Open Issues

After GRES, VPWS Switchover occurs only after NSR Phantom Timer expires. The NSR Phantom timer is configurable. This can result in packet loss for that duration. This needs to be fixed in DCBPR1765052

On all Junos OS and Junos OS Evolved platforms with Ethernet Virtual Private Network - Multiprotocol Label Switching (EVPN-MPLS) setup , stale MAC entries may remain in the MAC table of the EVPN (Ethernet Virtual Private Network) routing instances during rapid MAC-IP move scenarios. This can cause MAC tables to reach their limits preventing new MAC addresses learning and user registration.PR1833660

On MX Series platforms, to improve the convergence of node failures in EVPN MH interconnects with Data Plane VXLAN, migrating to an Active-Active setup may cause the data plane to become out of sync for ARP entries. The gateway learns the MAC address and advertises it to the peer gateway. However, on the peer gateway, some MAC-IP entries may remain stuck in the 'Unresolved' (Ur) state. PR1848993

The Sync-E to PTP transient simulated by Calnex Paragon Test equipment is not real network scenario. In real network deployment model typically there will be two Sync-E sources (Primary and Secondary) and switchover happens from one source to another source. MPCE7 would pass real network SyncE switchover and associated transient mask PR1557999

There will be drop of syslog packets seen for RT_FLOW: RT_FLOW_SESSION_CREATE_USF logs until this is fixed. This will not impact the functionality.PR1678453

When LAG is configured with mixed speed interfaces switching to a secondary interface of different port speed, results in a few packet drops for a very short duration. PTP remains lock and there is no further functional impact. PR1707944

fec-codeword-rate data with render type decimal64 is rendered as string in grpc python decoder.PR1717520

During heavy network churn (interface flaps, session flaps etc.) PFE crash may be seen when streaming both SR and SRTE stats on PTX JUNOS platforms. Issue is not seen when only SR stats or SRTE stats are enabled. PR1730927

On MX Series Virtual Chassis, due to some timing issue when RPD is restarted, It will not be spawned again. This issue is rarely reproducible.PR1740083

On MX480 CommonDiag::JDE3(volt_services_show_clients) failing on MPC7e. PR1747033

On MX2010 Diagnostics::Jde3Diag(phy_reg_access) test fails. PR1747297

In Netconf private edit configuration session, commit RPC fails when unprotect operation is performed. PR1751574

On all Junos OS and Junos OS Evolved platforms with telemetry enabled, if the streaming server and export profile for reporting-rate are not properly configured in the analytics settings, rebooting the FPC would prevent any of the interfaces from coming up.PR1779722

On MX104, the AFEB could crash and reboot following a change of PTP GM clock source, which affects traffic forwarding.PR1782868

Additional logging has been added to the primry Routing Engine. This is to help narrow down the issue which chassisd process restarted unexpectedly at snmp_init_oids( ) function on the primary Routing Engine while booting up.PR1787608

When interfaces with different speed are configured as members of AE, some of the members are not added to AE. And if GRES is enabled, vmcore might be generated on backup REPR1799451

MPC11 In-Service-Software-Upgrade command fails from Junos OS 24.1R1 release to Junos OS 24.2R1 release and causes MPC11 linux crash. The issue only applies to ULC image.PR1803205

If standalone device has vccpd running with configurations as per virtual chassis, then it is considered a virtual chassis and not a standalone device. All messages seen will be as per virtual chassis as well.PR1805266

An improper resource shutdown or release vulnerability in the SIP ALG of Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). Refer to JSA100088 for more information.PR1806872

On all Junos OS QFX5K platforms, traffic loss occurs and the layer 3 interface cannot be deleted when many routes use the same layer 3 interface. QFX5K is encapsulating the packets with the wrong destination MAC (DMAC) and virtual network identifier (VNID) for a few IP addresses after disabling the interface.PR1808550

IS-IS session over MPC11 cards flapped due to "3-Way handshake failed" during ISSU (FRU upgrade stage - reboot phase). PR1809351

set chassis no-reset-on-timeout is a debug command for SPC3 to prevent rebooting in case of issue. It is not to be set during normal operations since SPC3 may need reboots to come online.PR1809929

Incorrect configuration of packet trigger IPv6 subscribers may result in misleading output of show subscribers extensive command, which may report sessions as ACTIVE, even though they have not been installed in the forwarding engine.PR1817549

Traffic loss will be seen on 1G-SFP-T if speed is configured to 100m. 1G SFP-T has the AN feature enabled but the PHY we have b/w SFP-T and switch ie., PHY82756 doesn't support AN and this mismatch is causing the traffic loss. This needs feature enhancement PR1817992

