chipsets enabling VxLAN flexflow after release 21.3R1. Customers Pim Vxlan or data plane VxLAN can use the Junos OS Release 21.3R1. PR1597276

  • When user tries to disable AMS ifd using config knob, the ipsec tunnels are not deleted. Deactivating the services will provide the desired result. PR1613432

  • In some NAPT44 and NAT64 scenarios, Duplicate SESSION_CLOSE Syslog will be seen. PR1614358

  • For a topology with VSTP and VRRP configured and IPV6 traffic, if VSTP bridge priority is changed a couple of times (to trigger toggling of root bridge), it is possible that V6 traffic drop is seen on some of the streams. PR1629345

  • mspmand daemon running on MS-MPC/MS-MIC cards can occasionally crash when the service card (fpc/pic) is turned offline and then online at regular intervals when the number of service-set configured is moderately high and when extensive hardware crypto operations are being performed. Exact issue is yet to be isolated. PR1641107

  • Source MAC should nt be configured on the underlying static interface on the UP for PPPoE login to work correctly.PR1641495

  • vMX: "input fifo errors" drops reported under pfe shell "show ifd" but not seen in "show interface extensive" output PR1642426

  • bb device has to be manually enabled in configuration for DHCP and PPP access models for BNG CUPS. Configuration to enable bb device is as follows:: #set system subscriber-management mode force-broadband-devicePR1645075

  • When per-interface egress and per-sid egress SR sensor stats are configured using the CLI commands below, the (pushed) MPLS label length does not get included in the output/Tx octets field that gets exported from the sensor. set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link egress set protocols isis source-packet-routing sensor-based-stats per-sid egress This is a day-1 behavior on all Trio ASIC based FPCs on the MX platform.PR1646799

  • On all QFX platforms, Ethernet VPN (EVPN) Type-5 traffic drops are observed when the device is configured only with Type-5 Virtual Routing and Forwarding (VRF) and without an Integrated Routing and Bridging (IRB) interface. PR1663804

  • If the physical link status of the ethernet link between the RE and FPC goes down, there are recovery attempts to bring up the link again. Log messages indicate the recovery attempts and the success/failure status of the attempt. However an alarm is not raised when this failure occursPR1664592

  • Not all MAC addresses are learnt for some VPLS instances after "clear vpls mac-table" command is executedPR1664694

  • Few protocol sessions remain down causing traffic loss in certain prefixes after quick arpd process disable and enable. The system can be recovered from erroneous state by executing "restart routing gracefully" in CLI.PR1665362

  • On all Junos platforms, incorrect sensor base telemetry data are collected when multiple SR-TE tunnels are configured with at least one uncolored, sharing the same single hop segment list.PR1665943

  • UDP Telemetry may not work when subscribes to /junos/system/linecard/intf-exp/ sensorPR1666714

  • Faulty FPC (Flexible PIC Concentrator) on the MX platform chassis exhibiting multibit ECC (Error Checking and Correction) error (L2 cache error) will trigger this issue. The whole chassis goes down until the faulty FPC is removed from the chassis.PR1670137

  • In case Port is DOWN then Tx Laser need to enable via cli-pfe> prompt.PR1673892

  • On SyncE over LAG interfaces, if the end points have different ESMC QL configured, on one of configured syncE interface, ESMC QL is toggling between PRC and DNU and sync-E does not lock and moves to holdover state. PR1677131

  • Not fixed in the Current release, the issue was recreated only with IXIA connection. Arp response is not received in the DUT port to store the destination MAC address. unable to determine if the issue is with the MX port or medium or IXIA port. PR1677624

  • There will be drop of syslog packets seen for RT_FLOW: RT_FLOW_SESSION_CREATE_USF logs until this is fixed. This will not impact the functionality.PR1678453

  • On QFX5100 platforms (both stand-alone and VC scenario) running Junos, occasionally during the normal operation of the device, PFE (Packet Forwarding Engine) can crash resulting in total loss of traffic. The PFE reboots itself following the crash.PR1679919

  • The issue here is that we see ?MQSS(0): DRD: Error: WAN reorder ID timeout error? once per PFE during bootup of FPC. This happens because during the FPC bootup some control packet from vmhost comes before the PFE init is fully complete. Because of this the EA Asic is not able to process the packet and throwing the error. The fix involves complex changes in the bootup sequence of ASICS and will result in other major issues. The original issue has no functionality impact. It is just one error per PFE seen during the FPC reload case only. At that time the traffic is not started yet and once the system is up no other impact is seen due to the Error. Hence the issue will not be fixed. Any "WAN reorder ID timeout error" during the bootup of FPC can be safely ignored.PR1681763

