TechLibrary

Table of Contents

Navigation Back up to About Overview

ContentIndex

[+] Expand All

[-] Collapse All

Release Notes: Junos OS Release 13.2R8 for the EX Series, M Series, MX Series, PTX Series, and T Series
- Introduction
- Junos OS Release Notes for EX Series Switches
  - New and Changed Features
  - Changes in Behavior and Syntax
  - Known Behavior
    - Forwarding and Sampling
    - VLAN Infrastructure
  - Known Issues
  - Resolved Issues
  - Documentation Updates
    - Changes to Junos OS for EX Series Switches Documentation
    - Errata
  - Migration, Upgrade, and Downgrade Instructions
    - Upgrade and Downgrade Support Policy for Junos OS Releases
  - Product Compatibility
    - Hardware Compatibility
- Junos OS Release Notes for M Series Multiservice Edge Routers, MX Series 3D Universal Edge Routers, and T Series Core Routers
- Junos OS Release Notes for PTX Series Packet Transport Routers
  - New and Changed Features
  - Changes in Behavior and Syntax
  - Known Behavior
  - Known Issues
  - Resolved Issues
    - Resolved Issues: Release 13.2R8
    - Resolved Issues: Release 13.2R7
      - General Routing
      - MPLS
    - Resolved Issues: Release 13.2R6
    - Resolved Issues: Release 13.2R5
    - Resolved Issues: Release 13.2R4
    - Resolved Issues: Release 13.2R3
    - Resolved Issues: Release 13.2R2
  - Documentation Updates
  - Migration, Upgrade, and Downgrade Instructions
  - Product Compatibility
    - Hardware Compatibility
- Third-Party Components
- Finding More Information
- Requesting Technical Support
- Revision History

Download This Guide

Download this guide: Release Notes: Junos OS Release 13.2R8 for the EX Series, M Series, MX Series, PTX Series, and T Series

Resolved Issues

This section lists the issues fixed in the Junos OS main release and the maintenance releases.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: Release 13.2R8

Class of Service (CoS)

Add chassis scheduler map support on gr interface on MS-PIC, which means there will be no commit error if scheduler-map-chassis is applied on gr interface. PR1066735

Forwarding and Sampling

In rare condition, dfwd process might crash during user logging out and logging in. PR982477
This issue affects a system with two Routing Engines REs) with "graceful-switchover" configured. When we perform upgrade to Junos OS Release 13.3 from previous releases, without deactivating "graceful-switchover", master and backup Routing Engines are likely to become unresponsive due to running out of memory. The Routing Engines need a power reset to restore service. PR1033926
If the template of the policer is changed (for example, change the bandwidth-limit value of policer), shared-bandwidth-policer configuration statement may not function properly anymore. PR1056098
In some rare cases, SNMP might get Output bytes of Local statistics instead of the Traffic statistics when retrieving Output bytes of Traffic statistics on a logical interface. PR1083246

General Routing

On MX Series platform with Enhanced DPCs equipped, after router rebooted, the IRB broadcast channel is not enabled and all the broadcast packets that are received in the IRB interface will get dropped. Also when ping is given the below L2Channel, error increases as ping packets are sent: user@router>show interfaces ge-*/*/* extensive | match channel L3 incompletes: 0, L2 channel errors: 10, L2 mismatch timeouts: 0 PR876456
Traceroute or SSD crash seen when as-number-lookup option is used when executing traceroute PR928769
On dual Routing Engine platforms, after performing unified graceful Routing Engine switchover (GRES) with 8K subscribers, the ksyncd process may crash due to the replication error on a next hop change operation. The issue is hit when there's memory pressure condition on the Routing Engine and in that case, it may lead to null pointer de-reference and ksyncd crash. Or in some case, the kernel on the new master Routing Engine might crash after Routing Engine switchover if Routing Engine is under memory pressure due to missing null check when trying to add a NH and the NH is not found at the time. PR942524
When Nonstop Active Routing (NSR) is configured and the memory utilization of rpd process on the backup Routing Engine is high (1.4G or above), the rpd crash on backup Routing Engine might bounce the BGP sessions on the master Routing Engine. PR942981
With nonstop active routing (NSR) enabled, deleting non-forwarding routing instance might result in the rpd process crash on backup Routing Engine. The core files could be seen by executing CLI command "show system core-dumps". PR983019
On MX Series, delete an interface A from routing-instance VRF1; then create routing-instance VRF2 and interface A is added to VRF2 with qualified-next-hop configured; finally, delete VRF1. Commit the entire above configuration once, in rare condition, rpd might crash. PR985085
The configuration statement 'gratuitous-arp-on-ifup' should send a gratuitous arp on each unit of a physical interface, but in Junos OS Release 12.3 and later versions, only the first unit is seeing the configured behavior. PR986262
Whenever the logical tunnel (lt-) interface with IPv6 family configured goes down and come up upon hardware initialization (MPC/FPC replacement/reboot or chassis reboot), due to Duplicate Address Detection (DAD) functionality is not being performed for the logical interface (IFL) up/down event, the "lt-" interface may stuck in "tentative" state and thus IPv6 traffic cannot pass over it. PR1006203
On MX Series Virtual Chassis with the no-split-detection configured, in some rare circumstances, the transit traffic might get dropped if all of the virtual chassis ports (VCP) go down and come up quickly (within few seconds). PR1008508
During Wan Link flaps , ASIC streams in the Packet Forwarding Engine's are disabled/enabled on the fly when traffic is inflight. This is normal and will result in the Cell drops, PKTR ICELL signature errors and SLOUT errors. However under certain rare conditions, Lout IP -Pkt Len Mismatch error is observed which sometimes trigger automatic restart of the FPC. On TXP, TXP-3D in FPC Type 4-ES can experience automatic restart during wan interface flaps. PR1013522
Configuring a routing policy with the "no-route-localize" option to ensure that the routes matching a specified filter are installed on the FIB-remote Packet Forwarding Engines , after removing the routing policy and changing the next-hop for the routes, the previously installed routes using "no-route-localize" policy will not get removed from PFE 1 but will from PFE 0 on the same FPC. Then traffic received on PFE 1 will not forward received packets to the FIB-local PFEs to perform full IP table lookup but using the staled routes instead. This situation does also apply if the interface is getting disabled. If traffic destined to the local-address is still received on PFE 1, those stale route lookup entries might have incorrect entries and might lead to one of the following possible symptoms. fpc1 RCHIP(1): 8 Multicast list discard route entries fpc1 PFE: Detected error nexthop: fpc1 RCHIP(1): RKME int_status 0x10000000 RKME and Detected error nexthop will per default will trigger a FPC restart. PR1027106
The commit synchronize command fails because the kernel socket gets stuck. PR1027898
In the scenario where router acts as both egress LSP for core network and BRAS for subscribers, RSVP-TE sends PathErr to ingress router due to matching to subscriber interfaces incorrectly when checking the explicit route object (ERO), if subscribers are associated with same lo0 address as used by RSVP LSP egress address. PR1031513
With an unrecognized or unsupported Control Board (CB), mismatch link speed might be seen between fabric and FPCs, which results in FPCs CRC/destination errors and fabric planes offline. Second issue is in a race condition, Fabric Manager (FM) might process the stale destination disable event but the error is cleared indeed, it will result in the unnecessary FPC offline and not allowing Fabric Hardening action to trigger and recover. PR1031561
On the Type 5 PIC, when the "hold-time down" of the interface is configured less than 2 seconds and the loss of signal (LOS) is set and cleared repeatedly in a short period (for example, performing ring path switchover within 50ms), the "hold-time down" may fail to keep the interface in "up" state within the configured time period. PR1032272
In scaled environment, the HTTP redirects might stop working while receiving continues HTTP traffic. PR1032392
When the CPU usage is very high (e.g. 100%) on Routing Engine, the MS-MIC might get stuck due to kernel deadlock, which triggers the card to crash and generate a core file. PR1038026
This issue is applicable to a case which inline NAT configured on an interface belongs to either an MPCE or an MP3E/MPC4E/T4000-FPC5. Ingress and egress traffic traversing between an MPCE and these cards may cause the router to drop packets. PR1042742
On T Series FPC 1-3 and M320 except E3-FPC with fib-local configuration. If there are multiple FIB local FPCs or the FIB local is a multiple PFE FPC, the TCP packets might out of order, packets re-ordering would occur. It reduces the application level throughput for any protocols running over TCP. PR1049613
This problem is because of a race condition, where other FPCs are not able to drain "which is 1 second" Fabric Streams connecting to FPC which is getting offline. With this situation - even when FPC comes online, other FPCs which have observed message "xmchip_dstat_stream_wait_to_drain" will not able to send traffic to that particular FPC over fabric. There is no workaround. Rebooting FPCs which observed error message "xmchip_dstat_stream_wait_to_drain" is a recovery. PR1052472
In subscriber management environment, the Berkeley Database (DB) may get into deadlock state. It is brought on by multiple daemons attempting to simultaneously access or update the same subscriber or service record. In this case, due to the access to DB were blocked by device control daemon (dcd), the subscriber management infrastructure daemon (smid) fails to recover the DB. Consequently, the router may stop responding to all the login/logout request as well as statistics activity. This timing related issue is most likely to occur during login or logout and when the system is busy. PR1054292
OpenSSL project has published a security advisory for vulnerabilities resolved in the OpenSSL library on January 8th 2015: CVE-2014-3569, CVE-2014-3570, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205. Refer to JSA10679 for more information. PR1055295
On MX series routers, the interrupt-driven basis link down detection (an interrupt-driven link-down notification is generated to trigger locally attached systems to declare the interface down within a few milliseconds of failure) may fail after performing unified In-Service Software Upgrade (ISSU). The interrupt might get prevented after performing unified ISSU due to disable the interrupt registers before unified ISSU but never restored after. PR1059098
On MX Series routers the CLI command set interfaces interface-name speed auto-10m-100m is not supported. PR1077020
In some rare conditions, depending on the order in which configuration steps were performed or the order in which hardware modules were inserted or activated, if PTP master and PTP slave are configured on different MPCs on MX Series router acting as BC, it might happen that clock is not properly propagated between MPCs. This PR fixes this issue. PR1085994

Infrastructure

When the Ethernet Link Fault Management (LFM) action profile is configured, if there are some errors (refer to the configuration, for example, frame errors or symbol errors) happening in the past (even a long past), due to the improper handling of error stats fetching from kernel, the LFM process (lfmd) may generate false event PDUs and send the false alarm to the peer device. PR1077778

Interfaces and Chassis

In the scenario that monitor real-time network traffic information by using command "monitor traffic interface *" over an AE interface, the deleting of the AE interface that being monitored might cause kernel crash. PR928969
Multicast traffic may not be forwarded to the "Downstream Neighbors" as reported by the command "show pim join extensive". There can be occasions where this traffic is blackholed and not forwarded as expected. Alternatively, there may be an occasion where multicast traffic is internally replicated infinitely, causing one or more of the "Downstream Neighbors" to receive multicast traffic at line rate. PR944773
On standalone T Series router or TX platform, during Routing Engine rebooting, a bad (or busy) I2C device on Switch Interface Board (SIB) might cause Switch Processor Mezzanine Board (SPMB) to crash. Please note the TXP platform might also experience same issue due the bad I2C, and it has been addressed in another PR, which has been fixed in Junos OS Releases 13.1R5 13.2R6 13.3R1 13.3R4 14.1R3 14.2R1, and 15.1R1. PR1010505
On MX Series routers (platforms) with Enhanced Switch Control Board (SCBE), when the fan tray is inserted or pulled out, the chassisd process might crash. PR1048021
In Multichassis link aggregation groups (MC-LAGs) environment, the MC-LAG peers have the MAC and port information and can forward the traffic appropriately. If a single VLAN on ICL interface is modified to a different VLAN, and then the administrator rolls back the VLAN configuration to the original one, the remote MAC might be stuck in the "Pending" state and not be installed in the bridge MAC-table, which cause the traffic forwarding being affected. PR1059453
In scaling PPP subscriber environment, when the device is under a high load condition (for example, high CPU utilization with 90% and above), the long delay in session timeout may occur. In this situation, the device may fail to terminate the subscriber session (PPP or PPPoE) immediately after three Link Control Protocol (LCP) keepalive packets are missed. As a result, subscriber fails in reconnect due to old PPP session and corresponding Access-Internal route are still active for some time. In addition to this, it is observed that the server is still sending KA packets after the session timed out. PR1060704
Error message is continuously logged every second after a particular copper-SFP [P/N:740-013111] is plugged into a disabled port on MIC. ***** error message **** mic_sfp_phy_program_phy: ge-*/*/* - Fail to init PHY link mic_periodic_raw: MIC(*/*) - Error in PHY periodic function PQ3_IIC(WR): no target ack on byte 0 (wait spins 2) PQ3_IIC(WR): I/O error (i2c_stat=0xa3, i2c_ctl[1]=0xb0, bus_addr=0x56) mic_i2c_reg_set - write fails with bus 86 reg 29 mic_sfp_phy_write:MIC(*/*) - Failed to write SFP PHY link 0, loc 29 mic_sfp_phy_mdio_sgmii_lnk_op: Failed to write: ifd = 140 ge-*/*/*, phy_addr: 0, phy_reg: 29 ala88e1111_reg_write: Failed (20) to write register: phy_addr 0x0, reg 0x1d Fails in function ala88e1111_link_init. PR1066951

Layer 2 Features

After configuration change or convergence events, kernel may report ifl_index_alloc failures for LSI interfaces and cause KRT queue ENOMEM issue, eventually preventing new logical interfaces from being added to the system. This condition always recovers on its own once convergence is completed. PR997015
The Layer 2 Control Protocol process (l2cpd) leaks memory when interface configuration is applied to LLDP-enabled interfaces using 'apply-groups'. Size of the leak is ~700 bytes per commit. PR1052846
LACP partner system ID is shown wrong when the AE member link is connected to a different device, this might misguide while troubleshooting the LAG issues. PR1075436

MPLS

When the size of a Routing Engine generated packet going over an MPLS LSP is larger than MTU (i.e. MTU minus its header size) of an underlying interface, and the extra bytes leading to IP-fragmentation is as small as <8 bytes, then that small-fragment will be dropped by kernel and lead to packet drop with kernel message "tag_attach_labels(): m_pullup() failed". For example - If SNMP Response with specific size fall into above mentioned condition then small fragment will be dropped by kernel and eventually the SNMP response will fail. PR1011548
On the P2MP LSP transit router with link protection enabled, if the LSP is the last subLSP, tearing the last subLSP (for example, a RESV tear message is received from downstream router) might crash the routing protocol process (rpd). PR1036452
This is a regression issue on all Junos operating systems related to a timing factor. When LDP session flaps, over which entropy label TLV or any unknown TLV is received, the LDP speaker might not send label withdraw for some prefixes to some neighbors. As a result, these neighbors will still use stale labels for the affected prefixes. PR1062727
In scaled l2circuits environment, the rpd process might crash due to a corruption in the LDP binding database. PR1074145

Network Management and Monitoring

SNMP mib walk jnxMac does not return value with et- interfaces on MPC3/MPC4/MPC5/MPC6 PR1051960
SNMP queries for LAG MIB tables while LAG child interface is flapping, may cause mib2d grow in size and eventually crash with a core file. Mib2d will restart, and recover by itself. PR1062177

Platform and Infrastructure

For inline BFD over aggregated Ethernet (AE) interface which member links are hosted on different FPCs, BFD packets coming on ingress line card will be steered to anchor Packet Forwarding Engine through fabric. If FPC reconnect to master Routing Engine (such as Routing Engine switchover operation), the inline BFD session punts the BFD packet to host, the BFD packet should go through loopback interface filter of VRF on which it is received. But in this case, the BFD packet might hit the wrong loopback interface filter from wrong routing-instance since the VRF information is not carried across fabric. PR993882
This change addresses missing NULL check in a trace message which was resulting in Packet Forwarding Engine crash. The error path involves scenario where ifbd is not yet created for an logical interface. This is possible under certain IPC reordering scenarios. The Packet Forwarding Engine should not crash by differencing a NULL pointer in this case. PR1014090
In EVPN scenario, MPC may crash with core-dump when any interface is deleted and add that interface to an aggregated Ethernet bundle or changing the ESI mode from all-active to single-active. PR1018957
The error logs "CHASSISD_FCHIP_CONFIG_MD_ERROR" will appear during FPC normal boot-up time and also during FPC restart time for each plane and for each LMNR FPC. The error logs "CHASSISD_FCHIP_CONFIG_MD_ERROR" are observed only in M320 chassis containing FPCs based on LMNR chipsets. Due to this error logs the rate limit for the fabric port connecting the PFE 1 will be set to the default values. PR1020551
When IRB interface is configured with VRRP in Layer 2 VPLS/bridge-domain, in corner cases IRB interface may not respond to ARP request targeting to IRB sub-interface IP address. PR1043571
NTP.org has published a security advisory for multiple vulnerabilities resolved in ntpd (NTP daemon) that have been assigned four CVE IDs. Junos OS has been confirmed to be vulnerable to one of the buffer overflow vulnerabilities assigned CVE-2014-9295 which may allow remote unauthenticated attackers to execute code with the privileges of ntpd or cause a denial of service condition. Refer to JSA10663 for more information. PR1051815
An FPC with interfaces configured as part of an Aggregated Ethernet bundle may crash and reboot when the shared-bandwidth-policer is configured as part of the firewall policer. PR1069763
VPLS filter applied under forwarding-options might drop VPLS frame unexpectedly when it's coming from an lt- interface. PR1071340
When inline-sampling is enabled, in race conditions, if packet gets corrupted and the corrupted packet length shows 0, this may cause "PPE_x Errors thread timeout error" and eventually cause MPC card to crash. PR1072136
When Integrated routing and bridging (IRB) interface is configured with Virtual Router Redundancy Protocol (VRRP) in Layer 2 VPLS/bridge-domain, in corner cases after interface flapping, MAC filter ff:ff:ff:ff:ff:ff is cleared from the Packet Forwarding Engine hardware MAC table, so the IRB interface may drop all packets with destinations MAC address FFFF:FFFF:FFFF (e.g. ARP packet). PR1073536