On MX Series platforms with MPC-3D-16x10GE cards, errors "Error to get synce int status" flood continuously when trying to get synce status. synce is an unsupported feature on MPC 3D and has no impact on traffic. So when device is trying to get the synce status which is not supported on MPC 3D card we are landing on that error state and log is flooding with the same error.PR1818617

Observing that actual total count is not matching with exact count while verifying no of files present under /var/log in r0 device.PR1819456

Multicast packets duplication happens under the condition ELAN + MVPN network and RP is out side of its core network. In this scenario, egress PE which is non-DF will send back multicast traffic to core side duplicated traffic will happen.PR1820746

On MX platforms with MS-MPC/MS-MIC with IPsec (Internet Protocol Security) configured, IPsec traffic loss will be observed if an SA (Security Association) deletion request is sent by the peer just before the SA installation is completed. The issue happens in the scale scenario (4000 tunnels are configured, and when the SA count reaches up to 3900).PR1825835

On MX Series platforms with MS-MPC and Carrier-Grade Network Address Translation (CGNAT) configured, a large number of "out-of-address" errors and stale NAT mappings for SIP (Session Initiation Protocol) traffic can occur. This can lead to a lack of available resources and cause new connections to be dropped.PR1826847

As per OpenSSH 9.0/9.0p1 release notes: "This release switches scp(1) from using the legacy scp/rcp protocol to using the SFTP protocol by default." In this case, since we are running OpenSSH 9.0 and above- OpenSSH_9.7p1 , this uses the "SFTP" protocol by default when scp command is invoked from shell. However, vSRX3.0 supports the "SCP" protocol by default when scp command is invoked. Therefor, to use the legacy "SCP" protocol from shell, please use the -O command line option For example: scp -O other options or arguments. Note: Incoming SCP connections from outside hosts that are running OpenSSH version >=9.0/9.0p1 could fail since sftp-server is disabled by default in Junos OS . Hence, users should either use the -O option on remote host while initiating scp file transfer OR enable sftp-server in the Juniper configuration. To enable sftp-server in Juniper configuration, use the following hierarchy: "set system services ssh sftp-server"PR1827152

On Junos OS MX Series with MS-MPC/MS-MIC cards, when clear service sessions are executed from multiple windows (approx 5 terminals), the PIC reboots and eventually all the service traffic will be impacted.PR1827806

"user.notice logrotate: ALERT exited abnormally with [1]" messages can be seen on a system with an MPC10E. PR1833493

On all Junos and Junos Evolved platforms, 72-byte size memory leak is seen when interface configuration is added. But there is no traffic impact due to this issue.PR1842546

Memory leak is detected with rpd task blocks "so_in". PR1842558

Based on SFB2 board has PF chip, SFB3 board has ZF chip. When FPC online/offline performed on MX2K platform, spmb syslog message will be generate zfchip_is_faulty message even if there is only SFB2 board using. == messages == Oct 16 13:17:56 testRouter_RE0 spmb0 fn = zfchip_is_faulty line = 603 name = zfchip->hw_initialized is NULL ============ These are just harmless messages (related to zfchip_is_faulty), should not impact any functionality. Here as ZFchip does not exist, so we see NULL, but this is NOP, does not do anything, just the log.PR1845228

Memory leak is detected with rpd task blocks "so_in6".PR1846297

On MX Series platforms with MPC5/MPC7 line cards when there are active pseudo wire subscribers and there is a change in the tunnel-services bandwidth configuration, FPC (Flexible Physical Interface Card Concentrators) crash is observed with the subsequent impact on the traffic.PR1849552

spmbpfe core can be seen sometimes in these two case: 1. During ISSU when old master RE comes up with the new image, a spmbpfe core is generated when the old master RE goes down after reboot is given post new image installation. The core will be seen post the reboot. 2. When "request system reboot" cli command is executed, a spmbpfe core will occur when the junos goes down and the core will be seen post the system comes up. These cores generated at these stages will have no impact on a running system. The core are seen only when some kind of reboot is triggered.PR1852648

On MX Series and SRX Series platforms a rare occurrence issue causes a sudden reboot of the Services Processing Cards (SPC3) in use leading to packet loss during the card offline period in the reboot process.PR1857890

On MX240, MX480, and MX960 platforms with Services Processing Card 3 (SPC3) , new Network Address Translation (NAT) pools may fail to install, this is due to a mismatch in service-set name length handling. The system stores only 32 characters for service-set information, causing failures when names exceed this limit.PR1881192

Currently, request system debug-info mode (custom) command supports only one mode at a time, not supports multiple modes. PR1886371

