Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Table of Contents
Navigation  Back up to About Overview 
ContentIndex
 
[+] Expand All
[-] Collapse All

Resolved Issues

This section lists the issues fixed in the Junos OS main release and the maintenance releases. The identifier following the description is the tracking number in the Juniper Networks Problem Report (PR) tracking system.

Resolved Issues: Release 13.2R8

General Routing

  • On PTX Series platform, after short protocol adjacencies flaps, rpd and kernel next-hops might not be in sync, resulting in equal-cost multipath (ECMP) not working correctly. PR911307
  • On PTX Series routers with MPLS environment (30k transit LSP), large number of MPLS interfaces (in this case, 200 interfaces) are configured with 0 or 1 MPLS labels. When these interfaces flap, the FPC kernel memory usage might leak. PR995893
  • This issue can be observed with the following configuration on a transit node: - RSVP refresh reduction is configured - Link protection is enabled for all interfaces - NSR is enabled. When switchover is done, slight traffic loss is observed. PR1023393
  • When there is link/node protection/ECMP for RSVP/LDP transit or egress LSPs with huge scaling and continuous flapping of LSPs like auto-bandwidth case, traffic might get black-holed upon LSP re-optimizations. The issue would get triggered if the same unilist list-id (unilist list-id is a unique id for unilist nexthop) is allocated for two different unilist forwarding topologies. This situation arises when the unilist list-id wraps around after max value of 65535. After the wraparound, if there is long living list-id (which can be due to some node/link protected LSP that has not been re-optimized for long time), the Packet Forwarding Engine assigns the same list-id during allocation (upon other LSP re-optimizations) and this will trigger the issue as the new unilist will be directed to incorrect interface. PR1043747
  • When the port on 24x 10GE(LWO) SFP+ (which never went link up since the PIC is onlined) is configured as CLI loopback, the ports will receive framing error until the interface gets physically linked up. (i.e. with real fiber instead of CLI loop). There would be no problem in normal use. This is only seen in self-loopback testing with CLI loopback. PR1057364
  • On PTX Series platform, non-revertive feature for clock synchronous sources does not work correctly. After deleting the primary clock and then adding it back, it will fall back to the primary clock but not stay in secondary. PR1052549
  • On PTX Series routers, the interrupt-driven basis link down detection (an interrupt-driven link-down notification is generated to trigger locally attached systems to declare the interface down within a few milliseconds of failure) may fail after performing unified in-service software upgrade (ISSU). The interrupt might get prevented after performing unified ISSU due to disabling the interrupt registers before unified ISSU but never restored after. PR1059098

Forwarding and Sampling

  • In PTX Series Carrier-Grade Service Engine (CSE) jflow solution environment, because to the sampling process (sampled) may get into a continuous loop when handling asynchronous event (for example, aggregated tethered services interface flapping, or route update, or IFL/IFD update). The sampled may never come out of that loop which may result in high CPU usage (up to 90% sometimes). Also, the flabel might be exhausted because sampled is not able to consume states (such as route updates, interface updates) generated by kernel and finally the router would not make any updates. PR1092684

MPLS

  • This is a regression issue on all Junos operating systems related to a timing factor. When LDP session flaps, over which entropy label TLV or any unknown TLV is received, the LDP speaker might not send label withdraw for some prefixes to some neighbors. As a result, these neighbors will still use stale labels for the affected prefixes. PR1062727

Routing Protocols

  • When running Simple Network Management Protocol (SNMP) polling to specific IS-IS Management Information Base (MIB) with invalid variable, it will cause routing protocol process (rpd) to crash. PR1060485

Resolved Issues: Release 13.2R7

General Routing

  • On PTX Series platform, when receiving high rate ipv4/ipv6/mpls packets with TTL equals 1, the ICMP TTL expired messages are sent back to the sender not according with the ICMP rate limit settings. PR893129

MPLS

  • On P2MP MPLS LSP transit router with NSR enabled, when RSVP refresh reduction feature is enabled and LSP link protection is configured on all interfaces, slight P2MP traffic loss might be seen after the graceful Routing Engine switchover (GRES) is done. PR1023393