Routing Protocols

When rpf-selection is configured with next-hop specified, if FPC is restarted, in rare condition, the rpd process might crash. PR915622
In the P2MP environment with OSPF adjacency established. One router's time is set to earlier date than another router. OSPF adjacency might not come up when one router goes down and comes up. PR991540
In the multicast environment, in rare condition, after Graceful Routing Engine Switchover (GRES) is executed, the rpd process might crash due to receiving NULL incoming logical interface.PR999085
If with both BGP Prefix-Independent Convergence (PIC) edge and "routing-options multipath" configured, when the primary path fails, the protection provided by BGP PIC edge might not work correctly. PR1011596
If with BGP PIC edge feature enabled and OSPF protocol as IGP, when the primary route changed, there is a chance that the Packet Forwarding Engine forwarding entry will stay in reroute state which causes session down. PR1015598
When BGP add-path feature is enabled on BGP route-reflector (RR) router, and if the RR router has mix of add-path receive-enabled client and add-path receive-disabled (which is default) client, due to a timing issue, the rpd process on RR might crash when routes update/withdraw. PR1024813
Issue in populating isisRouterTable values. Some entries are not filled correctly. This does not block/affect the functionality of IS-IS or other components. PR1040234
If labeled BGP routes are leaked from inet.3 table to inet.0, then activation of BGP "add-path" feature might crash the routing process (rpd). PR1044221
Junos OS Multicast Source Discovery Protocol (MSDP) implementation is closing an established MSDP session and underlying TCP session on reception of source-active TLV from the peer when this source-active TLV have an "Entry Count" field of zero. "Entry Count" is a field within SA message which defines how many source/group tuples are present within SA message. PR1052381
Either "rib inet.3" or "resolve-vpn" feature is available to be configured in the lower hierarchy for BGP labeled-unicast family routes. These two features are mutually exclusive and only one of them could be used at a single BGP group. If the administrator swaps the two features (for example, using the "resolve-vpn" first, then deactivate it and using "rib inet.3" instead, then use "resolve-vpn" back), the secondary routes (routes in inet.3 which including the ones from this BGP group and from other BGP groups) may got accidentally removed every time on "commit" operation take place. PR1052884
When running Simple Network Management Protocol (SNMP) polling to specific IS-IS Management Information Base (MIB) with invalid variable, it will cause routing protocol process (rpd) crash. PR1060485
When there are a number of secondary BGP routes in inet.0, an SNMP walk of inet.0 by the bgp4 MIB can cause a core if the corresponding primary routes are being deleted. PR1083988
The rpd process might crash when resolve-vpn and rib inet.3 are configured under separate levels (BGP global, group and peer). The fix is if anybody configures a family at a lower level, reset the state created by either of configuration statements from higher levels. This behavior conforms with our current behavior of family configuration , which is that any configuration at a lower level is honored and the higher level configuration is reset. PR1094499

Services Applications

With Real Time Streaming Protocol (RTSP) Application Layer Gateway (ALG) enabled, the PIC might crash in case the transport header in status reply from the media server is bigger than 240 bytes. PR1027977
On M Series, MX Series, T Series routers with Multiservices 100, Multiservices 400, or Multiservices 500 PICs with "dump-on-flow-control" configured, if prolonged flow control failure, the core file might generate failure. PR1039340
A Layer 2 Tunneling Protocol daemon (l2tpd) crash is seen sometimes when the L2TP service interface unit number is configured higher than 8192. A restriction has been added to force unit numbers below 8192. PR1062947
The trigger for the crash is when the MS-DPCs Service PIC is in a low memory zone and it receives two SYN messages from the same client IP within a very short time gap in between the two SYNs. So this race condition is tied to running out of memory, failing to allocating a timer for a conversation, and having rapid SYNs on a TCP connection where the second TCP SYN is matched on flow which is being deleted due to a failed timer allocation for that. This scenario is very difficult to hit and should not be seen in production often. PR1069006
Service PIC daemon (spd) might crash with core-dumps due to CGNAT pool's snmp-trap-thresholds configuration. PR1070370
On Layer 2 Tunnel Protocol (L2TP) network server (LNS), during L2TP session establishment, when receiving Incoming-Call-Connected (ICCN) messages with Last Sent LCP CONFREQ Attribute Value Pair (AVP) but without Initial Received LCP CONFREQ and Last Received LCP CONFREQ AVPs, the jl2tpd process might crash. PR1082673

Subscriber Access Management

The authd process memory leaks slowly when subscribers login and logout, which eventually leads the process to crash and generate a core file. PR1035642

VPNs

In NG MVPN, after the route to C-RP flaps, traffic loss might be seen for a short period of time. PR1049294
In MVPN RPT-SPT mode, with a mix of local and remote receivers all using (*,g) joins (spt-threshold infinity), the downstream interfaces may not get updated properly and there may be a stuck (s,g) forwarding route. This issue can occur with the following sequence of events: 1. Local receivers are joined 2. Traffic starts, then stops, and the route times out. 3. Remote receiver joins. Both a (*,g) and an (s,g) forwarding route are created. 4. Another local receiver is joined, or an existing one is pruned. 5. In the (*,g) route the downstream interface list reflects the update, but in the (s,g) route the downstream interface list does not. 6. When traffic starts again, the (s,g) route -- which has the wrong interface list -- is used. The traffic flows to the wrong set of receivers. PR1061501

Resolved Issues: Release 13.2R7

Class of Service (CoS)

For ichip based platform, IQ2 pic expects FC index in the cookie from ichip for packet queuing. For transit traffic, fc index is coming in cookie where are for host outbound traffic, queue number is coming in cookie to IQ2 pic. As IQ2 pic is not aware of whether traffic is transit or host outbound, it treats value received in cookie as FC value and looks into fc_to_q table to fetch queue number. This is causing issue in queuing of host outbound traffic in IQ2 PIC in incorrect queue. This is a day one issue and will come if in FC to Queue mapping, fc id and queue number are not same. PR1033572

General Routing

When a router is booted with AE having per-unit-scheduler configuration and hosted on an EQ DPC, AE as well as its children get default traffic control profile on its control logical interface. However, if a non-AE GE interface is created on the DPC with per-unit-scheduler configuration, it will get default scheduler map on its control logical interface. PR946927
On MX Series router with MX Series linecard, when the MIC-3D-16CHE1-T1-CE on MPC1 or MPC2 is inserted in slot 1, the CoS hierarchy is not getting created. PR974407
scale-subscriber "License Used" filed shows wrong value after GRES. PR980399
In the dual Routing Engines scenario with NSR configuration, backup peer proxy thread is hogging CPU for more than 1 second if there are multiple updates (>5000) going from master Routing Engine to backup Routing Engine. This leads to FPC socket disconnections. The traffic forwarding might be affected. PR996720
When deleting a routing-instance or making changes to the routing-instance, the deletion of the routing-instance to kernel might come before the deletion of the logical interfaces in the routing-instance, resulting in rpd crash. This is a timing issue, hard to reproduce. PR1009426
On MX Series platforms with ADPC FPCs, M120 or M7i/M10i with enhanced CFEB, each VPLS LSI interface flapping triggers a memory leak in jtree segment 0. There is no memory leak in FPC heap 0 memory. PR1009985
For 64-bit Junos OS, the routing protocol process (rpd) might crash and generate a core file during IBGP route churn when using IBGP multipath and multiple levels of IBGP route/next-hop recursion. PR1014827
Enabling sampling on an ms- interface is not supported configuration. If 'forwarding-opions sampling sample-once' is subsequently deactivated the FPC may reboot. PR1021946
If a logical interface is used as the qualified-next-hop (which implies the logical interface has unnumbered-address configured), and there are changes in the logical interface filter configuration, then the static route might disappear from routing table. To make it reappear, delete it from the configuration and add it back. PR1035598
In a subscriber scenario with auto-sensed VLAN configured, after scaled subscribers (in this case, 16K subscribers) log in/log out for several times, the subscriber management process might get stuck and not be able to restart due to a Session Database (SDB) deadlock issue. PR1041094

Interfaces and Chassis

Link speed of a LAG bundle may not properly reflect the total bandwidth, when microBFD is enabled on the LAG interface. PR967046
As current Junos OS multichassis link aggregation groups (MC-LAGs) design, the ARP entry will not sync when learning ARP via ARP request but not Gratuitous ARP/ARP reply, in some specific scenarios (e.g. a host changes its MAC address without sending a Gratuitous ARP), traffic loss might occur. PR1009591
VRRP daemon (vrrpd) memory leak might be observed in "show system processes extensive" when VRRP is set with routing-instance and then change any configuration. PR1022400
If DPCE 20x 1GE + 2x 10GE X card is present in the chassis, BFD sessions over AE interfaces may not be distributed. PR1032604

Layer 2 Features

After FPC restart, bridge domain (BD) implicit filters for Ethernet ring protection switching (ERPS) might get reprogrammed with wrong logical interface (ifl) index, which causes ERPS to not work correctly. PR1021795
If a customer is using SNMP and performs an snmpwalk on the dhcp binding table, not all of the entries might be displayed. This fix resolves that issue so that bindings for all IP addresses are displayed. PR1033158

MPLS

Error "tag_icmp_route:failed to find a chain composite ahead of fwd nh" might be observed when doing traceroute. PR999034
When RSVP label-switched path (LSP) optimize is enabled, RSVP LSP might stay down after a graceful Routing Engine switchover (GRES). To resolve the problem, the corresponding label-switchedpath configuration needs to be deactivated, then be activated again. PR1025413
When configuring point-to-multipoint (P2MP) Label Distribution Protocol (LDP) label-switched paths (LSPs), the labels will never be freed even if they are no longer needed. This could lead to MPLS label exhaustion eventually. To clear the state, the rpd process will restart with core files. PR1032061

Platform and Infrastructure

BFD sessions within default routing-instance are not coming up once inline-services PIC is configured and fixed class-of-service forwarding-class is assigned. BFD sessions operating in no-delegate-processing are not affected. PR999647
The error logs "CHASSISD_FCHIP_CONFIG_MD_ERROR" will appear during FPC normal boot up time and also during FPC restart time for each plane and for each LMNR FPC. The Error logs "CHASSISD_FCHIP_CONFIG_MD_ERROR" are observed only in M320 chassis containing FPCs based on LMNR chipsets. Due to the error logs, the rate limit for the fabric port connecting the Packet Forwarding Engine 1 will be set to the default values. PR1020551
On MX Series platform with scaled set-up, after deactivate/activate or renaming a bridge domain (BD) which has irb interface associated, the IGMP snooping configured under the BD might not work any more. Please note it happens only when the router is in "network-services enhanced-ip" mode. PR1024613
On MX Series based platform, with igmp-snooping enabled and a multicast route with integrated routing and bridging (IRB) as a downstream interface, a multicast composite nexthop is created with a list of L3 and corresponding L2 nexthops. In a rare corner case, the corresponding L2 nexthop to the L3 IRB nexthop is a DISCARD nexthop and will cause the FPC to crash. PR1026124
On MX Series routers with DPCs line-card, when the packets are queued for several seconds due to interface congestion and get aged, it might not able to detect those aged packets and thus fail to drain the queue out, which results in the FPC showing CRC errors and going into wedge condition. PR1028769
MX Series-based line card might crash when trying to install the composite next-hop used for the next-hop-group configuration related to port mirroring of traffic over IRB to an LSI attached to VPLS instance for a remote host. PR1029070
For BFD over aggregated Ethernet (AE) interfaces on MX Series routers with MS-MPC that have configured the enhanced-ip option, the BFD distribution to Packet Forwarding Engine for AE interface might not happen. PR1031916
When the 'enhanced-hash-key services-loadbalancing' feature is used by MX Series based line cards, load balancing of flows across multiple service PICs via the source-address across does not work when internal BGP (IBGP) is used to steer traffic to the inside service-interface. For example the operator will see on the stateful firewall that the same source-address has flows across multiple service interfaces. PR1034770

Routing Protocols

In the multicast environment, in rare condition, after graceful Routing Engine switchover (GRES) is executed, the rpd process might crash due to receiving NULL incoming logical interface. PR999085
When BGP is doing path selection with default behavior, soft-asserts requests are introduced. If BGP route flaps a lot, it needs to do path selection frequently, because of which a great deal soft-asserts might be produced which will cause unnecessary high CPU and some service issues, such as SNMP not responding and even rpd core. PR1030272

Services Applications

The cause of the KMD crash is not known. This is not due to SA (Security Associations) memory corruption. The code looks that SA is getting freed without clearing the table entry. PR1036023

User Interface and Configuration

CST: chassis core generated while applying group configuration on chassis > FPC. PR936150

Resolved Issues: Release 13.2R6

Class of Service (CoS)

On MX Series routers with both MX Series linecard (in this case, MPC and MPCE on the box) and other type linecard (DPCE on the box). When the Default Frame Relay DE Loss Priority Map is configured and committed, all FPCs are getting restarted with core-dumps. PR990911
SNMP get-request for OID jnxCosIngressQstatTxedBytes (ingress queue) might return the value of jnxCosQstatTxedBytes (egress queue). But SNMP walk works fine since it uses get-next-request. PR1011641
This issue is specific to rate-limit on trunk port in DPC due to a software issue that installing rate-limit variables to egress Packet Forwarding Engine does not work normally. PR1022966

Forwarding and Sampling

When a firewall filter has one or more terms that have MX Series routers with MPCs or MICs-only match conditions or actions, such filters will not be listed during SNMP query. This behavior is seen typically after Routing Engine reboot/upgrade/master-ship switch. Restarting mib2d process will cause to learn these MX Series routers with MPCs or MICs-only filters: cli > restart mib-process After mib2d restart, SNMP mib walk of firewall OIDs will: - list all the OIDs corresponding this MX Series routers with MPCs or MICs-only filter - count correctly as configured in the filter Now, despite the SNMP mib walk for firewall OIDs lists all OIDs and appropriate values, messages logs will report the following logs for every interface that has this MX Series routers with MPCs or MICs-only filter applied. > Jul 8 15:52:09 galway-re0 mib2d[4616]: %DAEMON-3-MIB2D_RTSLIB_READ_FAILURE: get_counter_list: failed in reading counter names ae33.1009-i: 288 (No such file or directory) > Jul 8 15:52:09 galway-re0 mib2d[4616]: %DAEMON-3-MIB2D_RTSLIB_READ_FAILURE: get_counter_list: failed in reading counter names ae31.1004-i: 257 (No such file or directory) > Jul 8 15:52:09 galway-re0 mib2d[4616]: %DAEMON-3-MIB2D_RTSLIB_READ_FAILURE: get_counter_list: failed in reading counter names ae33.1010-i: 289 (No such file or directory) > Jul 8 15:52:09 galway-re0 mib2d[4616]: %DAEMON-3-MIB2D_RTSLIB_READ_FAILURE: get_counter_list: failed in reading counter names ae31.1004-i: 257 (No such file or directory) The above two issues are addressed in this PR fix. PR988566
Deactivating Inline Jflow configuration doesn't make memory release normally. PR1013320
When an ARP policer is applied to an interface, it appears commented out in the configuration with the following message: "invalid path element 'disable_arp_policer'". PR1014598

General Routing

The ingress family feature unicast Reverse Path Forwarding (uRPF) check execution order was invalidated when Filter Based Forwarding (FBF) was enabled on MX Series routers with MPCs or MICs. This solution repositions uRPF just prior to Filter Based Forwarding (FBF), so that both actions are compatible and applicable. This applies to both IPv4 and IPv6. PR805599
On TXP/TXP-3D platform, a bad I2C device on SFC Switch Interface Board (SIB) might cause Switch Processor Mezzanine Board (SPMB) to crash and all SIBs unable to online. PR846679
In a subscriber scenario with auto-sensed VLAN configured, after performing Graceful Routing Engine Switchover (GRES) several (2~3) times, the autoconfd (vlan auto-sensing daemon) process might crash due to the dynamic vlan flag is not set properly in Session Database (SDB). PR868370
Changing the redundancy mode of rlsq interface from "hot-standby" to "warm-standby" on the fly might lead kernel crash and the router will go in db> prompt. PR880451
SPMB may crash due to SPMB failed to access CXP and LED drivers on SIB multiple times. PR924065
Leak in /mfs/var/sdb/iflstatsDB.db. PR924761
Under particular scenarios, commit action might lead the Context-Identifier to be ignored when OSPF protocol refresh its database. Then the PE router will stop advertising this Context-Identifier out. PR954033
In this scenario the CPCD (captive-portal-content-delivery) is configured for HTTP-REDIRECT for Subscriber Management clients using MS-DPC. When services sessions start to redirect the HTTP traffic, the memory-usage consistently increments for MSPMAND on the multi-service PIC. The memory limit then might cause packets loss. PR954079
Interface remains down with continues firmware message on MPC3 or MPC4 which uses VSC8248. PR956844
Although receiving the flow specification (flowspec) routes with packet-length, icmp-code or icmp-type matching rules from a BGP peer properly, the local firewall filter in the Packet Forwarding Engines might not include these matching rules. PR968125
In the dual 976117s scenario with large scale nexthops (in this case, more than 1-million nexthops and around 8K VRFs). In rare condition, kernel might crash on backup and/or master 976117 due to exhaustion of nexthop index space. PR976117
Changing service-set configuration continuously during scaled traffic conditions may result in mspmand process crash and a core file generated. PR978032
On T Series router with FIB Localization enabled, if reboot the 979098 while scaled traffic running, the FIB-remote FPC might crash. PR979098
With a firewall policer configured on more than 256 IFFs (interface address family) of a PIC, then offline and online the PIC might cause the FPC to crash. PR983999
1) Due to a previous fix chassisd on the protocol master Routing Engine and the protocol backup Routing Engine connect to the main snmpd on the protocol master using the following methods. a) Chassisd on the protocol master Routing Engine connects using a local socket since snmpd is running locally. b) Chassisd on the protocol backup Routing Engine connects using a TNP socket since snmpd is not local. 2) However this fix changed the way the other daemons connect to snmpd. All important daemons run on the protocol master and should connect to snmpd using a local socket. However the fix changed it so that all daemons that ran on the protocol master (other than chassisd) tried to connect using the TNP socket. SNMPD does not accept these connections. As a fix, in an MX-VC, we made sure that chassisd connects to all processes which run on the protocol master using internal socket while the chassisd process on the protocol backup and protocol lincecard connect connect using TNP socket. PR986009
On M7i/M10i with enhanced CFEB, M320 with E3-FPC, M120, and MX Series with DPC. If "no-local-switching" is present in the bridge domain, then the IGMP-snooping is not functioning and client cannot see the multicast traffic. PR989755
During large scale MVPN routes churn events, some core-facing IGP protocols (like OSPF or LDP) might flap or experience a long convergence time. PR989787
commit error need to be reported when using unsupported NAPT44 nat-options max-sessions-per-subscriber config with MS-MIC/MS-MPC. PR993320
The fabric performance of MPC1, MPC2, or 16xXE MPC in 'increased-bandwidth' mode on an MX960 populated with SCBE's will be less compared to redundant mode due to XF1 ASIC scheduling bugs. PR993787
Under normal circumstances, the Maximum Receive Unit (MRU) value is set to MTU size + 8 bytes (e.g. MTU=9102, MRU=9102+8=9110). But in this case, when MTU is set to a large value (MTU=9192) on AE interface, the MRU still uses the default value 1522 bytes. So when the interface receives packets which size are more than 1522 bytes, the packets are dropped. PR994826
On 10X10GE SFPP, when an interface configured for CCC and asynchronous-notification, and it is told to turn off its laser. Its laser flaps on and off for some period of time. PR996277
On T4000 router with type5 FPC. After FPC rebooting, if chassisd process does not get FPC ready/FPC online ACK message from FPC in 360 seconds, the FPC might reset again. PR998075
The PIC memory gauge counters show up as 0 after a GRES in the "show chassis pic fpc-slot X pic-slot Y" output. PR1000111
On MX240/MX480/MX960 routers running as Precision Time Protocol (PTP) master when interconnect with MX104 routers running as slave, the PTP clocking state might stuck in "INITIALIZING" for the first created PTP port and not be aligned to clocking state and there is another issue that when issue command "show ptp clock", wrong "slot" number might be seen on MX104 slave. PR1001282
When several PICs are set up as aggregated multiservices (AMS) doing loadbalancing, if one PIC of the AMS bundle gets offline and then gets online, a 30 to 40 seconds momentary traffic loss might be seen. PR1005665
With NSR enabled, when activating a BGP session in a routing instance, and the interface route is imported into the main routing instance, the TCP receive window might decrement until it hits 0 after receiving incoming BGP traffic arrives from the main routing instance. PR1003576
Multi-Services PIC could crash and restart on receiving a stray SIGQUIT signal due to it not handling the signal. PR1004195
When having ECMP routes and multiple levels of route/next-hop recursion, a particular sequence of routes churn may result in rpd process crash and traffic outage. PR1006523
The l2cpd process might crash if there are multiple unknown type, length, and value (TLV) elements included in received LLDP PDUs. PR1007223
On the MX Series platform with MS-MIC/MS-MPC, Point-to-Point tunneling protocol (PPTP) Application Layer Gateway (ALG) is not working when the NAT translation-type is NAPT44. PR1008181
MS-DPC memory leak on system service set when HTTP Redirect attempts to process none-HTTP traffic with HTTP ports (80/8080/443). PR1008332
With more than 8 service-sets configured, when using SNMP mibwalk for service-set (object "jnxSpSvcSetTable") info, the mspmand process (which manages the Multi-Services PIC) might crash. PR1009138
When the SIB plane state changed to fault state, it should read the FPGA for the power related info instead of reading from the cpld PR1009402
Whenever an FPC goes down suddenly due to hardware failure, the data traffic in transit towards this FPC from the other FPCs could be stuck in the fabric queue thereby triggering fabric drops due to the lack of buffers to transmit the data to active destination FPCs. PR1009777
On ALG router without "flow-control-options" configured, MS-MIC might not service packets any more once prolonged flow control is hit and cleared. PR1009968
Unknown unicast flood seen with interface flap after router reboot and with static mac,no-mac-learning,interface-mac-limit config for a virtual-switch PR1014222
The routing protocol daemon (rpd) might crash continuously with core-dumps upon adding a sub-interface with "disable" configuration to a MC-LAG interface. PR1014300
The OpenSSL project released a security advisory on 2014-08-06 that contained nine security issues. The following four issues affect Junos OS: CVE-2014-5139: Crash with SRP ciphersuite in Server Hello message CVE-2014-3509: Race condition in ssl_parse_serverhello_tlsext CVE-2014-3511: OpenSSL TLS protocol downgrade attack CVE-2014-3512: SRP buffer overrun See JSA10649 for more information. PR1016458
MAC accounting support was added for 40G and 100G interfaces on MPC3 and MPC4 cards. PR1017595
When source address is configured under ms interface, and the service-set has syslog host as local the FPC slot is printed as -ve. PR1020854
Trace file size is already limited to 1 megabyte, but the actual issue is different. When file reaches its maximum allowed size, an attempt is made to rotate trace file. But trace files count is presently set to 0 (default), so rotate is not functional. As a result all logs are appended to the same trace file even after crossing max limit. PR1021076
The host MPC might continuously crash when trying to online a faulty MS-MIC after discovering the hardware failure. PR1026310