Logs from internal ethernet links monitoring script keep repetitively logged to /var/log/messages file if set system syslog file messages user any configuration is used.PR1886633

When using static address pools BNG Controller allows for the SGRP using the pool to be deleted while subscribers are still logged in. PR1886696

On all Junos and Junos Evolved platforms, in an Ethernet Virtual Private Network (EVPN) MultiHoming setup with Ethernet Segment Identifier (ESI) configured under logical Interface (IFL) (CE-facing), when the corresponding IFD (Physical Interface) flaps, the MAC route will point to the ESI interface, while it should point to the Multihoming CE (Customer Edge) interface. This results in traffic loss.PR1889335

On all Junos MX10004 and MX10008 platforms with FPM/craft interface, the craftd (craft control daemon) is unable to run, it causes the craft-control process does not start properly, leading the jnxAlarmRelayMode unable to retrieve data when an alarm condition is triggered. The issue does not cause traffic impact and only may affects monitoring traffic.PR1898722

MX304 acting as an LNS saw an FPC restart and core file is generated in aft-trio after offlining a MIC. PR1885754

An LSI logical interface remains in RPD even after being deleted by the interface manager daemon. It is visible in show interface routing but not in show interfaces, indicating that RPD still holds the logical interface despite its removal elsewhere. rpd-agent does not send a delete message to RPD due to a reference count issue. Another daemon likely l2ald, still holds a reference to the logical interface. The rpd-agent only sends the delete once all references are cleared, which doesn't happen in this case. As a workaround, send a "delete pending" message from rpd-agent to RPD. PR1866522

On all Junos and Junos Evolved platforms, in an Ethernet Virtual Private Network (EVPN) MultiHoming setup with Ethernet Segment Identifier (ESI) configured under logical Interface (IFL) (CE-facing), when the corresponding physical interface flaps, the MAC route will point to the ESI interface, while it should point to the multihoming customer edge (CE) interface. This results in partial traffic loss.PR1889335

On MPC3, delete MACsec provisioning before deleting interface.PR1909013

GRES do not support the configuration of a private route, such as fxp0, when imported into a non-default instance or logical system.

See KB26616 resolution rib policy is required to apply as a work-around. PR1754351

In order to allow protocol daemons (such as rpd, dot1xd et. al.) to come up fast when master password w/ TPM is configured, the daemons must be allowed to cache the master-password when they read their config. In order to cache the master-password, the daemons must individually reach out to the TPM to decrypt the master password and cache it in their memory. This scenario leads the TPM to be flooded with decryption requests, and therefore causes the TPM to be busy and start rejecting decryption requests. To prevent the daemons from core dumping in this scenario, and to allow successful decryption of secrets, we retry the decryption request to the TPM. However, to allow the TPM queue to drain, we introduce a sched_yield() call before retrying to sleep for 1 quantum of time. Without this, we will fail on all our retries. Additionally, a decryption request can also take a large amount of time (greater than 5 seconds). This results in SCHED_SLIP messages being seen in the logs, as the requesting process is idle while the decryption request is being processed by the TPM. This can exceed the SCHED_SLIP timeout, and result in libjtask logging the SCHED_SLIP messages into the configured system log file. These SCHED_SLIPs should not cause any route instability, are benign, and can be ignored as these are seen only during configuration consumption by the various daemons.PR1768316

DHCP-Relay short cycle protection can get stuck in grace period. PR1835753

On all Junos OS and Junos OS Evolved platforms, when performing the clear dhcp relay active-leasequery statistics peer x.x.x.x or same for DHCPv6, the relay the statistics are not cleared.PR1849259

While performing ISSU if you have RSVP session scale, with ukern based MPCs you can experience few of the RSVP session protocols flap due to combined effect of ~12 secs dark window followed high utilization of CPU resource utilization by the local ttp rx thread (for ~13 secs). This problem can be avoided by the workaround provided.PR1799286

On Junos OS MX Series platform with MSMPC card, Network Management System (NMS) times out when polling any data from jnxSpSvcSetIfTable OID.PR1788400

In some NAPT44 and NAT64 scenarios, duplicate SESSION_CLOSE Syslog will be seen. PR1614358

Multiple traps are generated for single event, when more target-addresses are configed in case of INFORM async notifications Cause: INFORM type of async notification handling requires SNMP agent running on router to send a inform-request to the NMS and when NMS sends back a get-response PDU, this need to be handled. In this issue state, when more than one target-address (NMS IP) is configured for a SNMP v3 INFORM set of configuration, when Get-Response comes out of order in which the Inform-Request is sent, the PDU is not handled correctly causing snmp agent to retry the inform-request. This was shows as multiple traps at the NMS side. As a work-around, for this issue would be to use 'trap' instead of 'inform' in the set snmp v3 notify NOTIFY_NAME type inform CLI configuration.PR1773863