Resolved Issues: Release 13.2R6

General routing

  • In the P2MP environment with AE interface. When flapping interface continually, in rare condition, if unilist next hop is added failure, the system does not clean it up properly and this leads to FPC crash. PR980622

Interfaces and Chassis

  • On PTX Series platform, performing Routing Engine switchover might cause flabel (fabric token) out of sync between master Routing Engine and backup Routing Engine, and results in FPC crash. PR981202

Platform and Infrastructure

  • "delete" or "deactivate" of apply-group defining the entire TACACS or RADIUS configuration configured under [edit system apply-group <>] does not take effect on commit. This could lead to TACACS or RADIUS based authentication to still continue working despite removal (delete/deactivate) of configuration. PR992837

Resolved Issues: Release 13.2R5

Class of Service (CoS)

  • The PTX Series router is supposed to not generate pause frames even during congestion. The behavior is to drop aggressively if it ever runs out of queuing memory. PR873028
  • Sometimes the cosd process generates the corefile when add/delete child interface on the LAG bundle. PR961119

Interfaces and Chassis

  • Kernel crash might happen when a router running a Junos OS install with the fix to PR 937774 is rebooted. This problem will not be observed during the upgrade to this Junos OS install. It occurs late enough in the shutdown procedure that it shouldn't interfere with normal operation. PR956691
  • Sometimes the COSD generates a core file when add/delete child interface on the LAG bundle. PR961119
  • SFP+-10G-ZR (part number = 740-052562) is not fully supported on P1-PTX-24-10G-W-SFPP PIC. Inserting the optic on P1-PTX-24-10G-W-SFPP PIC can cause FPC core on the PIC. PR974783

Network Management and Monitoring

  • This PR fixes the issue where output ifIndex being exported as 0. Unless there is a critical business need, we do not plan to backport the fix to releases earlier than 14.1. PR964745

Routing Policy and Firewall Filters

  • On PTX Series platform, when a firewall filter has many terms, all the terms might not work correctly due to wrong order of terms due to mis-programming. PR973545

Resolved Issues: Release 13.2R4

Class of Service (CoS)

  • Configuration check fails when wildcard is used when configuring extended communities rt-import:*:* and src-as:*:* PR944400

General Routing

  • If rpd ACK feature is enabled through command "indirect-next-hop-change-acknowledgements", when a route being added and a quick route change happens on the same route, high routing protocol process (rpd) CPU utilization might be seen and stays high (above 90%) until rpd is restarted. PR953712

Interfaces and Chassis

  • RPD on the backup Routing Engine might hit an out of memory condition and crash if the BGP protocol experiences many flaps. PR904721
  • Reception of a very high rate of crafted IGMP packets may cause the Junos OS kernel to crash. The contents of the valid IGMP packets must be specifically crafted to trigger the crash, while maintaining a transmit rate exceeding approximately 1000 packets per second. PIM must also be enabled to trigger this crash.PR944135
  • Unintended CRC errors are reported leading to FPC/SIB link alarms on the PTX Series. PR948185

IP Address Management

  • PTX TLCHIP drops transit and host-bound packets containing the same source and destination IPs due to a protection mechanism built into TLCHIP. Such packets are counted as "Data error". This forces a change in loopback mode configuration on Ethernet interfaces. PR934364

MPLS

  • When Packet Forwarding Engine fast reroute (FRR) applications are in use (such as MPLS facility backup, fast-reroute, loop free alternates), a flap of the primary path could be triggered due to an interface flap or by a Bidirectional Forwarding Detection (BFD) session flap. However, this interface/session flap might lead to a permanent use of the backup path, which means the original primary path could not be active again. PR955231

Resolved Issues: Release 13.2R3

IPv6

  • PTX Series drops packets containing same source and destination IP due to LAND attack check. PR934364

Routing Policy and Firewall Filters

  • On the PTX Series, only 48k longest prefix match (LPM) routes are supported. If the limit of 48,000 LPM routes is exceeded, the kernel routing table (KRT) queue can be stuck with the error "Longest Prefix Match(LPM) route limit is exceeded." PR801271

Routing Protocols

  • RPD on the backup Routing Engine may crash when it receives a malformed message from the master Routing Engine. This can occur at high scale with nonstop active routing enabled when a large flood of updates are being sent to the backup. PR830057