High Availability (HA) and Resiliency

This issue occurs in rare condition. In the dual Routing Engines scenario, doing interface flap after Routing Engine switchover. If this action is repeated many times, the stale indirect nexthop entry might be seen in kernel, this leads to traffic blackhole. PR987959

Interfaces and Chassis

When the GE port is configured with WAN PHY mode, a "Zero length TLV" message might be reported from the port. This is a cosmetic issue. PR673937
Error message CHASSISD_IPC_DAEMON_WRITE_ERROR is seen in the messages log when there is a Routing Engine mastership change (system reboot, Routing Engine reboot, GRES switchover CLI command), which causes a restart of alarmd,which breaks the IPC connection between alarmd and chassisd. Chassisd does not detect that the IPC connection has been broken, because it is busy processing the mastership change, and then tries to send alarm information to alarmd during this time. So it encounters a write error (broken pipe) and logs the message. PR908822
The Packet Forwarding Engine alarms raised by PFEMAN thread using cmalarm api calls will not be transmitted to Routing Engine. As impact, these alarms will not reflect on Routing Engine. There is no impact on functionality, otherwise. PR921254
Queue stats counters for AE interface will become invalid after deactivating ifl on the AE interface. PR926617
When the remote device is using Address and Control Field Compression (ACFC) PPP compression, routers will drop the received specific packet as it is not able to locate the PPP header. This causes L2TP sessions aren't getting established. PR926919
This is a day-1 issue. When a member link was added to or removed from an aggregate bundle like AE on a dual Routing Engine system without GRES, Kernel in the backup Routing Engine would crash due to assertion failure in the function rt_pfe_nh_cont_nh_decrement_ack_count. PR935729
If there is an IRB interface configured for "family inet6" in a bridge-domain on an MX Series router, the Packet Forwarding Engine may not correctly update the next-hop for an IPv6 route when the MAC address associated with the next-hop moves from an AE interface to a non-AE interface. PR958019
In the large scaled PPPoE environment. During PPPoE link is established, in rare condition, some PPPoE clients might get stuck in ReqSent state. PR982429
With nonstop active routing (NSR) enabled, the VRRP tracking routes state on backup Routing Engine might not get synchronized when adding/deleting the tracking routes. PR983608
1GbE SFP(EX-SFP-1FE-LX) output optical power is restored after reseating by manually removal/insert of SFP although the IF is disabled PR984192
SNMP OID VRRP-MIB::vrrpAssoIpAddrRowStatus returns only one IP address when the interface ifl has configured with two virtual-addressees under two vrrp-groups. PR987992
CFMD may crash after configuration change of an interface in a logical system which is under OAM config for a l2vpn instance. PR991122
On MX Series router with MPCs or T4000 router with type5 FPC, when the "Hardware-assisted-timestamping" is enabled, the MPC modules might crash with a core file generated, the core files could be seen by executing CLI command "show system core-dumps". PR999392
In L2 circuit, with async notification configured on a client facing interface goes down, then on the remote PE the corresponding CE interface shows up in show interface terse output while in log snmp reports interface down. PR1001547
Fabric Blackholing logic recovery for certain cases will be done with different action (Phase 1/2/3) based on the problem. PR1009502

J-Web

An insufficient validation vulnerability in J-Web can allow an authenticated user to execute arbitrary commands. This may allow a user with low privilege (such as read only access) to get complete administrative access. This scope of this vulnerability is limited to only those users with valid, authenticated login credentials. Refer to JSA10560 for more information. PR826518

Layer 2 Features

Layer 2 Control Protocol process (l2cpd) is used to enable features such as Layer 2 protocol tunneling or nonstop bridging. If a router receives a Link Layer Discovery Protocol (LLDP) packet with multiple management address TLV, memory leak might occur which resulting in l2cpd process crash. PR986716
In BGP signaled VPLS/VPWS scenario, rpd process memory leak might occur when a group with wildcard configuration is applied to the routing instance. PR987727
When "system no-redirect" is configured, l2 descriptor destination MAC address gets overwritten and causes "DA rejects" on next-hop router. PR989323
jnxLacpTimeOut trap may show negative values and incorrect values for jnxLacpifIndex and jnxLacpAggregateifIndex. PR994725
In race condition, when FPC gets rebooted or reset, link(s) from this FPC which are part of aggregate-ethernet bundle would remain in LACP "Detached" state indefinitely. user@router> show lacp interfaces ae102 Aggregated interface: ae102 LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity xe-2/0/0 Actor No Yes No No No Yes Fast Active xe-2/0/0 Partner No Yes No No No Yes Fast Passive xe-2/0/1 Actor No No Yes Yes Yes Yes Fast Active xe-2/0/1 Partner No No Yes Yes Yes Yes Fast Active LACP protocol: Receive State Transmit State Mux State xe-2/0/0 Defaulted Fast periodic Detached xe-2/0/1 Current Fast periodic Collecting distributing user@node> show interfaces xe-2/0/0 terse Interface Admin Link Proto Local Remote xe-2/0/0 up up xe-2/0/0.0 up up aenet --> ae102.0 xe-2/0/0.32767 up up aenet --> ae102.32767 This issue would be seen when associated aggregate-ethernet bundle is configured for vlan-tagging. To clear this condition, the affected interface should be deactivated and activated using cli commands. user@node# deactivate interfaces xe-2/0/0 user@node# commit user@node# activate interfaces xe-2/0/0 user@node# commit. PR998246
In the Ethernet ring protection switching (ERPS) environment, once graceful Routing Engine switchover (GRES) happens on the ring protection links (RPLs) owner node, there will be a ~30s Ring automatic protection switching (R-APS) message storm in the ring, which in turn causes some VPLS instance flapping. PR1004066
With scaled VPLS instances configured, aggressively flapping the interfaces belonging to the VPLS instances might result in l2cpd process memory leak. When l2cpd reaches its max memory limit, l2cpd process crash will be seen. PR1009952
Commit is failing on backup Routing Engine with ethernet-ring configuration under "protocol protection-group" hierarchy. user@R1# commit synchronize re0: configuration check succeeds re1: [edit protocols protection-group] 'ethernet-ring vkm1' L2CPD : INVALID node-id configured for pg vkm1 error: configuration check-out failed re0: error: remote commit-configuration failed on re1 Node id value is not available to backup Routing Engine, when it is not configured. As in such case it is derived from chassis mac and on backup Routing Engine chassis-mac remains as 00:00:00:00:00:00. Fix: validation check for node-id value will not be done on backup Routing Engine PR1011441
In a mixed VPLS instance where both LDP and BGP flavors are present, any cli change in that instance will result in rpd crash. PR1025885

MPLS

In LDP signaling L2circuit or VPLS scenario, if L2-smart-policy is configured under LDP protocol, and the LDP interface flaps, RPD might crash. PR899810
In a scaled MPLS environment, whenever Fast reroute (FRR) or Link Protection (LP) or Node Protection (NP) is configured, the switchover from the primary LSP to the secondary LSP might cause traffic loss for few seconds. PR973070
In the MPLS environment with no-cspf and strict ERO configuration. In race condition, if a PATH message with routing loop error is received before standby Routing Engine has resolved the correct PATH message with no loop, some of LSP are not replicated on standby Routing Engine. If Routing Engine switchover occurs, the forwarding traffic might be affected. PR986714

Network Management and Monitoring

The Packet Forwarding Engine local protocol statistics are 32-bit counters. If there is a rollover (typical candidates are ARP/LACP), those counters start from zero. mib2d will add all counters again if one of the Packet Forwarding Engine statistics traffic counter is less than the previous collected counter, causing the multiplication affect. PR986712

Platform and infrastructure

The cprod commands essentially allow "root" access to FPCs. Therefore, access to those commands should be highly restricted. The issue here is any user with "shell" permission will be allowed to use cprod command. We should add restrictions to cprod to only "root" permission users. PR924574
The Routing Engine and FPCs are connected with a internal Ethernet switch, in some rare case, the FPCs might receive a malformed packet from the Routing Engine (e.g. packet gets corrupted somewhere on it's way from Routing Engine to FPC), then the toxic traffic might crash the FPC. PR938578
On MX Series based linecards, if large scale of trunk interfaces (e.g. 16K) with "flexible-vlan-tagging" tag type is loaded, the MPC might see thread timeout and congestion, as a result it keeps rebooting. PR939336
If an unnumbered interface is configured as the next-hop interface for a static route, when issue "clear arp hostname <hostname>" command twice, the ARP entry for static route would get deleted and could not get updated any more. The ARP entry will appear again only after deactivating and then activating static route. PR944738
On MX Series platform, MPC might crash and reboot when a non-template filter gets deleted (but does not get completely cleaned up) and the same filter index gets reassigned to a template filter. This could be considered as a timing issue given it comes with a very specific sequence of events only. PR949975
On MX Series based line cards, there is a extremely tiny window that when one interface is created short after another interface, which has packets getting exception handled, get deleted, the created interface might reuse the same interface index as the deleted interface. In this case, the NPC might crash when the exception packets come in before the interface is fully created. PR960029
On MX Series based line card, VPLS traffic might get blocked for about 5min (timer of MAC address aged-out) after re-negotiating control-word. PR973222
On MX Series routers with MPCs and MICs in a setup involving Packet Forwarding Engine fast reroute (FRR) applications, if an interface is down for more than ARP timeout interval or if ARP entries are cleared by cli commands, then after the interface is up again packet forwarding issues may be seen for traffic being forwarded over that interface. See also PR 955231. PR980052
When services packet (interface-style) is diverted to different routing-instance using a firewall filter, route lookup of the services packet was matching a reject route which results in packet processing engine (PPE) thread Timeout. PR988553
TXP might not trigger autoheal after 65535 CRC error event on inter-chassis optical hsl2 link. Customer will need to do manual fabric plane reset to recover the faulty SIBs after the 65535 CRC error event. PR988886
Issues in shared bandwidth policer handling may manifest itself as NPC core, very low call setup rate and various error messages, especially when configuration includes VLAN demux over AE interface. PR989240
On MX Series router with MPCs or T4000 router with type5 FPC, the router has large scale configuration (in this case, 10k L2VPNs, 29k OSPF routes, 10k LDP routes, 2K BGP routes). When a multicast-related interface up/down, the MPC might crash due to allocation memory failure. PR991171
On MX2020/MX2010 we might see sporadic FO request time-out error reported under heavy system traffic load. This would mean the request returning into a grant took longer then +/-30usec. The packet will still get forwarded through the fabric hence no operational impact. [May 6 18:56:59.174 LOG: Err] MQCHIP(2) FO Request time-out error [May 6 19:33:47.555 LOG: Info] CMTFPC: Fabric request time out pfe 2 plane 6 pg 0, trying recovery. PR991274
When two midplane link errors are present between F13 and F2 Sibs then CLOS rerouting logic does not work properly. This can introduce RODR packet drops and result in destination errors in the plane. PR992677
"delete" or "deactivate" of apply-group defining the entire TACACS or RADIUS configuration configured under [edit system apply-group <>] does not take effect on commit. This could lead to TACACS or RADIUS based authentication to still continue working despite removal (delete/deactivate) of configuration. PR992837
Packet dropped with ipv6 reject route are currently subjected to loopback ipv6 filter processing on MX Series-based line cards, as a result the packet dropped by a reject route may be seen from the "show firewall log". PR994363
On MX Series router with MX Series linecard or T4000 router with type5 FPC. If the CoS scheduler is configured without transmit-rate while with buffer-size temporal, the Packet Forwarding Engine might not allocate buffer for the associated queue. The issue might lead to packets loss. PR999029
In the IRB interface environment with "destination-class-usage" configuration. If the bridge domain ID is the same as Destination Class Usage (DCU) ID (bridge domain ID and DCU ID are generated by system), the firewall filter might match wrong packets, the packet forwarding would be affected. PR999649
On M7i, or M10i equipped with Enhanced Compact Forwarding Engine Board (CFEB-E). When a MPLS LSP flaps, the CFEB-E is unable to recover 8 bytes of JTREE memory per event. PR1000385
MS PIC control messages (i.e. keep alive packets) are going on low priority host bound queue HNQ1 which might be already congested due to excessive host bound traffic (e.g. > 5KPPS multicast resolve traffic) instead of high priority HNQ0 after graceful Routing Engine switchover (GRES), which might cause PIC control packets to get dropped and result in MS PIC reboot. PR1001620
When receiving traffic coming on MPC and going out on DPC, the MAC entry on a Packet Forwarding Engine might not be up-to-date and the frames targeted to a known MAC address will be flooded across the bridge domain. PR1003525
On MX Series based platform, routers in the same VRRP instance might both claim to be VRRP master after performing unified in-service software upgrade (ISSU) upgrading to specific Junos OS versions. PR1004471
The non-first IP fragments containing UDP payload may be mistakenly interpreted as PTP packets if the following conditions are met: - the byte at the offset 9 in the IP packet contains 0x11 (decimal 17) - UDP payload - the two bytes at the offset 22 in the IP packet contain the value 0x01 0x3f (decimal 319; byte 22=0x01 and byte 23=0x3f) - PTP protocol The mis-identification of the packet as PTP will trigger the corruption of the fragment payload. PR1006718
Memory allocated in reference to the BFD session was not getting freed up. This resulted in memory leak and the memory exhaustion triggered crash. PR1007432
On TX Matrix Plus routers or TX Matrix Plus routers with 3D SIBs, all the incoming interfaces on an FPC are deactivated when none of the fabric planes are functional. By default, the interfaces remain activated. You can enable the deactivation of interfaces by using the fpc-restart configuration statement at the edit chassis fabric degraded hierarchy level. This issue has been resolved. PR1008726
MPLS traffic going through the ingress pre-classifier logic may not determine mpls payload correctly classifying mpls packet into control queue versus non-control queue and expose possible packet re-order. PR1010604
When receiving traffic coming on MPC and going out on DPC, an Ethernet frame with known DMAC will be flooded to the whole bridge domain after flapping the link which the given MAC is learned for more than 32 times. PR1026879

Routing Protocols

In Protocol Independent Multicast (PIM) scenario, if interface get deleted before the (S,G) route is installed in the Routing Information Base (RIB), then this interface index might be re-used by kernel for another interface and thus cause routing protocol process (rpd) core. PR913706
In scaled BGP routes environment (global table ~1.5 million routes). First flapping one BGP session (e.g. change the BGP authentication method can get it), after that deleting another BGP session that holds the active routes, this might lead to routing protocol daemon (rpd) scheduler slips. PR928223
For the Aggregated Ethernet (AE) interface, the Bidirectional Forwarding Detection (BFD) sessions might flap in a scaled scenario with more than 600 BFD sessions up. And these BFD session flaps could result in the Packet Forwarding Engine memory leak and thus cause Packet Forwarding Engine crash and core file generation. PR943381
Performing CLI command "clear multicast bandwidth-admission interface <int>”on 64-bit Junos OS results the rpd process crash. The command should be used without the interface qualifier on the impacted releases. PR949680
In the multicast environment, when the name of a VRF is changed, if an IGMP interface is trying to be associated with a new multicast instance before the new multicast instance is created, the rpd process might crash. PR962885
In certain rare circumstances, BGP NSR replication to the backup Routing Engine may not make forward progress. This was due to an issue where an internal buffer was not correctly cleared in rare circumstances when the backup Routing Engine was experiencing high CPU. PR975012
This is a rare condition issue. In the multicast environment, if upstream reverse path forwarding (RPF) failure as there is no valid unicast route available towards the source, the rpd process might crash. PR976108
In scaled BGP environment, if a NSR enabled router does not have any routing-instance configured, after flapping BGP groups with multiple peers, some BGP neighbors might get stuck in 'not advertising' state. PR978183
On a platform with an IGMP configuration in which two receivers are joined to the same (S,G) and IGMP immediate-leave is configured, when one of the receivers sends a leave message for the (S,G), the other receiver might not receive traffic for 1-2 minutes. PR979936
In Junos OS, by default the RIP protocol "send" option is set to Multicast RIPv2. When this "send" option is changed from "multicast"(active) to "none"(passive) or vice-versa, rpd core might be seen on the router. PR986444
In v4 route group (RG), member site receives traffic from both serving sites for few sources upon withdraw/inject routes for 30 seconds PR988561
When all the following conditions are met, if the knob "path-selection always-compare-med" is configured, the rpd process might crash. - routing-instance (VR, VRF) with no BGP configuration - rib-group in default instance with routing-instance.inet.0 as secondary-rib - rib-group applied to BGP in default instance - BGP routes from master tables (inet.0) leaked to the routing-instance table (routing-instance.inet.0). PR995586
There are two scenarios that the rpd might crash. The first scenario is when all BGP peers flap with bgp route target proxy configured. The second scenario is when BGP session is configured in a way that one side is configured with family l2vpn auto-discovery-only, while on the other side is configured with both family l2vpn signaling and keep all knobs. PR1002190
When IS-IS is configured for traffic engineer (TE), after remove family mpls from the interface and removing the specific interface from [edit protocols rsvp] and [edit protocols mpls] hierarchy level, corresponding link is not removed from the TED as expected. PR1003159
When there are more than 65535 "flow-spec" routes existing in the routing table, the rpd process might crash because it exceeds the current maximum supportable scaling numbers (Current scaling numbers are in the range of 10K~16K). PR1004575
Abnormal ip6 route-calculation behavior can be seen when ospf3-te-shortcut is configured. PR1006951
When the same PIM RP address is learned in multiple VRFs, with NSR configured, RPD on the backup Routing Engine may crash due to memory corruption by the PIM module. PR1008578
When inet.3/inet6.3 is not enabled, BGP group uses inet6.0 table to advertise the routes for both inet6 unicast and inet6 labeled-unicast families. When BGP family is changed, BGP sessions re-establish. When BGP starts to advertise routes to the peer, BGP expects to see route label however if the old inet6 unicast routes are still present (not completely cleaned), then rpd process crashes. The fix is to separate BGP group for inet6 unicast with inet6 labeled-unicast with same rib. The old peers are cleaned up in the old group and new peers are established in new group. Thus, new peer establishment is not delayed by the cleanup of the old peer. PR1011034
Under certain sequence of events RPD can assert after a RPD_RV_SESSIONDOWN event. PR1013583
When receiving open message with any capability after the "add-path" capability from BGP peer, the session will be bounced. PR1016736
The snmp trap generated when an ipv6 BFD session goes up/down does not contain the ipv6 bfd session address. PR1018122
The Junos OS implementation of RFC 3107 uses unspecified label (0x000000) when sending route with label withdrawn message. This means Junos OS sends 0x000000 instead of 0x800000 for label withdrawn, which is inconsistent with RFC 3107. PR1018434