On upgrading Junos OS 21.2R3-SX release to Junos OS 21.4R3-SX release, it is noticed that EX4300 switches exhibit a higher CPU. Issue is resulting from fast path thread profiling code. It takes on an average 1 ms more for one fast path thread cycle, cumulatively overall fast path thread usage had increased. Thread profiling code has been optimised and the issue is fixed in the future JUNOS.PR1794342

An authentication bypass by spoofing vulnerability in the RADIUS protocol of Junos OS and Junos OS Evolved platforms allows an on-path attacker between a RADIUS server and a RADIUS client to bypass authentication when RADIUS authentication is in use.

See JSA88210 for more information.PR1850776

LDP OSPF are in synchronization state because the IGP interface is down with ldp-synchronization enabled for OSPF. user@host> show ospf interface ae100.0 extensive Interface State Area DR ID BDR ID Nbrs ae100.0 PtToPt 0.0.0.0 0.0.0.0 0.0.0.0 1 Type: P2P, Address: 10.0.60.93, Mask: 255.255.255.252, MTU: 9100, Cost: 1050 Adj count: 1 Hello: 10, Dead: 40, ReXmit: 2, Not Stub Auth type: MD5, Active key ID: 1, Start time: 1970 Jan 1 00:00:00 UTC Protection type: None Topology default (ID 0) -> Cost: 1050 LDP sync state: in sync, for: 00:04:03, reason: IGP interface down config holdtime: infinity.

As per the current analysis, the IGP interface goes down because although LDP notified OSPF that LDP synchronization was achieved, OSPF is not able to take note of the LDP synchronization notification, because the OSPF neighbor is not up yet. PR1256434

On MX Series platforms, unexpected log message will appear if the CLI command 'show version detail' or 'request support information' is executed: test@test> show version detail *** messages *** Oct 12 12:11:48.406 re0 mcsnoopd: INFO: krt mode is 1 Oct 12 12:11:48.406 re0 mcsnoopd: JUNOS SYNC private vectors set PR1315429

If the file size is too small and the amount of traceoptions volume is too high it can cause scheduler slips and operational impact.PR1815837

On Junos and EVO platforms, after a Graceful Routing Engine Switchover (GRES), in New master, Indirect routes gets updated to the PFE and result in traffic loss when the transport is L-ISIS with telemetry traffic sensors enabled. In this scenario, Indirect routes going over L-ISIS route. Reason for Indirect route change is due to Underlying L-ISIS route next-hop getting changed. L-ISIS route next-hop getting changed due to ?Sensor-based-stats? configuration which does not support NSR functionality. Hence After Switchover, New Master Create sensors and Installed in the L-ISIS next-hop result in L-ISIS next-hop changed. Once L-ISIS routes nex-thop gets changed, Indirect routes under going for re-resolution which cause traffic impact. PR1886347

On platforms supporting where BGP Routing Information Base (RIB) Sharding is configured the rpd process crashes on both Routing Engines due to route churns. This timing issue is caused when a particular internal function is used by multiple threads.PR1903829

Memory leak is detected with rpd task blocks "tm-alloc-bytes_task_trace_filter".PR1849089

On all MX Series platforms that support MS-MPC/MS-MIC cards, memory leak is observed on kmd (Key Management Deamon) process when IPSec VPN is configured with DiffieHellman group24. The issue is not seen on platforms that support iked process. Memory leak causes incorrect outputs for CLI ipsec/ike show commands and over time kmd might crash when reach its maximum memory, creating a core-dump and resulting in ipsec/vpn going down.PR1781993

On all MX Series platforms with Multiservices Modular PIC Concentrator (MS-MPC), when Dead Peer Detection (DPD) is enabled under IPsec/Internet Key Exchange (IKE) VPN settings and for any reason an IPsec Security Association (SA) is deleted, the kmd process crashes. Due to the kmd process restart some disruption in tunnel establishment is seen.PR1869769

On all Junos OS and Junos OS Evolved platforms, configuration changes using Python script in ZTP does not work and leads to errors. The following errors are seen: warning: [edit system scripts op allow-url-for-python] not enabled >>> error: The remote op script execution not allowed. PR1718692

After switchover in MX2010 platform, test configuration is removed with load update and then rollbacked. During rollback commit, configuration commit failed with error. Error: commit-check-daemon: Invalid XML from dfwd error: configuration check-out failed. PR1829614