Software Installation and Upgrade

  • Since the high-level package (jinstall) is signed, the underlying component packages are not required to be signed explicitly. However, the infrastructure was written in such a way to display a warning message if the component package is not signed (jpfe). PR932974

Resolved Issues: Release 13.2R2

Dynamic Host Configuration Protocol (DHCP)

  • DHCP relay feature doesn't work on the PTX3000. PR864601

General Routing

  • While performing GRES, the following error message appears:
    Feb 24 21:23:57 striker1 license-check[1555]: LIBJNX_REPLICATE_RCP_ERROR: rcp -T re0:/config/license_revoked.db /config/license_revoked.db.new : rcp: /config/license_revoked.db: No such file or directory

    This error is seen when no license is revoked on the master Routing Engine. It is safe to ignore as it will not affect any licensing functionality. PR859151

  • FPC crash can be triggered by a single bit error (SBE) event after accessing a protected memory region, as indicated in the following log: "System Exception: Illegal data access to protected memory!" The DDR memory monitors SBEs and reports the errors as they are encountered. After the syslog indicates a corrupted address, the scrubbing logic tries to scrub that location by reading and flushing out 32-byte cache line containing that location in an attempt to update that memory location with correct data. If that memory location is read-only, it causes illegal access to protected memory exception as reported and resets the FPC. The above-mentioned scrubbing logic is not needed because even if SBE is detected, the data is already corrected by the DDR, and the CPU has a good copy of the data to continue its execution path. PR919681

High Availability (HA) and Resiliency

  • When mobility-related MIBs are used, SNMPD might crash and generate a core file. PR704097

Interfaces and Chassis

  • When an FPC has gone bad due to a hardware failure and is stuck in a boot mode, it might affect Routing Engine-Packet Forwarding Engine communication for other FPCs. PR831233
  • FPC crashes continuously on the PTX Series when reject firewall action with nonzero reject code is present. PR856473
  • An interrupt storm occurs when you press the craft button on the front panel of the chassis with the craft-lockout statement configured to disable the physical operation of the craft interface front panel. PR870410
  • To configure FEC thresholds via the CLI, use string format with mantissa and exponent as follows:
    set interfaces et-1/0/0 otn-options signal-degrade ber-threshold-signal-degrade 1.23E-4set interfaces et-1/0/0 otn-options signal-degrade ber-threshold-clear 2.34E-5

    PR886572

  • In rare scenarios, the routing protocol process can fail to read the mesh-group information from the kernel, which might result in the VPLS connections for that routing-instance to stay in MI (Mesh-Group ID not available) state. The workaround is to deactivate/activate the routing-instance. PR892593
  • LACP flap does not result in AE flap. This issue is triggered with affected Junos OS versions, under some special conditions, when only one end of an AE link sees LACP timeouts or there is intermittent LACP loss on the AE link. This trigger causes an issue only with these specific Junos OS versions (that do not have this PR fix) because of a change in default behavior where the AE member link was considered to be UP in any state other than DETACHED. PR908059
  • 100GE interfaces on the PTX Series do not display PCS BIP-8 error counters when queried from the FPC command show mtip-cgpcs <> errors. This PR addresses this bug and now displays the PCS BIP-8 error counters on all 20 virtual lanes. PR920439

MPLS

  • In an RSVP point-to-multipoint crossover/pass-through scenario, more than one sub-LSP can use the same PHOP and NHOP. If link protection is enabled in the above-mentioned scenario, when a 'primary link up' event is immediately followed by a Path Tear message, disassociation of the routes/next hops are sequential in nature. When the routes/next hops dissociation is in progress, if a sub-LSP receives a path tear/PSB delete, it will lead to generation of a core file. PR739375
  • When the Flexible PIC Concentrator (FPC) restarts after performing a master Routing Engine switchover, the aggregate interface flag was set to 'down'. Any traffic that entered this FPC and traversed the equal-cost multipath (ECMP) to the aggregate interface was dropped.

    For vpls/bridge traffic the effect is on the ingress side processing mac address learning. Since the aggregate interface is down, mac address processing is terminated and re-learned again once packets are received. This triggers high CPU utilization of the FPC line card hosting those member links.