Services Applications

The dynamic flow control process (dfcd) might generate core file when Dynamic Tasking Control Protocol (DTCP) trigger request is same for both the VLAN and DHCP subscriber. PR962810
If a PPPoE/PPP user disconnects in the access network without the LAC/LNS noticing it to tear down the connection (also the PPP keepalive has not detected yet), and a second PPP request comes from the same subscriber on the L2TP tunnel (same or different LAC/tunnel), then a second route is added to the table having the next hop "service to unknown". PR981488
On M Series, MX Series, T Series routers (platforms) with Services PIC with dynamic-nat44 translation-type configured, when the flows are cleared the IP addresses in use are never freed. This issue is present in Junos OS 11.4R7 and all more recent releases without this fix. PR986974
In the NAT environment, a same pool is used in several terms of a nat-rule. If any pool parameter is modified, the configuration change is ignored. PR994200
The redundant services PIC (rsp-) interfaces or redundant Multiservices (rms-) interfaces configured with "hot-standby" mode might flap upon committing any configuration change (will happen for even an unrelated interface description change). PR1000591
The following messages are being logged at ERR not DEBUG severity: mspd[3618]: mspd: No member config mspd[3618]: mspd: Building package info This PR sets the correct severity. PR1003640
When removing a basic-nat44 translation term, there is a chance the prefix that was used for this translation will become wedged. Any attempt to reuse this prefix for dynamic-nat44 or napt-44 will be such that no address/port allocation will succeed. PR1008214
Sofwire tunnel count management is inconsistent and incorrect, thus the output of "show service softwire statistics" might be incorrect. PR1015365
An MS-DPC PIC coredump may be generated if ICMP is used with EIM. PR1028142

Subscriber Access Management

MIB entries for jnxUserAAAAccessPoolRoutingInstance may not appear after deleting and re-adding an assignement pool unter a routing instance. PR998967

User Interface and Configuration

When PIM is enabled via apply-groups to one routing-instance whose instance-type is not defined (no-forwarding type is set), incorrect constraint check of PIM will cause routing protocol daemon (rpd) to crash upon any configuration change later. PR915603

VPNs

With NSR and BGP L2VPN/VPLS configured, if Nonstop active routing (NSR) is enabled on the router, rpd process might crash on backup Routing Engine when flapping core-facing interface or label-switched interface (LSI). PR937812
In NG-MVPN scenario with S-PMSI tunnel has been triggered, perform Routing Engine switchover right after deleting the MVPN routing instance might cause rpd process on master Routing Engine to crash. PR941160
In Draft-Rosen MVPN with multihoming source PEs scenario, if one PE is sending on the default mdt and another PE is sending on the data mdt or both are sending over the data MDT, the PIM assert might not be triggered, resulting in duplicate multicast traffic. PR973623
In the Rosen-MVPN environment, multicast traffic might loss for 200 ms during Routing Engine switchover. PR993822
In AT route-group scenario, source route is flapped on preferred serving site. After that the member site fails to originate type-4 even though it has type-5 and type-3 from non-preferred serving sites. PR994687
Serving site B is not receiving all the traffic from serving site A when traffic is reduced from the exceeded cmcast limit. PR1001861
After issuing a "request pim multicast-tunnel rebalance" command the software may place the default encapsulation and decapsulation devices for a Rosen MVPN on different tunnel devices. PR1011074

Resolved Issues: Release 13.2R5

Class of Service (CoS)

We cannot bind classifier on GRE interface" for MX Series based platform for some customer demand now. To restore the old behavior, we can configure 'exp-default' knob on GRE interface with the fixed Junos image. << example >> set class-of-service interfaces gr-0/0/0 unit 0 classifiers exp default. PR941908
If any of the schedulers have an ID of zero, cosd process might crash following a commit. PR953523
Sometimes the cosd generate the coredump when add/delete child interface on the LAG bundle. PR961119
Applying a scheduler with transmit rate below 65,535 bps and rate-limit option fails the commit if the associated interface is an non-existing interface or a virtual interface. PR964647
On MX Series router with non-Q DPC (in this case, DPCE 40x 1GE R), when the "interface-set" is configured on a non-Q DPC, then execute the command "show interfaces interface-set queue <interface-set-name>", the DPC might crash. PR979668

Forwarding and Sampling

VPLS mac-table doesn't gets populated with mac of previous lt interface after replacing the lt interface in the configuration, that might cause CE connected to the lt interface to get isolated. PR955314
When port-mirroring or sampling is configured, if a lot of route updates are happening in the system, the routing protocol convergence time might be long and packets loss might be observed. PR963060
Under rare circumstances, when a forwarding table filter (FTF) is configured and applied as a routing-instance (i.e. VPLS) in a same configuration change (i.e. in a same commit operation), if the Packet Forwarding Engine receives the forwarding-table binding message before the firewall filter content from the Routing Engine, then the MPC may restart. PR963584
DPC crashed after deactivate/activate [routing-instances TPIX bridge-domains IX bridge-options]. PR983640

General Routing

The chassisd process is getting stalled and later on restarts with core. The stalling might be caused by debug code which is used to log the errors in the counters when i2c driver or kernel bug shows. PR912990
In the MX-VC scenario, have chassis fabric redundancy mode set to increased bandwidth (root@user# set chassis fabric redundancy-mode increased-bandwidth). Then configure the "offline-on-fabric-bandwidth-reduction" for any slot (root@user# set chassis fpc <slot> offline-on-fabric-bandwidth-reduction). After that execute commit, the commit check failed and chassisd crashed with core-dumps. PR932356
This problem occurs when a large amount of services and ams configuration is changed in a single override operation. A workaround for this problem is to offline and online the PIC during or after the configuration change. PR933674
In Junos OS versions later than 11.2 where IFL localization is enabled, Routing Engine mastership switchover could lead to IFL indexes inconsistency in FPCs when graceful Routing Engine switchover (GRES) is configured. This inconsistency could gradually lead to IFL index overlaps and traffic blackholing. PR940122
The SNMP Get, GetBulk, or GetNext request response for lldpPortConfigTable was not filtering-out the information of interfaces that are configured in the filter-interfaces statement at the [edit snmp] hierarchy level. The issue is resolved now. PR946975
FPC might lose the socket connection to the Routing Engine during the time kernel live-core dump is active. IGP session might get dropped after the socket connection got closed. The FPC will get restarted by the kernel once the live-core dump has finished. PR954045
Working fine on the latest build during the following scenarios. 1.while adding/deleting the NAT term to an exisiting NAT rule, flow is not deleted 2. while adding/deleting the new SFW rules to an existing service-set, flow is not deleted 3. while adding a new service(sfw, nat etc) to existing service-set,flow reset is seen and should be release noted this point. PR961353
In the initial router configuration, if static routes are configured over GRE interface and OAM is enable, then the static routes may remain active while the GRE tunnel is down. PR966353
In processing for fpc-resync and fab-liveness packets if error occurs while sending packet we do not free the packet. This causes packets buffers to leak and eventually the packet heap runs out of memory. PR973892
In the high scale P2MP LSP environment, heap memory leak might occur when the LSP flaps. Then some P2MP LSPs might be not installed, so the traffic will lose. PR979211
In the BFD environment with static route, the BFD session is established between two routers. When disable the subinterface on one router, the BFD AdminDown packet will be sent out from the router (this is not expect). But according to RFC5882, another router receives the AdminDown packet, the static route will never be deleted on it. That might cause traffic packets are dropped. PR982588
Software will monitor the FPD dial setting in SFC and LCC and raise a alarm if changed during runtime. In SFC the config dial and in LCC M/S dial will be monitored. PR955319
In subscriber management environment, upgrade Junos OS to specific version (include 12.3R6 13.2R4) via unified ISSU might make subsequence subscribers fail to connect with following error: "jdhcpd_profile_request: Add Profile dhcp request failed for client in state LOCAL_SERVER_STATE_WAIT_AUTH_REQ: error = 301". PR959828
Default threshold for ES-FPC errors is 1 for major errors and 10 for minor errors, when the threshold is reached, some actions (eg, alarm|offline-pic|log|get-state|offline|reset) will be taken by FPC as configured. This feature is designed for permament/real errors. The issue here is that even some transient errors (eg, link flaps) will also trigger the default action. In some cases, it might cause panic for the FPC. PR961165
Ethernet over ATM LLC has missing OUI information. PR961468
On all Junos OS platforms, if there are some events that cause Packet Forwarding Engine to restart (e.g. changing system mode on a QFX5100 switch), service might be interrupted because the stale interface index is not deleted successfully. PR962558
Destination alarms are cleared after fabric event even though destination errors are present in the system. PR967013
Support for layer 3 VPN localization has been deprecated in the Junos OS releases and platforms listed below. This affects the following CLI command: "set routing-instances [instance-name] routing-options localize" Junos OS releases: - 12.3R7 (CLI command is hidden) - 13.1R5 (CLI command is hidden) - 13.2R5 (CLI command is hidden) - 13.3R3 (CLI command is removed) - 14.1 (CLI command is removed) - 14.2 (CLI command is removed) Platforms: - M 320 Series router - MX Series routers (all) - T Series routers (all). PR967584
On MX Series platform, when the Channelized T1/E1 Circuit Emulation MIC (MIC-3D-16CHE1-T1-CE) with non-enhanced queuing MPC1 or MPC2 is inserted, no traffic is being forwarded out of the T1/E1 ports. PR967861
Autoheal denied reason may not be shown if CRC errors occur on the same cable from F13 side more than once in an autoheal window and subsequently error is seen is again from LCC side. PR973783
You cannot configure an MTU value on family inet greater than 1496 if there is a trunk port configured on the interface; if you configure an MTU greater than 1496, a commit error occurs. If you configure an MTU value on a physical interface on which a trunk interface is configured, the configured MTU value is ignored and the value is set to 1518. These issues do not occur if there is no trunk port on the interface. PR974809
PPP over ATM transit traffic was not being fragmented correctly by ATM MIC. The changes allow the fragmentation of the transit traffic to work properly. PR976508
Changing service set configuration continuously during scaled traffic conditions may result in stability issues. PR978032
In rare condition, when PPPoE subscribers login with large amounts of configuration data, the subscriber management infrastructure daemon (smid) and authentication service process (authd) might crash, and no new subscribers could connect to the router. PR980646
OpenSSL library in Junos OS was patched to resolve CVE-2010-5298. PR984416
On M7i/M10i with enchanced CFEB, M320 with E3-FPC, M120 and MX Series with DPC. In a race condition, the Dense Port Concentrator (DPC) may crash when ifls get added to an ifl-set while that same ifl-set get deactivated/deleted in class-of-service. For example: # set interfaces interface-set interface_set_JTAC_ge-3/0/0 interface ge-3/0/0 unit 100 # deactivate class-of-service interfaces interface-set interface_set_JTAC_ge-3/0/0 # commit or (quick commit of following changes) # set interfaces interface-set interface_set_JTAC_ge-3/0/0 interface ge-3/0/0 # commit # deactivate class-of-service interfaces interface-set interface_set_JTAC_ge-3/0/0 # commit. PR985974
Under normal circumstances, the Maximum Receive Unit (MRU) value is set to MTU size + 8 bytes (e.g. MTU=9102, MRU=9102+8=9110). But in this case, when MTU is set to a large value (MTU=9192) on AE interface, the MRU still uses the default value 1522 bytes. So when the interface receives packets with a size more than 1522 bytes, the packets are dropped. PR994826

Infrastructure

On RE-S-1800 family of Routing Engine, after a intensive writing to SSD, the immediate rebooting might cause SSD to corrupt. PR937774

Interfaces and Chassis

If the "tunnel-destination" address of a Generic Routing Encapsulation (GRE) interface is placed in one instance and the GRE interface is placed in another routing-instance, the lookup for the GRE tunnel destination is done on inet.0 instead of the appropriate routing instance's inet.0 table. The similar issue could happen on IP-over-IP or Automatic Multicast Tunneling (AMT) tunnels too. PR851165
When DHCP local server and DHCP relay are both configured on same router, the DHCP relay binding might get lost if a graceful Routing Engine switchover (GRES) is performed. PR940111
When Connectivity Fault Management (CFM) is configured, if maintenance domain intermediate point (MIP) session associated to default maintenance domain (MD) is inactive, a deletion of interface can not delete MIP session structure, hence might causing memory leak. This crash could also be seen if delete more than one Virtual private LAN service (VPLS) routing instances with no neighbor configuration. PR947499
IP address change of a DHCP relay interface does not get reflected in gateway IP address (giaddr) when maintain-subscribers knob is enabled, which needs to restart DHCP daemon to make it work again. PR951909
On MX Series routers (platforms) with Small Form-factor Pluggable (SFP). There are two connected ports, both of them are configured with auto-negotiation, and one port is configured speed with 10M. So both the ports auto negotiate to 10m. After removing the SFP from one port and reinserting it, then the port is not coming up. PR953518
In L3 Wholesale environment, the DHCP clients might fail to renew their address in DHCP relay scenario. PR956675.
Kernel crash may happen when a router running a Junos OS install with the fix to PR 937774 is rebooted. This problem will not be observed during the upgrade to this Junos OS install. It occurs late enough in the shutdown procedure that it shouldn't interfere with normal operation. PR956691
In very uncommon situation, we will see LCCs chassisd state is inconsistent with SFC chassisd state, This is very misleading in troubleshooting stage. This PR fixed this issue. PR963342
Configuring Ethernet Ring Protection Switching (ERPS), after changing interface's MTU on Ring Protection Link (RPL) owner, all the interfaces on RPL owner change into forwarding state, hence cause a layer 2 loop. PR964727
On MX Series platform with Ethernet Ring Protection Switching (ERPS) configuration, after disabled Ring Protection Link (RPL) interface and then move RPL from west interface to east interface, as a result, the ERPS east and west interface might go into discard state at same time. PR970121
Temperature Top and Bottom are swapped in show chassis environments output for Type3/Type4 FPCs of T Series. PR975758
In the large scaled VPLS environment , during delete routing-instance of type VPLS, the memory is not getting freed. The connectivity-fault management daemon (cfmd) might crash with a core file generated, the core files could be seen by executing CLI command "show system core-dumps". PR975858
Vrrpd memory leaks only on backup Routing Engine without any operation on condition that graceful-switchover under chassis/redundancy is enabled and nonstop-routing under routing-options is disabled with configuring ipv6 vrrp groups. PR978057
In the multilink frame relay (mlfr) environment with "disable-tx" configuration. When the differential delay exceeds the red limit, the transmission is disabled on the bundle link. When it is restored, the link should be added back. But in this case, the link stays disable state and it is not rejoined to the bundle. PR978855
After the following process, we can find MCAE becomes standby/standby status. Even if we set "set interfaces aeX aggregated-ether-options mc-ae events iccp-peer-down prefer-status-control-active" for both routers, we can find this issue. << topology example >> iccp ge-1/0/1 ge-1/0/1 [ MX80(router A)]-----------------[MX240(router B)] \ ae0 ae0 / --active-- \ / --standby-- \ MC-LAG / \ / \ / ae0(ge-0/0/0)\ /ae0(ge-0/0/1) [ EX4200(switch C) ] << process >> initial status router A : active router B : standby 1. disable ae0 of router A. 2. disable iccp link of router A. 3. disable ae0 of switch C 4. enable iccp link of router A. (Please wait until iccp status up.) 5. enable ae0 of switch C 6. enable ae0 of router A. PR982713
When Cisco running in an old version of PVST+, it does not carry VLAN ID in the end of BPDU. So Juniper Networks equipment fail to respond to Topology Change Notification ACK packet when interoperates with Cisco equipment. After the fix, Juniper Networks equipment will read the VLAN ID information from Ethernet header. PR984563

MPLS

The RSVP bandwidth of the aggregated Ethernet (AE) bundle does not adjust properly when a member link is added to AE interface, and at the same time an IP address is removed from this AE bundle. PR948690
Label Distribution Protocol (LDP) feature enable and the background job "LDP sync send filtered label job" is running, when shut down the LDP, due to LDP failing to delete a job that didn't exist while shutting down, routing protocol daemon (rpd) might crash. PR968825
In the large scaled MPLS setup with NSR enabled. When restart routing protocol daemon (rpd) on standby Routing Engine, or reload standby Routing Engine, or reload router, some filtered output label bindings might be missed on the backup Routing Engine, which leads to Label Distribution Protocol (LDP) database between the master and backup Routing Engines are inconsistent. PR970816
In the MPLS environment, when execute the command "show snmp mib walk mplsXCTable" to walk the MPLS cross connect table, the routing protocol daemon (rpd) CPU utilization might reach over 90%, and the rpd process doesn't respond to any CLI show commands. PR978381
snmpwalk/snmpgetnext or "show snmp mib walk" fail when polling MPLSLSPOCTETS, MPLSLSPPACKETS, MPLSLSPINFOOCTETS or MPLSLSPINFOPACKETS. PR981061
In the MPLS environment with "egress-protection" configuration, there is a direct LDP session between primary PE and protector. One context-id is configured as primary PE's loopback address or any LDP enabled interface address. When delete the whole apply-group or delete the ldp policy from apply-group, the routing protocol daemon (rpd) might crash. PR988775