  • The Queue stats may show constant PPS / bps after interface is disabled. The stats don't increment and remain same when the interface went down. However it is a display issue which will be fixed in future releasesPR1685344

  • New CLI commands addition to support RE and Chassis power-cycle under request vmhost hierarchyPR1686577

  • If MVRP is enabled on an MSTP enabled interface, the interface will be made part of all the existing instances on the switch, So, if there are two interfaces between R1 and R2 as below: R1(et-0/0/1 and et-0/0/2)======(et-0/0/1 and et-0/0/2)R2 And one interface is MVRP enabled (say et-0/0/1), and et-0/0/2 is not MVRP enabled. By configuration et-0/0/1 is part of MSTI-1 and et-0/0/2 is part of MSTI-2. MSTI-1 is running on vlan-100 and MSTI-2 is running on Vlan-200. R2 in this case, is advertising only vlan-100. The MVRP enabled interface will become part of all the MSTIs(MSTI-1 and MSTI-2 both) configured on the device and it will take part in the FSM of all the MSTIs. Although et-0/0/1 is not member interface of vlan-200(correspnding to MSTI-2). This potentially can cause a problem where et-0/0/1 although not a vlan-200 member, will go into FWD state and et-0/0/2, genuine member of vlan-200 goes into BLK state for MSTI-2. So, when traffic is received in vlan-200 it will be sent out of et-0/0/1, an it will be dropped.PR1686596

  • Junos has a limitation of 255 characters for resource names. Increasing the limit will have implications on the CLI output and same changes will needed to be propagated to lower layers where the resources are served from. PR1695980

  • "suppressed-prefix-count" can be retrieved with the following RPC via Netconf, as this is not included as part of OpenConfig yang model. rpc get-bgp-summary-information get-bgp-summary-information rpcPR1696022

  • set routing-options transport-class auto-create When the above command is configured, RPD creates/deletes tables dynamically. There is a flaw in the Delete Flow, which does not delete the table from the kernel, and when the next time RPD is adding the same table, the operation is stuck with EEXISTS error, as previous delete was never done. Any subsequent commit will resolve this issue.PR1696199

  • FIPS mode is not supported in this release for SRXSME devices.PR1697999

  • On all Junos and Junos Evolved platforms supporting MACsec (Media Access Control security), traffic drop can be seen when MACsec Primary and fallback sessions are configured and there is a higher transmit-delay time (~6 sec). This is a timing issue and occurs when switching from primary to fallback or vice-versa when changing the pre-shared-key's CAK (Connectivity Association Key) value in CLI (Command Line Interface) on the non-key-server side and at the same time key-server generates a new SAK (Secure Association Key) for pre-shared-key due to expiration of sak-rekey timer, i.e. sak-rekey and primary to fallback key-switch both occurs at the same time. This issue is self-recovered once the SAK from fallback is recovered.PR1698687

  • When subscribing to sensor paths "/junos/system/linecard/packet/usage/", "/junos/services/label-switched-path/usage/" or other line card (PFE) sensor paths in gNMI subscription mode, packet drops may be seen in the CLI command "show network-agent statistics gnmi detail" output. The collector output may also contain missing sequence numbers. For example, the sequence number output may be 0, 3, 6, 9, 12, etc. instead of 0, 1, 2, 3, 4, etc. PR1703418

  • Port-location start or stop command option is not available for all active 1g ports in request chassis port-led start port. PR1705298

  • In Chassisd, Junos Telemetry Interface thread takes more time in streaming of Junos Telemetry Interface packets because of volume of data and number of sensors involved with this daemon. Junos Telemetry Interface thread engages for more time to process streaming events causing Chassisd master thread to lose receive or send keepalive messages to or from other Routing Engine, which eventually causes automatic Routing Engine switchover in most of the cases. PR1706300

  • Current stack and display is correctly set to 128 ports that is qualified on all MX10K8 linecardsPR1706376

  • MX10K-LC480: G.8275.1: PTP to PTP and PTP to 1PPS Noise transfer performance not meeting G.8273.2 maskPR1707127

  • MX10K-LC480: G.8275.1: SyncE to PTP and SyncE to 1PPS Noise transfer performance not meeting G.8273.2 maskPR1707128

  • MX10K-LC480: G.8275.1: Synce to PTP and SyncE to 1PPS Transient Response not meeting G.8273.2 maskPR1707129

  • When LAG is configured with mixed speed interfaces switching to a secondary interface of different port speed, results in a few packet drops for a very short duration. PTP remains lock and there is no further functional impact. PR1707944