    There is no workaround. Perform the following action to recover if issue happens: Deactivate/activate the aggregate interface to clear the issue:

    user@router# deactivate interfaces <aggregate interface>user@router# commit user@router# activate interfaces <aggregate interface>user@router# commit

    PR809383

  • When a PTX Series router is a penultimate hop of one P2MP LSP branch and acts as a transit LSR on another branch for the same P2MP LSP, the MPLS packets going out from the penultimate hop branch might be tagged with an incorrect Ethertype field. PR867246
  • RPD (routing protocol process) cored on receipt of RESV message with unexpected next-hop address. To avoid the crash, the solution is drop RESV message with different next-hop IP address, then the LSP will time out due to lack of refresh by RESV message and session reset. PR887734
  • Changing an LSP's preference does not happen in make-before-break manner, tearing down the current path and then re-establishing a new one. PR897182
  • In some configurations, the MAC address of an AE bundle would fail to be be copied to its child interfaces. This causes destination MAC address filter check to fail on those child interfaces, thus preventing ARP resolution and in turn causing the failure in establishing new egress LSPs.

    The workarounds are identified as the following:

    • Issuing "commit full" on the router, or
    • Adding AE configuration and child interface configuration as two separate commits
      1. Add AE interface configuration, without adding child interface configuration.
      2. Commit.
      3. Add the child interface configuration (or interface configurations) for the AE interface.
      4. Commit.

    PR901744

Network Management and Monitoring

  • "Power Supply failure", "Power Supply Removed", or "Fan/Blower Removed" messages and SNMP trap occur regularly even if there is no operation going on. PR860223
  • Changing the domain-name doesn't reflect in DNS query unless a Commit full is done. This bug in management process (mgd) has been resolved by ensuring mgd propagates the new domain-name to file /var/etc/resolv.conf, so that this can be used for future DNS queries. PR918552

Routing Policy and Firewall Filters

  • On the PTX Series, while deactivating or activating a firewall filter that has tcp-flags in the match condition on a loopback interface (for example lo0.0), memory corruption could occur when the filter configuration is pushed to the Packet Forwarding Engine, or is removed from the Packet Forwarding Engine, causing all FPCs to crash and generate core files. The following is logged by the FPCs a few seconds prior to crash:
    fpc1 dfw_match_branch_db_destroy:77filter index 1, dfw 0x20bb2a90, match_branch_db not empty on filter delete fpc2 dfw_match_branch_db_destroy:77filter index 1, dfw 0x205a6340, match_branch_db not empty on filter delete fpc0 dfw_match_branch_db_destroy:77filter index 1, dfw 0x20471c38, match_branch_db not empty on filter delete

    PR874512

Routing Protocols

  • The rpd process on the backup Routing Engine might crash when it receives a malformed message from the master. This can occur at high scale with nonstop active routing enabled when a large flood of updates are being sent to the backup. There is no workaround to avoid the problem, but it is rare and the backup rpd will restart and the system will recover without intervention. PR830057
  • Distributed protocol adjacencies (LFM/BFD/etc) might experience a delay in keepalives transmission and/or processing due to prolonged CPU usage on the FPC microkernel on the PTX5000. The delay in keepalive transmission/processing can result in a mis-diagnosis of a link fault by the peer devices. The issue is seen several seconds after the Routing Engine mastership switch with nonstop active routing enabled. The fault condition will clear after a couple of minutes. PR849148
  • On the PTX Series, if link-protection and fast reroute (FRR) are configured together, the routing protocol process (rpd) crashes and generates a core file. The root cause is that the PTX Series platforms do not support both of these configurations and assume to have only two gateways (one being primary and other being either bypass OR detour). PR851047

Software Installation and Upgrade

  • FPC might randomly crash during unified ISSU. It will be kept offline after the unified ISSU period. PR773960
  • Both Routing Engines might crash when performing GRES or unified in-service software upgrade (ISSU). The panic occurs because the addresses used for internal communication are not taken from the new logical interfaces in such scenarios. PR851086

Modified: 2016-06-10

Previous Page Next Page