Platform and Infrastructure

Since the AC Power System on MX2020 is a N+N feed redundant and N+1 power supply modules (PSMs) redundant, there are two separate input stages per PSM , each connected to one of the two different/redundant feeds. However, only one stage is active at a time. This means, the other input stage (unused input stage) may be bad and system will not know about it till it tries to switch to it in case of a feed failure. PR832434
Issue description: When the instance have vlan-id all and adding interface unit with "vlan-tags outer X inner Y" to this instance, traffic from ALL instance VLANs is leaking over that unit tagged with outer tag X and each VLANs own inner tag A,B.C,..... Fix: When the instance have vlan-id all, for dual tagged ifl the inner vlan check will be done. PR883760
On MX Series based line card, for interfaces tagged with VLAN ID same as the native-vlan-id configured on the interface, FPC adds Native VLAN ID to the packets received on the interface and destined to the host. This is irrespective of the packet content. This results in the packets getting doubly tagged when receiving packets which are already tagged with VLAN ID matching the Native VLAN ID, and thus cause ARP resolution failure on Native VLAN. For example, the ARP packets to IRB (on VLAN 101) are tagged with VLAN ID 101 (which is also the native VLAN ID) and are getting additional tagged. Hence they are dropped by the IRB and this can cause the ARP request packet not getting resolved on Native VLAN. PR917576
When the transit traffic is hitting the router and the destination is a local segment IP which requires ARP resolution, it's mis-classified by the DDOS filter and an incorrect policer is applied. This leads to host queue congestion. PR924807
This issue might occur when the following conditions are met: * Custom user class is configured * allow-configuration-regexps or allow-configuration is configured in the custom user class. PR931415
MPC Type 2 3D may crash with CPU hog due to excessive link flaps causing the interrupts to go high . PR938956
On M7i/M10i/M120/M320 platform, when performing a software upgrade the upgrade may fail at the verification stage and a 'checkpic' coredump generated. PR946582
In PPPoE subscriber management environment, if the BRAS router is MX Series router with MS-DPC equipped and traffic from the subscribers is NATed on MS-DPC card, when PPPoE subscribers flap, heap memory leak might occur on the MS-DPC. PR948031
If a PE router is both egress and transit node for a p2mp lsp, the Packet Forwarding Engine may report errors and install a discard state for the fib entry representing the p2mp lsp label with bottom of stack bit set to 0 . This problem does not have any impact since there is no application using the s=0 entry of a p2mp lsp. PR950575
MIC-3D-40GE-TX (3D 40x 1GE(LAN) RJ45) restarts with core-dumps repeatedly after configuring "VRRP interface" and "traffic-manager mode ingress-and-egress" on PIC2 or PIC3. PR950806
* MX2020 FanTray power specification. - zone#1:FT#3 - gets power from zone#1 only - zone#1:FT#2 - gets power from zone#0 in case of no-power in zone#1 - zone#0:FT#1 - gets power from zone#0 only - zone#0:FT#0 - gets power from zone#1 in case of no-power in zone#0 - Critical(Minimum) number for MX2020 operation is 3 If one of zone has no PSM, then it means FAN single-fault in the chassis's point of view. For example, if zone#1 has no PSM, then the FT#3 doesn't get power as it is local-powered FT. Hence, in this case, the FT#3-LED should show ORANGE to notify the single-fault to user, while FT#2 can shows GREEN if it gets enough power from zone#0. In addition, CRAFT-LED for FT#3 should be turned off. * Due to HW-limit(bicolor), it could not show ORANGE color. In current implementation, both CRAFT-LED, FT#3-LED show GREEN. That's problem. * NOTE: Junos OS doesn't support FT double-fault scenario. (MX2020 needs minimum 3 FTs.) If FT#2 gets in trouble in above case(i.e.,FT double-fault), the user should see serious cooling-trouble on SFMs within 1 minute. PR957395
Unable to modify dynamic configuration database after first commit. PR959450
When we set "traffic-manager mode ingress-and-egress" on "MIC-3D-40GE-TX (3D 40x 1GE(LAN) RJ45)", we cannot use ingress queue correctly on PIC2 and PIC3. *Note: We cannot see this issue if we set the above configuration to PIC0 or PIC1. PR959915
A defect in L3VPN Make Before Break code was resulting in freeing memory corresponding to old nexthops which is being used by egress Packet Forwarding Engine. This was resulting in memory corruption. PR971821
With NG-MVPN, multicast traffic might get duplicated and/or blackholed if a PE router, with active local receivers, is also a transit node and the p2mp lsp is branched down over an aggregate interface with members on different Packet Forwarding Engines. PR973938
SNMP alarms/traps could be generated for unpowered fan trays when only one zone is powered. PR982970

Routing Protocols

When inter operate with Cisco router, OSPF adjacency might be brought down by Cisco end, if Junos OS CPU is high and LSA ACK is delayed for over 2 minutes. PR846182
The rpd process might crash when executing the command "show route advertising-protocol bgp <nbr>" without a table option, or with a table that is not advertised by BGP. PR959535
With BGP import policy as next-hop peer-address, if the local router receives inet (or inet-vpn) flow network-layer reachability information (NLRI), routing protocol process (rpd) might crash. Junos OS is designed to create a fictitious nexthop for inet flow and inet-vpn flow families as they don't send/expect-to-receive nexthops. So in this case when the import-policy set a non-null next-hop for the received inet (or inet-vpn) flow route, it could not handle properly which might result in rpd crash. PR966130
In the dual Routing Engine scenario, after a Routing Engine switchover, the periodic packet management daemon (ppmd) might exit. PR979541
Due to some corner cases, certain commits could cause the input and/or output BGP policies to be reexamined causing an increase in rpd CPU utilization. PR979971
Forwarding cache limit not properly meeting threshold after configuration change when configured per address family. PR980578
PPMD filter is not programmed properly which is resulting Routing Engine to absorb BFD packets instead of Packet Forwarding Engine. PR985035

Services Applications

Any SIP MESSAGE request will be dropped by the SIP ALG, this type of request is unsupported from day one. This is rare type of request which will not prevent more usual SIP operations such as voice calls, but it may affect some instant messaging applications based on SIP. PR881813
Clearing the stateful firewall subscriber analysis causes the active subscriber count to display a very huge number. The large number is seen because when a subscriber times out the number of active subscribers is decremented. If it is set to zero using the clear command, then a decrement would give an incorrect result. There is no impact to the overall functionality and the fix is expected to be present in 14.1R2. PR939832
Message type for if_msg_ifl_channel_delete should be lower severity and not an error. PR965298
In the context of DS-Lite softwire scenario, where the Address Family Transition Router (AFTR) node performs NAT with Endpoint Independent Filtering (EIF) and Endpoint Independent Mapping (EIM) enabled, the simultaneous arrival of two packets from opposite sides of the NAT will trigger the creation of the same flow, which in a race condition results in the Service-PIC restart. PR966255
When transferring large FTP file, the server might send packets with incorrect layer 4 checksum. If inline NAT service is enabled on the router, it might transit the packets to client instead of dropping it, which eventually causes the client FTP time out. PR972402

Software Installation and Upgrade

Routing Engine could be brought to DB mode when rebooting after interrupted downgrade. PR966462

User Interface and Configuration

When load large scale configuration, due to the ddl object not being freed properly after it's accessed, load configuration failed with error: Out of object identifiers. PR985324

VPNs

Route group member site and regular site may receive data from two serving sites of two groups for the same (S,G). This only happens when in one RG there are no receivers. PR974245
In Rosen MVPN environment, if there a two multihomed ingress PEs, when the route to multicast source flaps, the receiver router might keep switching between sender Data MDTs, which resulting in traffic loss. PR974914
In the rosen MVPN environment, setting the TOS IP control packet bit can avoid the possibility of data-mdt TLV messages being dropped in the core during congestion. But in this case, the TOS field to indicate its IP control packet (0xc0) is not set. This might lead to traffic loss. PR981523
The S-PMSI tunnel might fail to be originated from ingress PE after flapping the routes to customer multicast source. PR983410
In MVPN scenario, a multihomed ingress PE might fail to advertise type-4 after losing routes to local sources. PR984946

Resolved Issues: Release 13.2R4

Forwarding and Sampling

This is a cosmetic issue. If we prepare following conditions, we can find this behavior when we delete interface policer configuration. We cannot see this behavior without "commit synchronize". < Conditions > 1. Use 64bit Junos OS. 2. Configure "graceful-restart" and "policer". 3. Delete interface policer configuration and then hit "commit synchronize". < backup Routing Engine messages > dfw_update_local_shared_policer: new filter program should be NULL for op 3 If you find this issue with fixed code, please re-configure "system syslog". PR873084
When MAC addresses moves, Layer 2 address learning process (l2ald) will be called and produces some other child processes, the child processes can not be terminated, then maximum process limitation is hit and Routing Engine is locked up. PR943026

General Routing

When gr- interface is disabled, the DECAP-NH also needs to be deleted / set to discard. PR791277
When transit packets with TTL expired received, FPC is responsible to send ICMP TTL Expired message back to sender. There is a 500pps per Packet Forwarding Engine rate limit so that FPC is not overwhelmed when large volume of transit traffic with TTL expired is received. Prior to 13.2R4, the rate limit was applied too aggressively so that only about 40pps can be sent by Packet Forwarding Engine under stress, while it was raised back to 500pps per Packet Forwarding Engine starting from 13.2R4 or later. PR893598
MXVC /kernel: rts_ifstate_client_open:Number of ifstate clients have reached threshold,current = 63 maximum = 63. PR894974
RPD on backup Routing Engine may hit out of memory condition and crash if BGP protocol experiences many flaps. PR904721
On MX Series platforms with MPC4E-3D-32XGE-SFFP/MIC3-3D-10XGE-SFPP equipped, 10G ports of these cards may stay offline where a link flaps or an SFP+ in inserted after above 3 months of link up. PR905589
This PR addresses a timing issue, which happens when "no-vrf-propagate-ttl" is configured in the routing-instance config. When this configuration is present, it may sometime create a situation where the route selection happens of a route which is yet to be resolved in secondary vrf table, which results into a RPD core. PR917536
After FPC/MPC is reset or while PPPoA customer login, in rare case, the ppp daemon (jpppd) may get an incorrect value from device control daemon (dcd) which might cause all the new Link Control Protocol (LCP) messages to be ignored and results in static PPPoA sessions can not come up. This problem is seen on MX Series platform products so far, but the problem is mostly common and if other products are using the same version of Junos OS software it may apply to them. PR912496
MX80 routers now support CLI command "show system resource-monitor summary". PR925794
T1/DS0 statistics counter "Output bytes" indicates extra 64 byte. PR927652
Master Routing Engine reboot due to "panic: pfe_free_peer: not in peer proxy process context" Trigger: replacement of backup Routing Engine. PR936978
Some "service-set" have already existed, when add/delete "stateful-firewall-rules" about more than 400 lines to the existing "service-set", then execute commit, the traffic stopped and never restore without offline/online MS-MIC. PR937489
LNS drops the LCP Compression Control Protocol (CCP) packet silently comes from L2TP tunnel. PR940784
In subscriber management environment, profile database files at backup Routing Engine get corrupted when the dynamic profile versioning and commit fast-synchronize are enabled in configuration. After GRES when the backup Routing Engine become master, all the existing DHCP subscribers stuck in RELEASE State and new DHCP subscribers can't bind at this point. PR941780
MP-BGP route withdraw update may not be sent after deletion of a routing-instance configured with resolve import policy. PR942395
DS0/T1 channel throughput on "16x CHE1T1, RJ48" card with PPP/CISCO-HDLC is not N*64kbps. PR944287
PIC level "account-layer2-overhead" knob with ethernet-bridge doesn't add "Adjustment Bytes". As a workaround, configure it under interface level. PR946131
Egress multicast statistics displays incorrectly after flapping of ae member links on M320 or T Series FPC (M320 non-E3 FPC and T Series non-ES FPC). PR946760
With scaled configuration of ATM VCs (~4000 VCs) on a single MIC-3D-8OC3-2OC12-ATM ATM MIC, the MIC may crash. The crash is not seen with lower scale (i.e. less than 3500 VCs per MIC). PR947434
CLI command "show interfaces queue" does not account for interface queue drops due to Head drops. This resulted in the "Queued" packets/bytes counter to be less than that was actually received and dropped on that interface queue. This PR fixes this issue. Head-drops, being a type of RED mechanism, are now accounted under the "RED-dropped" section of the CLI command "show interfaces queue". PR951235
In a scaled network and on a multi-chassis platform with BGP ECMP configured, when the master Routing Engine of line-card chassis (LCC) crashes, LCC would go through a reboot process to bring up the back Routing Engine, during when the neighbor session of BGP over aggregate Ethernet (AE) interface might get broken. This is because the Unilist NHs of the AE are stuck at standby state and therefore no traffic can transmit through. PR953365
Working fine on the latest build during the following scenarios. 1.while adding/deleting the NAT term to an exisiting NAT rule, flow is not deleted 2. while adding/deleting the new SFW rules to an existing service-set, flow is not deleted 3. while adding a new service(sfw, nat etc) to existing service-set,flow reset is seen. PR961353
On T Series or M320 routers with OSPF knob. If have large scale-routes (e.g. 180K Composite Nexthop), when do costing-out and costing-in operations along with changing gigether-options of core router facing interface multiple times continuously, the Flexible PIC Concentrator (FPC) CPU utilization may increase to 100%, and then FPC may crash. PR961473
On MX Series router with dynamic vlan scenario, when improper sort order data is send to dynamic vlan on the Packet Forwarding Engine , the Modular Port Concentrator (MPC) may crash and generate core files. PR961645
Destination alarm towards HCFPC may get reported with small burst of CRC errors. PR963467
For MX-VC platform, the Packet Forwarding Engine reconnect timer extends from the default 15 seconds to 60 seconds temporarily. This will be reversed once Packet Forwarding Engine connection issues resolved. PR963576
Destination alarms are cleared after fabric event even though destination errors are present in the system. PR967013

High Availability (HA) and Resiliency

/var/log/messages is getting filled up with following GRES related messages. These are harmless and due to the log level(info). *** messages *** Dec 1 22:46:49.201 re0 /kernel: update_slave_peer_gres_status: vksid 0 is_slave_peer_gres_ready 1 is_local_slave_peer_gres_ready 0 Dec 1 22:46:49.201 re0 /kernel: vks[0] 1 vks[1] 0 Dec 1 22:46:49.201 re0 /kernel: PFE-MASTER - vks[0] 1 vks[1] 0 Dec 1 22:46:49.201 re0 /kernel: Slave is ready for GRES for vksid 0 Dec 1 22:46:49.201 re0 /kernel: update_slave_peer_gres_status: vksid 0 is_slave_peer_gres_ready 1 is_local_slave_peer_gres_ready 0 Dec 1 22:46:49.201 re0 /kernel: vks[0] 1 vks[1] 0 Dec 1 22:46:49.201 re0 /kernel: PFE-MASTER - vks[0] 1 vks[1] 0 Dec 1 22:46:49.201 re0 /kernel: Slave is ready for GRES for vksid 0 Dec 1 22:46:49.401 re0 /kernel: update_slave_peer_gres_status: vksid 0 is_slave_peer_gres_ready 1 is_local_slave_peer_gres_ready 0 Dec 1 22:46:49.401 re0 /kernel: vks[0] 1 vks[1] 0 Dec 1 22:46:49.401 re0 /kernel: PFE-MASTER - vks[0] 1 vks[1] 0 Dec 1 22:46:49.401 re0 /kernel: Slave is ready for GRES for vksid 0 Dec 1 22:46:53.000 re0 /kernel: update_slave_peer_gres_status: vksid 0 is_slave_peer_gres_ready 1 is_local_slave_peer_gres_ready 0 Dec 1 22:46:53.000 re0 /kernel: vks[0] 1 vks[1] 0 Dec 1 22:46:53.000 re0 /kernel: PFE-MASTER - vks[0] 1 vks[1] 0 Dec 1 22:46:53.000 re0 /kernel: Slave is ready for GRES for vksid 0. PR918075

Interfaces and Chassis

If there are several logical systems in one router, basically one logical tunnel (lt-) interface needs to work with another lt- interface, which is peer lt- interface. If one of them allocates a MAC address first and the other attempts to allocate a MAC address, then panic happens since it is a reallocation which finally results in the kernel crash. The problem may be seen when deactivating and then activating logical systems or renaming the lt- interface. PR837898
Flapping MLPPPoLNS (multiple ppp over L2TP network server) subscribers may cause logical interface (ifl) index leak, which results in subscribers being unable to connect or very slow to connect to MX Series router. PR886474
In Point-to-Point Protocol over Ethernet (PPPoE) scenario, if some PPPoE session was added and deleted, after performing Routing Engine switchover operation, the Broadband Remote Access Server (BRAS) might fail to allocate PPPoE session IDs on interFace Descriptor (ifd). PR896946
In multicast over AE scenario, if there is a different order of child IFLs (logical interface) under parent AE at master Routing Engine and backup Routing Engine, then after Routing Engine switchover, multicast traffic might get lost. PR915440:
"Too many I2C Failures" alarm happens when a FRU (in this case: PWR-MX960-4100-AC-S) experienced 6 consecutive i2c read/write failure. While the PEM still providing power to the chassis, chassisd daemon cannot read/write information from the PEM until it is reseated. In recent investigation, engineering team has come up some enhancements for this MX960 HC AC PEM: 1. PEM i2c bus hang avoidance 2. Junos OS recovery from a hung i2c bus 3. noise reduction This Junos OS eliminates the need for the PEM FW upgrade, and at the same time is 100% compatible with those PEMs which have been upgraded. PR928861
PCS statistics counter(Bit errors/Errored blocks) not working on the T400 Core Router PIC (12*10GE, 24*10GE) for Type-5 FPC. PR942719
Digital Optical Monitoring MIB jnxDomCurrentRxLaserPower gives wrong value. PR946758
In very uncommon situation, we will see LCCs chassisd state is inconsistent with SFC chassisd state. This is very misleading in troubleshooting stage. PR963342

Layer 2 Features

In a protocol-mastership transition, the ksyncd process might fail to clean up the kernel VPLS routing tables due to dependencies such as VLANs not being cleaned up first, leaving the tables in an inconsistent state. ========== BACKGROUND ========== A global GRES, which will cause a master Routing Engine to transition to backup, WILL require all Kernel state to be cleaned so that it can start a fresh resync from the new master. Ksyncd is tasked with cleaning up Kernel state. On cleaning routing tables, if any table has a non-zero reference count, it will return "Device Busy" to the ksyncd. Ksyncd will try 5 successive cleanup attempts after which it will trigger a live Kernel core. ======= PROBLEM ======= In ksyncd's kernel cleanup, the Bridge Domain mapped to a VPLS routing table is deleted AFTER an attempt is made to delete the route table. This is a catch-22 since BDs hold reference counts to the routing table. ===== FIX ==== Cleanup of VPLS routing tables should proceed bottom up in the following order: NextHop Deletes, User Route Deletes, Interface Deletes(ifd,ifl,iff), STP Deletes, Bridge Domain Deletes, Mesh Group Deletes and finally Routing Table delete. This ensures that when we get to routing table delete, all dependencies, that could hold a ref cnt to the routing table, are now gone. PR927214
Service accounting interim updates not being sent. PR940179
When link level adjacency across IRB interface goes down, targeted LDP session might also go down even if there is an alternate route. PR959396