  • When the 4X10G SR optics is connected with peer 1G SX the links come up and traffic will flow normally. But if there is any link fault on DUT having 4x10G SR (due to cable cut, peer 1GSX optics OIR), the links at local end may or may not come up and the RX LOS alarm will be present at the local 4x10G SR optics lane. The links can be brought up back by doing $x10G optics OIR (jack out and JAck in) at the DUT.PR1712421

  • When we change speed from 100G to 1G on a given port i.e. port config was 100G and then we change to 1G the links dont come up. This is not applicable to scenario where we are in default 100G pic-mode on bootup i.e. all ports in 100G and then we configure one port to 1g (it will work there).PR1712665

  • When LAG is configured with mixed speed interfaces switching to a secondary interface of different port speed - 1G to 10G link, results in a short spike at Max TE. There is no other functional impact and PTP remains locked. PR1716124

Interfaces and Chassis

  • MediaType value in SNMP/Jvision is not correct at the beginning after the switch comes up only for the DOWN interfaces where copper mediaType is connected till the link is not UP. This value is correct always in CLI output. Below are the recovery ways 1. Bring the link up (Connect the other side) 2. Restart dcd daemonPR1671706

  • This issue is specific to MXVC only and the issue is not seen during manual execution of the test case. Issue is seen only with the test script that too rarely and hence the exact trigger of the issue is not clear.PR1686425

  • The link-local address is not assigned for the loopback interface after the upgrade or the device reboot on all Junos OS Evolved platforms. The impact depends on how the loopback interface is used in the configuration. It can cause a connectivity issue and traffic impact when it is used for the routing process.PR1695502

Junos XML API and Scripting

  • L2TP LAC functionality is not working in this release PR1642991

Layer 2 Features

  • In a H-VPLS network with VPLS hot-standby and the knob 'routing-options forwarding-table vpls-hotstandby-convergence' enabled on spokes, if the active hub is rebooted, 20-25 seconds loss for inter-zone traffic stream is seen. This is due to hubs in other zones connected by full-mesh ldp, starting global repair before spokes starting local repair.PR1699645

MPLS

  • Ingress will retry after LSP stay down for extended period of time or customer can clear lsp to speed up the retry. PR1631774

  • When instance loopback interface is disabled. That happens due to change of router-id when a loopback interface is disabled and LDP sets the new router id as LDP label space id for IPv4 connection in primary Routing Engine instead of the id from dual-transport configuration but backup Routing Engine picks IPv4 connection id from dual transport configuration. This way there is a mismatch between the LDP IPv4 connection id in primary and secondary Routing Engine and results in failure of synchronization. PR1703176

  • Tag rnh appears to be freed somewhere in the corner case, but the relevant pat node has been missed to delete from the tag patricia tree. That makes tag rnh/(pat_node->Tnh) a dangling pointer and later on, it results in a crash while accessing invalid pointer addresses in the tag rnh/Tnh structure.PR1707053

  • When an LSR acts as a Point of Local Repair (PLR) as well as a Merge Point (MP) for an LSP during a double failure scenario, the LSR incorrectly originates one or two PathErr messages with RoutingProblem (code=24/2) instead of originating PathErr with NotifyError (code/subcode=25/3). This will not cause any service impact if the ingress LER would not react adversely to RoutingProblem error (code=24/2).PR1713392

Network Management and Monitoring

  • After upgrading the device, yang package with lower revisions are available. PR1693646

Platform and Infrastructure

  • BFD flap is observed after executing VPLS mac-table clear command.PR1686220

Routing Protocols

  • On all Junos OS and Junos OS Evolved platforms, the rpd can crash when protocol independent multicast (PIM), multicast only fast reroute (MoFRR) configuration is present and some network churn event such as continuous interface cost changes, resulting in a change of active and backup paths for equal cost multi-path (ECMP) occurs. There will be service impact because of the rpd crash but the system self-recovers until the next crash. PR1676154

  • The IS-IS yang is uplifted to 1.0.0 version which has major change in existing OC path that was supported earlier. Since OC path has change, same need to reflected in translation script which is not done. As part of D27 release for cloud, translation script will be modified with newer OC path. Till then supported older OC config is broken. eventually D27 code will come back to DCB and things will work fine after that.PR1686751

Services Applications

  • When a configured tunnel interface is changed to another one, flow-tap-lite functionality stops working that is, packets do not get mirrored to content destination. But, this problem isn't consistently seen.PR1660588

VPNs

  • When MVPN protocol has separate route targets configured, then the both address families are disabled. RPD infrastructure parsing does not check if MVPN protocol is disabled. Therefore, it creates the auto policies for route-targets if configured. So, if those policies are not marked as active in MVPN configuration flow, it does not get resolved and thereby the policy object might not be valid thus generating a core file. PR1700345