MPLS

When static LSPs are configured on a node, RPD could assert upon committing a MPLS-related configuration change. Example: router> show system rollback compare 9 8 [edit protocols mpls] interface ae11.0 { ... } + interface as3.0 { + admin-group red; +} [edit protocols isis interface as3.0 level 2] ! inactive: metric 2610; The following error is seen in /var/log/messages in-relation to a static lsp, immediately following the above-mentioned configuration change: rpd[1583]: UI_CONFIGURATION_ERROR: Process: rpd, path: [edit groups STATELESS_ARIADNE protocols mpls static-label-switched-path static-lsp], statement: transit 1033465, static-lsp: incoming-label 1033465 has already been configured by this or other static applications. PR930058
MX Series routers with FPCs could crash during next-hop resolution triggered by indirect next-hop change. PR944393
In certain circumstance, the Junos OS rpd route flash job and LDP connection job are always running starving other work such as stale route deletion. These jobs are running as LDP is continuously sending label map and label withdraw messages for some of the prefixes under ldp egress policy. This is due to LDP processing a BGP route from inet.3 for which it has an ingress tunnel (the same prefix is also learned via IGP) creating a circular dependency as BGP routes can themselves be resolved over an LDP route. PR945234
In a highly scaled configuration the reroute of transit RSVP LSPs can result in BGP flap due to lack of keepalive messages being generated by the Routing Engine. PR946030
On IS-IS interfaces configured with point-to-point and ldp-synchronization, after a change of IP address on the interface from the remote router, and if the old LDP adjacency times-out after the new LDP adjacency is up, the IS-IS protocol will be notified about old LDP adjacency down event, and the LDP sync state will remain in hold-down even if the new LDP adjacency is up. PR955219
When Packet Forwarding Engine fast reroute (FRR) applications are in use (such as MPLS facility backup, fast-reroute, loop free alternates), a flap of the primary path could be triggered due to an interface flap or by Bidirectional Forwarding Detection (BFD) session flap. However, this interface/session flap might lead to a permanent use of the backup path, which means the original primary path could not be active again. PR955231
We add timer for all aggregate LDP prefixes but are not deleting it when the timer expires because of a bug. Since the timer is not expiring, we never update the route for any change. This will be sitting in the routing table as a stale entry. PR956661

Platform and Infrastructure

In the Network Time Protocol (NTP) configuration, if the specified source ip address is not in current routing-instance, the router will use primary address of interface (which will be used to send packet) as source address, Client routers will treat the NTP packets as incorrect packets, and then NTP synchronization failed. PR872609
After interface reset, CoS information might not be applied correctly to Packet Forwarding Engine, leading to inconsistency in scheduling/shaping in Qx Chip. PR908807
In a MX-VC environment, in certain situations the inter-chassis traffic might not be equally balanced across all available vcp links after adding extra links. PR915383
The system MAC address is not getting saved in a unified in-service software upgrade (ISSU) blob and it is not getting programmed again by the Routing Engine when the Packet Forwarding Engine re-connects. The hash seed is generated by using the system MAC address and since it is not saved in a unified ISSU blob, after a unified ISSU it is 0 and the hash seed is generated using that. If an FPC reboot, then it will get the correct system MAC address and generate the hash seed based on that. This will cause different FPCs in the system to have different hash seeds and could cause AE multicast traffic loss if the ingress and egress FPCs have different hash seeds. PR915933
On front panel display LED status for PSM is incorrect after manually Remove/Insert of PSM. PR937400
"Total errors" counter of MAC statistics on MX DPC(ge/xge) is always 0. PR942183
TWAMP connection/session will come up only if the session padding length is greater than or equal to 27 bytes on the TWAMP Client, the valid range of padding length supported by the TWAMP Server is 27 bytes to 1400 bytes. If IXIA is used as the TWAMP Client, packet length range from 41 bytes to 1024 bytes is supported. PR943320
On MX Series routers with DPCs, when forwarding table filter (FTF) is configured for a virtual private LAN service (VPLS) routing instance, the jtree memory corruption might occur if the routing table attached by FTF is destroyed. The route table that is attached by FTF can get destroyed with different events such as interface which is part of the VPLS routing instance flaps or route-distinguisher is changed, etc. PR945669
On MX Series routers with MICs or MPCs, when multicast traffic flows over the integrated routing and bridging (IRB) interfaces, MPC might crash due to memory leak. PR947112
Current display of "cli> request chassis routing-engine hard-disk-test show-status" command for Unigen SSD identified by "UGB94BPHxxxxxx-KCI" is incorrect and can be misleading when use for troubleshooting. For example, attribute 199 is displayed as "UDMA CRC Error Count" is actually "Total Count of Write Sector". PR951277
Traffic unbalance can be seen in output interface of second node in the cascaded topology. Current Junos OS hash-seed implementation on MX Series routers with MICs or MPCs can be used to protect the hash-cascade problem(unbalance at 2nd node output, 0:100 for example) but it doesn't work very well(60:40 or 70:30 can be seen). The fix made enhancement, so that it can deliver 50:50 LB performance nearly. PR953243
On MX Series based platform or T4000 router, when a firewall-filter is applied to allow only trusted IP and router loopback address to request NTP service on the router in case of NTP DDoS attack, the counter for NTP protocol of the output of "show ddos-protection protocols ntp" would be always null, though it is confirmed that there is NTP DDoS attack. The reason for this is that only the multicast NTP packet is treated as NTP packet by filter, whereas the unicast one is not. PR954862
In current Junos OS, a PSM shows dc output value even though it is turned off by switch. This cosmetic bug cause miscalculation of actual usage in 'show chassis power'. PR960865
Upon the deletion of a routing-instance and subsequent commit, error logs are generated from each Type 1 - 3(non E3) based FPC. These logs are cosmetic and can be ignored. PR964326

Routing Policy and Firewall Filters

Policy with Install-nexthop lsp might not work as expected when there is an LSP path change triggering route resolution. PR931741
Configuration of an extended community such as: rt-import:*:* src-as:*:* fails because the wildcard is not allowed during the configuration validation process. PR944400

Routing Protocols

When the IPv6 address on fxp0 is active during bootup, the joining of the all-router group causes the kernel to create a ff02::2 route with a private nexthop, which is not pushed to the Packet Forwarding Engine. When a non-fxp0 interface is active later, the private nexthop will be shared by the non-fxp0 interface as well, resulting in packet drops destined to ff02::2 on the non-management interface. - After this PR, the advertising interface should be configured via the following CLI. [edit protocols] + router-advertisement { + interface <interface_name>; + }PR824998
On MX Series routers containing multiple Packet Forwarding Engines such as MX240/MX480/MX960/MX2010/MX2020 routers, with DPC (Dense Port Concentrator) or FPC (Flexible Port Concentrator) or with line cards designated with "3D", RPD might restart when attempting to send a PIM assert message on an interface (whose interface index exceeds 65536). It is likely that RPD restarts repeatedly, since after RPD has restarted and protocols have converged, the same PIM assert will trigger further RPD restarts. PR879981
On the first hop router if the traffic is received from a remote source and the accept-remote-source knob is configured, the RPF info for the remote source is not created. PR932405
In scaled BGP routes environment, the BGP router has dual Routing Engines , graceful Routing Engine switchover (GRES) and nonstop active routing (NSR) are configured, after performing the operation of deactivate/activate BGP groups and commit the configuration, the BGP router might be stuck in "not-advertising" state. PR961459

Services Applications

Max number of supported IPsec tunnels might depend on networking activity as well. Under heavy networking activities, while DPD (Dead Peer Detection) is enabled, the maximum number of supported IPsec tunnels can drop to about 1800. PR780813
SIP call forwarding might fail when NAT is used between parties even though the SIP ALG is in use. PR839629
In the IPsec scenario, when all available SAs are expired and the sequence number is wrapping for the IPsec packets, the Physical Interface Card(PIC) will delete the Security Association(SA), however this is not reported back to key management process(kmd). This would cause kmd and the PIC being out of sync regarding the known IPsec SAs, then the traffic blackhole might occur. PR933026
FW is trying to create a new pair of flows while a drop flow with the same selector is being installed for traffic initiated from the outside by a different CPU. There is a race condition while accessing the flow type field: - CPU1 (installing the drop flow) - creates the flow and adds it to the flow table while holding the corresponding bucket lock. However, the flow type field is filled in later. - CPU2 (installing another flow with the same selector as the drop flow above) CPU2 will find the entry added by CPU1 but will fail to notice that it corresponds to a drop flow because the type field hasn't been set yet by CPU1. This will lead to checking if there is any softwire info available for the existing flow. The drop flow is installed for outside traffic so no softwire information is available causing the assertion to fail. PR940014
DNS multiple queries A and AAAA might cause the Service-PIC to restart. PR943425
During a rare scenario, switchover on another sp interface can crash a service PIC when running a traffic in hairpinning scenario. PR945114

Subscriber Access Management

LNS-Service accounting updates not sent. PR944807
Radius attribute ignore logical-system-routing-instance not ignoring VSA26-1. PR953802
Configuration change of the IPv4 address range in address-assignment pool does not always take effect. PR954793

User Interface and Configuration

If a configuration file which contains groups related configuration is loaded by command "load replace", a "commit confirmed" operation might fail. When this issue occurs, the new configuration is committed even if you do not confirm it within the specified time limit. PR925512

VPNs

In Multicast-VPN scenario, when multiple instances exist and tunnel sources configured in more than one instance, routing protocol daemon (RPD) might reinitialize with core dump if multiple instances exist and tunnel sources configured in more than one instance or Route Distinguisher (RD) ID is changed. PR877682
The issue happens when the virtual routing forwarding (vrf) is configured "no-vrf-propagate-ttl" and the vrf import policy changes the local preference of the vrf route. With "no-vrf-propagate-ttl", BGP will resolve the primary l3vpn route and the vrf secondary route separately. The root cause is overwriting the route parameters of the second vrf route with the route parameters of the primary route. So when changes the local preference of the vrf route might not work. PR935574
'show route table VRF.mvpn.0 extensive|detail' for mvpn VRF routing tables will not show BGP TSI info (which previously contained the MVPN PMSI attribute) for outgoing MVPN route advertisements. Since PR 908199, TSI info for these routes is shown on the copy of the route advertised from the main bgp.mvpn.0 table. 'show route table VRF.mvpn.0 extensive|detail' now shows the MVPN PMSI attribute in the main body of the route output. PR939684
Issue is with large scale only. PR953449
With these high amount of streams, we have higher number of data-mdt-tlvs to process which is becoming a bottleneck. PR957280

Resolved Issues: Release 13.2R3

Class of Service (CoS)

The output of the show subscribers extensive command displays the Effective shaping-rate field only if you have enabled the effective shaping rate at the [edit chassis] hierarchy level. PR936253
After swapping MPC2E-3D-Q card with MPC2E-3D-EQ card, an interface is still running out of queues with only 32k queues in use. PR940099

General Routing

Ipv6 address syntax on rpd log is violated of RFC 5952. For example, 2002:db8:0:0:1:0:0:1 must be logged as 2002:db8::1:0:0:1 in the logs, but it's logged as 2002:db8:0:0:1::1. 2001:0:0:0:db8:0:0:1 must be logged as 2002::db8:0:0:1 in the logs, but it's logged as 2001:0:0:0:db8::1. The fix is available in 11.4R10, 12.1R9, 12.2R7, 12.3R5, 13.1R4, 13.2R1, and later release. PR840012
A traffic-drd daemon might hang after logging into service PIC and restarting the net-monitor process. PR889982
Intermittent pause occurs when there is heavy load like 2M routes of FDB download from Routing Engine to services PIC. PR898358
When GRES and ARP purging is enabled, frequent route flapping, route entry, and next hop fail to sync up between the master Routing Engine and backup Routing Engine. So, when the master Routing Engine would like to add a new next hop, but see that the backup Routing Engine has already found a next hop with same destination, it makes the backup Routing Engine reboot and crash on both the Routing Engines. PR899468
After changing interface description, the information doesn't get updated in show lldp neighbors output. PR913792
The following note applies for MX Series router with MPC: With respect to this feature, when unified ISSU is performed from feature non-supporting version (for example, 12.2 or 13.1) to feature supporting version (12.3R5 or 13.2R3), then MX Series router with FPC needs to reboot in order to use this feature. PR914772
On MX80 MS-MIC-16G could reboot and produce mspmand core file while doing add/delete of 6k NH service-sets at mspman_fdb_msg_handler (conn=<value optimized out>, ipc_msg=0x1006ae018, cookie=<value optimized out>). PR915784
For TXP-3D SIB, 'XC HSL Link Error' alarm is generated when HSL2 link is faulty with CRC errors. 'XC HSL Link Error' alarms are not cleared after optics disable and enable or a cable is swaped for a bad cable. The 'XC HSL Link Error' alarms are stale alarms after fixing the faulty HSL2 link and CRC errors. PR926414
Following chassisd messages might be observed after executing the show chassis fabric summary command:
FM: Plane Sate: 1 1 1 1 2 2 0 0; staggered_pmask: 15 2a 00 00 00 00 00 00 FM: Mux active/trained: 0/0 0/0 0/0 0/0 0/0 0/0 0/0 0/0; Mode:1 act_mask:3f
These are non-impacting debug messages. Junos OS Release 12.3R5 and later have the fix. PR927453
Duplicate ESP sessions are created for single IPsec service-set. PR928158
SPMB on LCC node is crashing due to running out of memory after 38 days of uptime. The voltage monitoring in 10 seconds interval of the SIBs caused memory depletion, and after 38 days of uptime no more memory is available. Once the SPMB comes back up, all fabric connections will get restarted and be operational after all re-initialization is finished. During this restart time, production traffic is affected. The following syslog messages will get reported illustrating that the IPC connection is being dropped and offline/online of the LCC SPMB:
chassisd[1579]: CHASSISD_IPC_CONNECTION_DROPPED: Dropped IPC connection for SPMB 0 chassisd[1579]: CHASSISD_SNMP_TRAP10: SNMP trap generated: Fru Offline (jnxFruContentsIndex 14, jnxFruL1Index 11, jnxFruL2Index 0, jnxFruL3Index 0, jnxFruName LCC4 SPMB 0, jnxFruType 10, jnxFruSlot 10, jnxFruOfflineReason 2, jnxFruLastPowerOff 329953319, jnxFruLastPowerOn 1482) chassisd[1579]: CHASSISD_SNMP_TRAP10: SNMP trap generated: FRU power on (jnxFruContentsIndex 14, jnxFruL1Index 11, jnxFruL2Index 0, jnxFruL3Index 0, jnxFruName LCC4 SPMB 0, jnxFruType 10, jnxFruSlot 10, jnxFruOfflineReason 2, jnxFruLastPowerOff 329953319, jnxFruLastPowerOn 329960352
The following command can be used to monitor the memory utilization of the LCC SPMB Card. The output below utilization is reporting 99%:
user@host-re0-router> show chassis spmb Oct 13 10:44:45 <..> lcc0-re0: -------------------------------------------------------------------------- Slot 0 information: State Online Total CPU Utilization 16% Interrupt CPU Utilization 0% Memory Heap Utilization 99% <**** Buffer Utilization 22% Start time: 2013-09-05 05:09:29 UTC Uptime: 38 days, 4 hours, 30 minutes, 30 seconds Slot 1 information: State Online - Standby Total CPU Utilization 0% Interrupt CPU Utilization 0% Memory Heap Utilization 0% Buffer Utilization 0% Start time: 2013-09-05 05:12:49 UTC Uptime: 38 days, 4 hours, 27 minutes, 10 seconds
PR930259
MS-PIC might crash in IPsec environment after deleting "tcp-mss" knob under IPsec "service-sets" hierarchy. PR930741
If a route is getting resolved over another route that has a non-forwarding INH(indirect next hop), rpd process will crash. PR930843
When P2MP LSP is protected by link protection, it could have active and multiple standby next-hops. If one of the next-hops, regardless of whether it is an active or standby one, is removed due to FPC power-off or failure, the multicast diagnostics process (mcdiagd) falls into an infinite loop during collection of next-hop information. PR931380
The XLP PIC in an MS-MPC can get stuck while trying to get the IP Address from FPC if the PIC was reset while booting up. As a workaround, reset the MS-MPC. PR933371
Fixing Junos OS that regex constraint violation for field Root-Cause with value "software-design”. PR933958
If MX Series router is in increased-bandwidth fabric mode, pulling out one SCB might cause packets loss. PR934544
tcp_inpcb buffer leak in ADC and TLB service PICs. PR934768
When a SNMP walk is performed to query the native VLAN (mib-2.17.7.1.4.5.1...: dot1qPvid) or the logical type (trunk or access) of the interface (mib-2.17.7.1.4.3.1.5...: dot1qPortVlan) might cause a memory leak on the Layer 2 address learning process (l2ald), and the process might crash with a core file generated. PR935981
If IPv6 duplicate address (DAD) is detected, interface can't recover to normal state after flapping interface. Reconfiguring IPv6 address will resolve this issue. PR936455
With scaled configuration of ATM VCs (~4000 VCs) on a single MIC-3D-8OC3-2OC12-ATM ATM MIC, the MIC might crash. The crash is not seen with lower scale (i.e. less than 3500 VCs per MIC). PR947434

Interfaces and Chassis

Tx and Rx Spanning-tree BPDU stopped intermittently during unified ISSU. PR849201
In a scenario when CCM has been running for awhile and a user issues the show oam ethernet connectivity-fault-management interfaces interface-name extensive command, the initial value reported for CCMs sent is wrong and when the command is executed immediately again, the value is correct. PR880615
Problem scenario: CFM UP MEP for Bridge/VPLS is configured on MPC with action profile as 'interface down' Problem statement: When the CFM sessions go down due to network outage at the core, action profile is triggered and configured interface is brought down. When the Core network failure is corrected, CFM will not automatically recover because interface will continue to remain down. PR884323
When MX Series routers are running with MC-LAG in active-active mode, the layer 2 address learning daemon (l2ald) might crash if a MAC address is being deleted from one port while the same entry is locally learned on a different port. PR888636
Error message CHASSISD_IPC_DAEMON_WRITE_ERROR is seen in the messages log when there is a Routing Engine mastership change (system reboot, Routing Engine reboot, GRES switchover CLI command), which causes a restart of alarmd,which breaks the IPC connection between alarmd and chassisd. Chassisd does not detect that the IPC connection has been broken, because it is busy processing the mastership change, and then tries to send alarm information to alarmd during this time. So it encounters a write error (broken pipe) and logs the message. PR908822
In Multichassis Link Aggregation (MC-LAG) scenario, when MC-LAG works on Active-Active mode, if the link of MC-LAG flaps repeatedly, the layer 2 address learning daemon (l2ald) might crash with a core file generated. PR913222
Due to a bug in Packet Forwarding Engine microkernel driver for MX Series MICs, slight variations of the readings from a built-in DC-DC converter may cause ports of the MIC to go down with the following message logged: Ixchip(0): pio_handle(0x4b1ea7d8); pio_read_u32() failed: 1(generic failure)! ix_inq-addr=00200a30 Only MIC-3D-2XGE-XFP (750-028380) cards are affected by this software defect. PR919618
Traffic that uses MPLS next-hops enter bridge-domain via IRB interface and if forwarding next-hop moves from non-aggregate interface to aggregate interface (MAC move), the MPLS next-hops are not correctly programmed in the Packet Forwarding Engine. The child next-hop of the aggregate interfaces is missing. IPv4 traffic is not affected. This problem is visible in the following Junos OS Releases or later: 11.2R8,11.4R7,12.1R5 and 12.2R3. PR924015
Problem Statement: OAM Packets do not get forwarded with UP and Down MEP configured in access and core interfaces of the bridge down respectively along with MIP configured on the BD. PR925288
In PPPoE subscriber management environment, when PPP daemon is receiving an LCP packet with an invalid code ID and without any option, jpppd process crashes with a core file generated. PR929270
After APS switchover, duplicate packets might be received from the backup circuit under SONET APS configuration with channelized enhanced intelligent queuing (IQE) interface. PR930535

Layer 2 Features

In MX Virtual Chassis (MXVC) scenario, under high-scale system environment (many Aggregated Ethernet interfaces, many logical interfaces), after performing global graceful Routing Engine switchover (GRES) by CLI command "request virtual-chassis routing-engine master switch", the Link Aggregation Control Protocol (LACP) state of access Link Aggregation Group (LAG) interface might change and therefore result in traffic loss. PR885013
show snmp mib walk ascii jnxVpnIfStatus command doesn't work for BGP VPLS when there is incompleted BGP VPLS instance configuration or LDP VPLS instance. PR918174
In BGP autodiscovery for LDP VPLS scenario, as FEC129 VPLS does not support nonstop active routing (NSR), VPLS fails to come up after Routing Engine switchover and traffic will never resume. PR919483
A global GRES, which will cause a master Routing Engine to transition to backup, will require all Kernel state to be cleaned so that it can start a fresh resync from the new master. PR927214
In Ethernet ring protection scenario, upon FPC reboots the STP index will get mis-aligned causing traffic drop. When this issue occurs the following message can be seen. Before FPC restarts:
user@router> show protection-group ethernet-ring vlan Ethernet ring IFBD parameters for protection group Ring1 Interface Vlan STP Index Bridge Domain xe-5/3/0 302 222 default-switch/v302 xe-0/2/0 302 223 default-switch/v302 xe-5/3/0 308 222 default-switch/v308 xe-0/2/0 308 223 default-switch/v308 After FPC restarts: user@router> show protection-group ethernet-ring vlan Ethernet ring IFBD parameters for protection group Ring1 Interface Vlan STP Index Bridge Domain xe-5/3/0 302 245 <<<< default-switch/v302 xe-0/2/0 302 223 default-switch/v302 xe-5/3/0 308 222 <<<< default-switch/v308 xe-0/2/0 308 223 default-switch/v308
PR937318

MPLS

This message was used to record error condition from nexthop installer. Over time, it becomes common function and same message will be printed in many valid conditions, leading to confusion on these message-logs. PR895854
The output of the show ldp overview command regarding graceful restart is based on per protocol LDP graceful restart settings, where graceful restart is enabled by default. So when graceful restart is disabled, this command shows it's enabled for LDP. However graceful restart should be enabled globally for LDP graceful restart to operate. PR933171

Network Management and Monitoring

Mib2d may get ATM VPI updates before the ATM physical interfaces are learned. In such cases instead of discarding the updates, mib2d has started caching them until the physical interface is learned. PR857363
On FPC restart, it does not assign the OBJECT-TYPE dynamic of ipNetToMediaType to the ipNetToMediaType value for this interface. PR937913

Platform and Infrastructure

Without this PR fix, commit script applied configuration may emit the XNM RPC errors when there is XML tag mismatch detected:
error: [filename: xnm:rpc results] [line: 771] [column: 7] [input: routing-engine] Opening and ending tag mismatch: routing-engine line 7 and rpc-reply error: [filename: xnm:rpc results] [line: 773] [column: 6] [input: rpc-reply] Opening and ending tag mismatch: rpc-reply line 6 and junoscript error: [filename: xnm:rpc results] [line: 774] [column: 2] [input: junoscript] Premature end of data in tag junoscript line 2
PR922915
In subscriber management scenario, memory leak might occur when the firewall fast-update-filter feature is configured, and it will impact any new subscriber login. Such memory leak can be seen with following command:
root@router> show chassis fpc Temp CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt DRAM (MB) Heap Buffer 0 Online Absent 8 0 1024 70 << 13 1 Online Absent 8 0 1024 29 13
PR926808
DDOS_PROTOCOL_VIOLATION alarm shows incorrect timestamps <time-first-detected> and <time-last-detected> on messages. Both fields indicate the same timestamps. Timestamps <time-first-detected> and <time-last-detected> are overwritten. The fix is available in 12.3R5, 13.1R4, 13.2R3 and later releases. PR927330
Under certain timing conditions the MPC/TFEB can receive the firewall filter configuration before it is fully booted/UP/ONLINE. Because the firewall filters can depend on certain default values that are not yet programmed the MPC/TFEB will crash/core-dump and reboot/restart/reload. PR928713
When replacing I-chip FPC with MX Series FPC, "traceroute" packets going through a MX Series FPC might experience higher drop probability than when using an I-chip FPC. PR935682
On MX Series routers with DPC type FPCs running a 11.4 (or newer) Junos OS release, disabling family inet with uRPF enabled on a logical interface might result in another logical interface on the router to drop all incoming IPv4 packets. PR936249

Routing Policy and Firewall Filters

Junos OS releases with a fix for PR/706064 have a regression where the vrf-import policy sanitation logic is faulty. A "# commit check" will fail when the first term references a 'target' community and the second term references an 'origin' community. This should pass the check. PR911350

Routing Protocols

BGP "accepted-prefix-limit" feature might not work as intended when it is configured together with "damping". Root cause of this issue is that when the BGP module counts the maximum routes accepted from BGP neighbor, it doesn't count the accepted BGP routes which are in damping status. So when these damping routes are reused, the total number of received BGP routes exceeds the configured value for "accepted-prefix-limit" . PR897124
DR sends a delayed ACK to the LSA on the interface on which the LSA is flooded. This leads to BDR sending only directed ACK to DR. DR-Other is therefore not receiving this ACK and is hence retransmitting the LSA to BDR. PR914803
When nonstop active routing (NSR) is configured and path-selection is changed, there might be a non-functional impacting rpd core during the commit process. PR928753
show route advertising-protocol bgp <nbr> table foo.mvpn.0 stops working. PR929626
Avoid the following show command in a VPN setup show route advertising-protocol bgp <nbr_addr> table foo.inet.0, where <nbr_addr> is peer within routing-instance "foo" PR936434
In MVPN scenario, while performing CLI command show route advertising-protocol bgp <neighbor>, the rpd might crash due to a timing issue that BGP rib for bgp.mvpn-inet6.0 table is NULL. PR940491

Services Applications

NAPT: Packet Forwarding Engine side reports that the port range starts from 512, causing the napt mib counter to be incorrect. This fix make the port range in pfe start from 1024. PR828450
In Carrier Grade NAT scenario, MS-PIC might crash and generate a core file when Port Block Allocation (PBA) block size is relatively big (8192 ports per block). This issue usually happens when a new block needs to be allocated because the block currently is exhausted. PR874500
In the Session Initiation Protocol(SIP) Application Layer Gateway(ALG) with port block allocation enabled scenario("user@root# set services nat pool <pool-name> secured-port-block-allocation block-size <block-size>"), a SIP call to be set up and the ports block are allocated for the media flows. When the SIP media flows time out, the APP mapping starts using another port block. But if not enough port blocks are allocated, the services PIC might crash. PR915750
In a CGNAT environment, active FTP operations fail when there is a latency issue in the network. During TCP retransmission, FTP ALG is not translating any fields in the Request: PORT command. As a result, the server tries to establish the data flow to the private IP address and to an incorrect TCP port, and it fails as expected. PR916376
If multiple service sets with different number of NAT rules/pools are configured, Services PIC might crash when SNMP walk is performed on jnxSrcNatStatsTable. PR928169
When tcp session is initiated from inside client and three-way handshake is not completed due to the fact that client did not ack the syn-ack send from the server, service pic will send a tcp reset to the server after the timer expires. In this case tcp reset is sent in the wrong direction, instead sending in the outbound direction to the server, service pic will send it in the inbound direction. This PR fixes this issue. No service impact is seen because of this. PR931433
No SNMP trap generated when NAT or Flow sessions reach the threshold. PR933513
When L2TP subscriber is connected and disconnected, MX Series performing the role of L2TP LAC is not including Acct-Tunnel-Connection (68) Attribute in RADIUS Acct-Start and Acct-Stop messages, respectively. PR935602
Interim-logging is now supported with NAT64 on microkernel (MS-DPC) platforms. The same pba-interim-logging-interval knob under 'service-options' under the service interface will enable the feature for NAT64 as well. PR935606

Software Installation and Upgrade

In this case, since the high-level package ( jinstall) is signed, the underlying component packages are not required to be signed explicitly. However, the infrastructure was written in such a way to display a warning message if the component package is not signed (for example, jpfe). PR932974

Subscriber Management and Services

If the RADIUS Accounting Server is down, the RADIUS Attribute 49 (Acct-Terminate-Cause) is missing in the Accounting STOP messages. This will happen after the first retransmit cycle. PR879368
Due to some timing issues, MX Series was generating wrong LLPDF logs "LLPDF: llpdf_client_connection: Unknown session" every 10 seconds. This misbehavior has been fixed by the changes on this PR. PR894013
If there is secureId configuration present on the chassis, when the validate phase of "request system software add" runs, the netstat might crash because the system cannot load the SecureID module during syntax checking. The generation of the core has no affect on the verification results, and does not adversely affect the upgrade/downgrade operation. PR911232
test aaa ppp command not returning all VSA. Also some VSA values returned are incorrect. PR921462
When destination-override is used (root@user# set system tracing destination-override syslog host <host-ip>), the userAccess events are not sent to the external syslog server. PR931975

VPNs

Stitching LDP signaled TDM pseudowires using CESoPSN encapsulation fails due to the wrong payload size value being sent as part of the label mapping messages exchanged between the LDP neighbors. PR924680
Configuration version (child rpd) of rpd generates a core file when doing a commit or commit check. PR930080

Resolved Issues: Release 13.2R2

Forwarding and Sampling

After committing some configuration changes (e.g. deactivate an interface), while the Packet Forwarding Engine process (PFEd) tries to get statistics of some nodes, it might encounter a NULL node, causing PFEd to crash and generate a core file. PR897857
The L2ALD daemon might generate a core file whenever a configured mesh group or routing instance type change is followed by a logical system delete. If this does occur, the presence of a core file is an indication that this problem has been encountered. The system will function normally after the daemon restarts. PR914404
When pfed gets restarted during a period when pfed is communicating with mib2d, because the communication sockets had been terminated and failed to be re-opened after pfed came back up again, mib2d might crash and generate a core file. The core files could be seen by executing the CLI command show system core-dumps. PR919773

General Routing

In some cases, the idle-timeout that was configured for a Telnet user is different from the timeout that is applied. PR754046
Only 94 GRE(plain) sessions are in Established state after chassisd restart. PR801931
This error is seen when no license is revoked on the master Routing Engine. It is safe to ignore as it will not affect any licensing functionality. PR859151
When a switchover to the backup member interface is done in an AMS interface having an N:1 fail-over configuration, the session distribution on the member interfaces might not be proper after the backup becomes the new active interface. This might result in traffic loss due to over subscription of sessions on one of the member interfaces of AMS bundle. PR863834
With TCP-tickle enabled, when the host is not responding, the interval between two tickles is the inactivity-non-tcp-timeout configured. If the host does not reply after the configured numbers of tickles, the session is cleared after configured inactivity-non-tcp-timeout once the last tickle is sent. PR863935
FPCs in LCC are getting rebooted when CIP cable is pulled out ungracefully from SFC CIP. PR865098
There is no nat-pool-release message appearing in syslog (under class nat-logs) when the Network Address Translation (NAT) pool/port is released after the sessions close. Adding the function since Junos OS release 13.2R2. PR871119
FTP/TFTP ALG connections/sec is limited to 10K connections/sec. PR875490
SNMP trap is not generated upon Fabric chip failure/offline/online state on MX Series routers. PR877653
Under certain circumstances, after some configuration changes are made, kernel crash is observed leading to an Routing Engine reboot. The issue is identified as an interface that is not initialized properly getting packets. Future code enhancements have ensured that the system doesn't crash but will discard the packet. PR878921
lrmuxd core seen when commiting changes related to BD or routing-instance. The following messages appear and commit fails user@node01# commit error: Check-out pass for Logical system multiplexer process (/usr/sbin/lrmuxd) dumped core (0x86) error: configuration check-out failed. PR883090
RPD might generate core file if HFRR (Host Fast Reroute) is enabled on two logical interfaces in the same routing instance for IPv6 and if link-local address is configured on those logical interfaces. The core files could be seen by executing the CLI command show system core-dumps. PR886424
Backup Routing Engine failed to commit with error "pdb_update_ddl_id: cannot get new id for " dynamic-profiles dynamic-profiles profile-name"",commit full is a workaround. PR888454
With AMS and NAT configured together, SNMP MIB walk for the NAT MIBS "jnxNatRuleTable" and "jnxNatPoolTable" will not work as expected. PR890599
Incorrect display of port numbers for fragmented traffic as Fragments do not have L4 headers. PR891312
When a bgp route is resolved using a next hop that is also learned in bgp (i.e. there are multiple levels of next hop resolution) and bgp multipath is also used, during a route churn nexthop for such a bgp route could be incorrectly programmed. PR893543
An MX Series VC NSR master switch might put kernel control socket in stale state, and in the subsequent NSR master switch, the kernel will refuse the connection from FPC. As a result, the FPC would be rebooted during the switchover process. PR896015
When a filter/fw configuration is modified, poisoned next hops (log message Packet Forwarding Engine: Detected error nexthop) are reported and an automated jsim is performed on the affected packets. This is happening on Packet Forwarding Engines with two jtree segments. The issue is transitory. PR897107
Upon configuring AMS and MS together along with NAT, the NAT-based counters will show incorrect INFO. PR898088
On M40e/M160 platforms, after offlining of any FPC (not fpc-slot 5), interfaces on FPC slot 5 will be deleted. PR898415
The CPU USAGE in CPU USAGE ZONE change syslog will be displayed in a value ranging from (0-1). It will not be displayed in percentage ranging from (0-100) percent. PR899420
In Release 13.2R1, for SIP-ALG, using Source static NAT, we would see ""unknown RTP version 1" messages sent by the phones. PR899530
In a subscriber management environment, in a rare case, VLAN auto-sensing daemon (autoconfd) might crash and create a core file because Session Database (SDB) is inaccessible. PR899747
Some ATM interfaces might stay down after flapping the Circuit Emulation MIC. PR900926
100G Ethernet interface (Finisar FTLC1181RDNS-J3) on T4000 type-5 FPC might flap once after bringup . The solution is changing the register bandwidth. PR901348
With RTSP ALG + NAPT, Interleave packets are dropped on the sparks MIC. PR902177
set system ddos-protection protocol sample aggregate bandwidth command is not taking effect. This can cause packet loss in ukernel for Routing Engine based sampling if the sampling rate exceeds 1000pps. PR905807
The bootup configuration on the TXP platform referencing routing-instance fails to commit. PR906713
MX-VC: VC port conversion not working for second set of added VC ports for VCB. PR906922
VCMm-power down creates stale vlan demux0 entries at the Packet Forwarding Engine level. PR908027
Minimal drop might be observed during high traffic when ipsec rekey is done. PR909504
TCP-MSS adjust doesn't work as expected. PR910659
When adding the "no-tunnel-services" knob under vpls protocols of routing-instances, during the processing gap of the new knob, if the routing protocol process (rpd) restarts (that is, rpd crashes), logical interfaces with VPLS family do not show up, and there are no logical interfaces available for the corresponding VPLS routing instances. Hence, VPLS connections might be down (stuck in LD state) and cannot be recovered automatically. PR912258
10GbE interface on MIC3-3D-10XGE-SFPP stays up even if far end is disabled and goes down. Since the interface on MIC3-3D-10XGE-SFPP cannot react to remote failure, CCC circuit cannot change the state correctly, if port of MIC3-3D-10XGE-SFPP is configured as CCC end point. PR914126
FPC crash can be triggered by an SBE event after accessing a protected memory region, as indicated in the following log: "System Exception: Illegal data access to protected memory!" The DDR memory monitors SBEs and reports the errors as they are encountered. After the syslog indicates a corrupted address, the scrubbing logic tries to scrub that location by reading and flushing out 32-byte cache line containing that location in an attempt to update that memory location with correct data. If that memory location is read-only, it causes illegal access to protected memory exception as reported and resets the FPC. The above-mentioned scrubbing logic is not needed because even if SBE is detected, the data is already corrected by the DDR and CPU has a good copy of the data to continue its execution path. This issue can be triggered on the T4000. PR919681
SPMB on LCC node is crashing due to running out of memory after 38 days of uptime. The voltage monitoring in 10 seconds interval of the SIBs caused memory depletion, and after 38 days uptime no more memory is available. Once the SPMB comes back up all fabric connection will get restarted and back operational after all re-initialization is finished. During this restart time, production traffic is affected. The following syslog messages will get reported illustrating the IPC connection being dropped and offline/online of the LCC SPMB:
chassisd[1579]: CHASSISD_IPC_CONNECTION_DROPPED: Dropped IPC connection for SPMB 0 chassisd[1579]: CHASSISD_SNMP_TRAP10: SNMP trap generated: Fru Offline (jnxFruContentsIndex 14, jnxFruL1Index 11, jnxFruL2Index 0, jnxFruL3Index 0, jnxFruName LCC4 SPMB 0, jnxFruType 10, jnxFruSlot 10, jnxFruOfflineReason 2, jnxFruLastPowerOff 329953319, jnxFruLastPowerOn 1482) chassisd[1579]: CHASSISD_SNMP_TRAP10: SNMP trap generated: FRU power on (jnxFruContentsIndex 14, jnxFruL1Index 11, jnxFruL2Index 0, jnxFruL3Index 0, jnxFruName LCC4 SPMB 0, jnxFruType 10, jnxFruSlot 10, jnxFruOfflineReason 2, jnxFruLastPowerOff 329953319, jnxFruLastPowerOn 329960352
The following command can be used to monitor the memory utilization of the LCC SPMB Card:
lab@sfc0-re0-router> show chassis spmb Oct 13 10:44:45 <..> lcc0-re0: -------------------------------------------------------------------------- Slot 0 information: State Online Total CPU Utilization 16% Interrupt CPU Utilization 0% Memory Heap Utilization 99% <**** Buffer Utilization 22% Start time: 2013-09-05 05:09:29 UTC Uptime: 38 days, 4 hours, 30 minutes, 30 seconds Slot 1 information: State Online - Standby Total CPU Utilization 0% Interrupt CPU Utilization 0% Memory Heap Utilization 0% Buffer Utilization 0% Start time: 2013-09-05 05:12:49 UTC Uptime: 38 days, 4 hours, 27 minutes, 10 seconds
PR930259

High Availability (HA) and Resiliency

During every failover of redundancy-group 0, the /etc/ssh and /var/db/certs directories are copied from primary node to secondary node. However, the directories are not copied correctly and nested directories such as /etc/ssh/ssh, /etc/ssh/ssh/ssh are created. PR878436
During unified ISSU (13.1 to 13.2), Dark window is 10-15 Mins. This is because the interface descriptors on FPCs are not synchronized during FRU upgrade. Hence loss of traffic till GRES. PR891837
In certain systems configured with GRES, there is the possibility for the master and backup Routing Engines to reach an inconsistent view of installed state. This fault might be exposed if the master Routing Engine experiences a mastership watchdog timeout at a time when it is not in sync with the backup Routing Engine for a particular piece of state. In practice, this possibility exists only for a short time period after a Routing Engine mastership change. Under such conditions, a replication failure might cause the backup Routing Engine to panic. If the failure is seen, the backup Routing Engine will recover on restart. In 11.4 and 12.1 releases without this fix, the fault might be experienced on any GRES-enabled, non-multichassis configuration on a T Series router. For 12.2 and later releases without this fix, the fault might be experienced on any GRES-enabled, non-multichassis configuration on a T Series or MX Series router. PR910259

Infrastructure

If a router receives the BGP keepalive at time t, the next keepalive is expected at time t+30 secs (+/- 20% jitter). However, right around the time when the next keepalive is expected to be received, the BGP keepalive packet is dropped due to some network issue (for example, uplink towards peer flaps). During this scenario, retransmission of the BGP keepalive message on the BGP peer would take long time, and the BGP session will be terminated due to hold timer expiry. PR865880
When multicast is running on a multichassis environment, during flapping of 224/4 or ff00/8 pointing to mResolve(NH), the LCC master might get a replication error causing all FPCs going offline. This flapping of resolve route for multicast can occur because of any of the following reasons: enabling or disabling multicast, deletion of resolve route, or routing restart. PR897428
In a multihop IPv6 BGP session scenario, after configuring single-hop BFD session on the multihop IPv6 BGP neighbor, the kernel might try to access a NULL pointer, causing the kernel to crash and generate a core file. PR898153
Checksum error seen on ICMP reply when 'sequence, data' field in request is set to '0'.PR898487

Interfaces and Chassis

On an E1 interface, when the interface flaps on the CE side of the connection, interface will flap a second time on the PE side. PR690403
DCD reports error when configuring hierarchical-scheduler on the MX80 with QX chipset. This is a cosmetic error, and it should not have functional impact. PR807345
Traffic loss is seen when multiple inbound and outbound IPsec tunnels are created for a single SA during tunnel renegotiation after the lifetime expiry. PR827647
M7i Routing Engine Crashed with last reboot reason panic:page fault and kernel core, after commit. PR868212
When Address-Saving is enabled, LCP Protocol-Reject might contain incorrect information in "Rejected" information. The "Rejected" information should contain the copy of the rejected packet. PR873214
To configure FEC thresholds via CLI, use string format with mantissa and exponent as follows:
set interfaces et-1/0/0 otn-options signal-degrade ber-threshold-signal-degrade 1.23E-4set interfaces et-1/0/0 otn-options signal-degrade ber-threshold-clear 2.34E-5
PR886572
While a duplicate interface address (IFA) is configured for two interfaces, software will accept that and generate an error message like this:
%CONFLICT-4-DCD_PARSE_WARN_INCOMPATIBLE_CFG: [edit interfaces ge-0/0/0 unit 0 family inet address x.x.x.x/xx] : Incompatible configuration detected : identical local address is found on different interfaces
But the kernel side cannot accept a duplicate IFA and needs to delete the next hop created for this operation. Due to code problem, the cleanup doesn't remove the duplicated IFA under heavy kernel workload, and it will crash while trying to update this duplicated IFA to the Packet Forwarding Engine side. PR891672
Following is the document change proposed :- traceroute-ethernet-command :- Source MAC address : MAC address of 802.1ag node responding to the LTM Next-hop MAC address: MAC address of egress interface of the node where LTM would be forwarded show-oam-ethernet-connectivity-fault-management-linktrace-path-database-command :- Source MAC address : MAC address of 802.1ag node responding to the LTM Next-hop MAC address: MAC address of egress interface of the node where LTM would be forwarded The display of Next-hop MAC address is incorrect for linktrace path database command. PR895710
The 100G Ethernet PIC interface might not up after a few successive flaps done immediately. PR902222
Reboot after panic: xe-0/1/0: bitstring index 7 not empty for 01:00:5e:00:00:01 ( fix needed for MPC/MIC). PR905417
CFM daemon can crash (13.2R1/12.3R4) when there is change in distribution of CFM sessions on the fly. It is suggested to deactivate and activate OAM configuration during this catastrophic configuration change. PR905812
Below mentioned trigger with CFM performance-monitoring sessions configured (in delegate-server-mode) with low interval can cause line card crash on MPC. - Flapping of CFM sessions or configuration change causing CFM adjacencies to be deleted. The probability is more for lower Iterator period and same Iterator-profile being shared by multiple CFM sessions. PR907914
The MX Series router does not always process the first LCP request for a static PPPoE subscriber. PR908457
Issue is because of vrrpd not configuring vrrp group id, and state when it’s in transition state. In normal scenario when vrrp moves to master, it signals dcd to add the VIP. When VIP gets added, vrrpd gets a notification and updates state and groupd id corresponding to that VIP. While updating state, vrrpd checks the current state. If state is master, it updates state as master. If it’s backup, it updates it as backup. But if vrrp state is in transition, it does not do anything. It might not be seen every time and is a timing issue. One can confirm the incorrect mac address by capturing monitor traffic on the affected irb interface, specifically one who is master VRPP instance. PR908795
When interface is configured with VRRP protocol, IP address associated with interface can disappear after deactivate then activate the routing-instance or interfaces. The krt might be getting stuck and never cleaned up.
XX@hostname> show krt queue Routing table add queue: 1 queued ADD table index 37, gf 1 (1377) error 'File exists'
PR912295
On MS-MICs and MS-MPCs, when packet drops occur because of an IPsec rule mismatch, the rule lookup failure counter is updated only for the first packet that is dropped. The first packet that is dropped because of the IPsec rule mismatch triggers the creation of a drop flow on which the subsequent packets are also dropped. PR920535
For IQ2 PIC, when the setting shaping rate is too high, when you configure it with set chassis fpc 0 pic 1 traffic-manager logical-interface-base-shaping-rate 16, this will reset the shaping rate to 1Gbps. The corresponding messages are logged in debug level. In the fix, it is corrected into info level. PR920690
In MX Series VC environment, if LT interface's encapsulation type is ethernet-ccc, after rebooting FPC with LT interfaces or rebooting system, the LT interface might not come up again. PR922673
Unified ISSU fails on downgrade to 11.4R5 with the following logged messages:
MIC 4/0 will be offlined (In-Service-Upgrade not supported) MIC 4/1 will be offlined (In-Service-Upgrade not supported) Do you want to continue with these actions being taken ? [yes,no] (no) yes error: /usr/sbin/indb failed, status 0x200 error: ISSU Aborted! Chassis ISSU Aborted ISSU: IDLE
This issue happens when a MIC-3D-4OC3OC12-1OC48 card is offline via CLI and removed from the chassis prior to the unified ISSU. PR923569

Layer 2 Features

MX Series does not provide DNS server information in response to DHCPv6 Information-Request. PR874423
DHCPv6 Local Server implementation deletes the client on a reconfigure, so that client can reconfigure. DHCPv6 relay is not forwarding the Reply to the client and simply tearing the client down (generating a release to the server). PR879904
It has been observed that MX Series might not reply to re-transmitted DHCPv6 Solicit and Request messages. This has been addressed by PR and the behavior has been changed, in order for MX Series to be able to reply to all re-transmitted DHCPv6 packets. PR900371
In the VPLS environment, while deactivating/activating VPLS routing-instances, in rare conditions, the routing protocol process tries to free an already used route, then rpd process crashes with core files generated. PR908856

MPLS

IPv6 traceroute might not show some hops for scenarios where 1) Two LSPs are involved. 2) INET6 Shortcuts are enabled. In such scenarios, hops that are egress for one LSP and ingress for the next LSP in the traceroute do not show up. This was a software issue with icmp error handling for packets with ipv6 payload having a ttl of 1. PR899283
RPD might crash under specific conditions and after executing the ping mpls l2vpn interface <interface-name> command. PR899949
With Junos OS Release 12.1R1 or higher, any configuration changes in the MPLS stanza, P2MP LSP connection with a single branch, will flap and cause brief traffic drops if the allow-fragmentation knob is configured under the MPLS path-mtu stanza. No traffic drops are seen if the P2MP LSP has two or more branches. Any application that is using P2MP RSVP LSP is exposed to this issue, like ccc p2mp-transmit-switch and static route with p2mp-lsp-next-hop. PR905483
If the maximum-ecmp next-hops under chassis hierarchy is configured as 32 or 64 (more than the default value of 16), the routing protocol process (rpd) might crash when performing GRES. The root cause is while merging next hops, Junos OS is iterating over only 16 gateways instead of the configured maximum-ecmp number and finally results in an assert. The core files could be seen by executing CLI command show system core-dumps. PR906653

Network Management and Monitoring

In SNMPv3 scenario, when "snmp engine-id use-default-ip" is configured and for the management IP, "master-only" flag is configured, during GRES, the engine-id and USM passwords generated on the backup Routing Engine is different from that on the master Routing Engine and this causes failure in queries. PR901657
In an IS-IS scenario, with traceoptions enabled under protocol isis and syslog level set to debug under routing-options options for a router, if the router has two IS-IS neighbors that have the same router-id configured, after configuring the same ISO system-id on these two IS-IS neighbors, routing protocol process (rpd) on the router will crash with core files generated. PR912812

Platform and Infrastructure

In CGNAT environment, Source-Address only hash might be getting broken on MPC after Service PIC restart. PR827587
In FPC interconnection with FPC type 5 or MPC3E scenario, traffic loss about 2 seconds during interface up. PR874659
If there is a mix of high and low priority fabric traffic as can be seen by checking show class-of-service fabric statistics, the following error messages can be seen when there are bursts of high priority fabric traffic, while low priority fabric traffic is present :
May 6 14:58:41 routername-re0 fpc1 MQCHIP(0) FI Reorder cell timeout May 6 14:58:41 routername-re0 fpc1 MQCHIP(0) FI Cell underflow at the state stage
In addition, if an FPC that is the recipient of this high and low priority fabric traffic restarts, it is possible for the ingress FPC forwarding ASIC to lock up. In this case the following log message might be simultaneously logged :
Jun 5 13:46:50 router fpc4 MQCHIP(0) CPQ Queue underrun error, Qsys1 Queue 42 Jun 5 13:46:50 router fpc4 MQCHIP(0) CPQ Freecnt nearing empty error, Qsys mask 0x2
PR877123
High rate of traffic to the Routing Engine might cause control traffic stoppage to the Routing Engine. The indication is the following type of messages:
"WEDGE DETECTED IN Packet Forwarding Engine ... TOE host packet transfer: reason code 0x1
PR896592
Firewall filter counter doesn't count packets when firewall is configured on discard interface on MX80-T. PR900203
Configuration of scheduler with zero guaranteed rate and excess priority none is an invalid class of service configuration but is allowed by CLI. When this is configured, the packet enqueued in the corresponding queue will not be able to be transmitted. PR900239
If there are private sessions in place, it should not abort the effective/revoke of conditional groups. In affected releases, it is not working. PR901976
In MX-VC setup using virtual-switch instance type, there can be scenarios where the outer vlan-tag of PPPoE/PADI packets on egress can be stripped off when ingress interface is a LAG with two member links spread across the two Chassis members. PR905667
The set chassis fabric upgrade-mode default statement used for smooth upgrade of T1600 to TXP is not working in TXP. PR908311
The show ddos-protection protocols command does not report correct Arrival and Max arrival pps rates. One bit of rate value at the Packet Forwarding Engine is incorrectly set which results in an incorrect ddos rate value. PR908803
The DDOS classification for Dynamic Host Configuration Protocol (DHCP) "leasequery" message is not working. This message is treated as "unclassified". PR910976
IPv6 UDP checksum is implemented, but computed UDP checksum for IPv6 IPFIX export packets gets invalid occasionally. When this issue is seen, the following capture would be seen in the collector:
14:05:06.810436 In Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 139 Logical Interface Index Extension TLV #4, length 4, value: 71 -----original packet----- Packet Forwarding Engine proto 6 (ipv6): (hlim 64, next-header: UDP (17), length: 144) xxxx:xxx:ffff:ffff::yy.33068 > xxxx:xxx:0:yyy::yyy.2055: [bad udp cksum 72ff!] UDP, length 136 (IPv6 address masked)
PR911972
When enhance-route-memory is enabled along with SCU, the configuration might cause Jtree Memory corruption on MX Series DPC's. PR914753
On MX2020, SNMP traps are generated only for SFB slot 6 and 7 upon GRES enabled Routing Engine switchover. PR915423
Changing the domain-name doesn't reflect in DNS query unless a Commit full is done. This bug in management daemon (mgd) has been resolved by ensuring mgd propagates the new domain-name to file /var/etc/resolv.conf, so that this can be used for future DNS queries. PR918552
Issue observed in inline-Jflow during route-record collection. For route-record function in inline-Jflow, it is expected that for any aggregated type next hops a child next hop must be present. This child next-hop info is updated as gateway info for aggregated next-hop. In scenario, where we have valid aggregated next hop id but no child next-hop, system is crashing in inline-jflow during route-record collection. PR919415
DDOS_PROTOCOL_VIOLATION alarm shows incorrect timestamps “time-first-detected” and “time-last-detected”on messages. Both fields indicate the same timestamps. Timestamps “time-first-detected” and “time-last-detected” are overwritten. PR927330

Routing Policy and Firewall Filters

Install-nexthop lsp-regex does not work as expected when multiple recursive routes share the same protocol next hop having a different export policy with regular expression option. Route is not updated with correct export forwarding next hop as same next hop select handle is calculated for any set of configured export policy with "install-nexthop lspregx" option. PR863341

Routing Protocols

Junos OS label block allocation can only return block size as power of 2 (e.g. 2, 4, 8, 16,...). In inter-as option-b L2VPN scenario, routing protocol process (rpd) core is seen when the ASBR receives a non-power-of-2 label block size from other vendor's device. The root cause here is when rpd requests the non-power-of-2 label block size, an assert occurred. The core files could be seen by executing CLI command show system core-dumps. PR848848
When configuring CAC for a physical interface, the software might enable CAC for unit 0 on that interface, but might not be able to delete it when the configuration is removed. PR850578
There are improper route-family tags added to all multicast route summary commands when we perform command such as show multicast route summary | display xml. PR859104
The remote discriminator is not reinitialized after bfd session state moves to down (with diagnostic code: control detection time expired) as per RFC 5880 requirement. PR889970
In a scenario with graceful restart (GR) enabled for BGP between Cisco platform and Juniper Networks platform, Junos OS is helper (default) and Cisco IOS is the restarting router. When Cisco restarts BGP process, Junos OS deletes all BGP routes because it does not receive End Of RIB (EOR) markers for all configured NLRI's from Cisco. PR890737
In PIM dense mode, if the Assert loser router receives a join/prune (S,G) message with upstream neighbor is the loser router, it should send an Assert (S,G) on the receiving interface to initiate a new Assert negotiation to correct the downstream router's RPF neighbor, but our device will not. PR898158
Sometimes "Advertised prefixes" counter for some RIBs might be incorrect for some BGP neighbors. This is a cosmetic issue. Use the show route advertising-protocol bgp <nbr> table <table-name> | match Nexthop | count command to determine the right advertised prefixes count. PR899180
Improvements were made in the area of importing routes in vrf routing-instances (in scaled configuration). As a result of these improvements, there is a possibility to have an rpd crash and other different issues when these improvements are used in conjunction with GRES/NSR. PR900733
When the interface goes down, the direct route for that peer address is removed from the routing table before BGP processes interface down event and brings down the session. When BGP calculates multipath routes, since the knob "accept-remote-nexthop knob" is configured, BGP needs to determine whether we can reach the nexthop address (ebgp peer address) directly. BGP did not find direct route for this nexthop address and so asks for route nexthop resolution. In this case, the first BGP path from the peer with up interface has direct router nexthop, the second path is set to have indirect nexthop due to the down interface, BGP passed a wrong mixed multipath nexthop, which caused RPD crash. PR917428
The show route advertising-protocol bgp <nbr> table foo.mvpn.0 stopped working. PR929626

Services Applications

IKEv1 Lifetime parameter negotiation deviates from RFC 2407—The Internet IP Security Domain of Interpretation for ISAKMP suggestion in one respect: if remote node is initiator, MX Series will accept the proposed IKE SA Lifetime parameter, even if its value is greater than what configured local policy states. PR866118
Any port or IP address value set in SIP VIA header for 'rport' and 'received' attributes will not be checked or translated by the SIP ALG. There is usually no impact from this to a voice call. The contact address inserted by the client in future requests will be the external one but this will not disrupt the SIP ALG. Some rare clients however might have some unexpected reaction that causes problem such as trying to register two IP addresses, the internal one AND the public one, in the same register message which is unsupported by the ALG and causes the message to be dropped. PR869725
When an snmp query is running that accesses information from a service PIC, and during that an MS-DPC or service PIC restarts, then the adaptive services process (spd) may hang. As a result the thread will never complete, and we will never be able to update and delete the routes through RPD (e.g. Routes that point to NAT pool ranges are marked as dead routes because they still point to the old logical interfaces). This might result in routes in wrong state and blackholing of traffic. PR874347
The jpppd crash on LNS happened because the size of the udp-based l2tp packet exceeded the buffer length available. The modification was done to discard the packet instead of creating core. PR888691
In rare conditions with large number of traffic flows (such as NAT and IPsec flows ), the Service PIC may get stuck or crash as a result of prolonged flow-control assertions towards the Packet Forwarding Engine. In order to trigger this issue, many Compute CPUs inside the Service PIC should be overloaded. This will never happen under normal operation, where CPUs can handle large amounts of traffic without any issues. PR900227
In Carrier Grade Network Address Translation (CGNAT) environment, if memory utilization of MS-DPC/service PIC are in the yellow zone and they are configured with cgn-pic knob, there can be a race condition where there are two timers created for the same flow and during the timer processing, the MS-DPC/service PIC might experience a crash and generate a core file. PR901795
In a L2TP scenario, after performing an SNMP walk of "jnxL2tpTunnel" or "jnxL2tpSession" MIBs, the SNMP reply message fails to be written because the write buffer is exceeding MTU, causing Routing Engine CPU spikes to 100 percent. PR905218
In some cases rtsp data flows will be left without cleanup when rtsp master flows close. This will cause some conversation data flows left on router with very huge timeout value. PR909091
IKE UDP 500 packet is not processed in correct routing-instance. PR909909

Subscriber Management and Services

The values of the attributes Acct-Delay-Time(41) in Acct-Stop retries #4, #5, #6, etc. are NOT set correct. PR868645
PPoE was not supported for the 802.1ad 0x88a8 TPID on the outer tags of dual-tagged VLANs:
[edit interfaces interface-name gigether-options ethernet-switch-profile]set tag-protocol-id [0x88a8]
PR874603
Whenever backup_replay timer expires, if GRES is in progress, we will not replay any pending-acct-stop record. This causes an authd to generate a core file. This has been fixed now, by changing the function being called. PR879319
Test aaa ppp failing for a subscriber with dynamic services: Client Session Activate Failed. PR897477
The output of "test aaa" command does not return ADF (Ascend-Data-Filter) related information. PR900050

VPNs

In affected releases, the C-PIM Assert mechanism is not working correctly in a Multicast VPN environment. A typical scenario includes an access VLAN with four routers (CE1, CE2, PE1 and PE2) which are C-PIM neighbors of each other. If CE1 sends a PIM Join to PE1, and CE2 sends a C-PIM Join to PE2, both PEs start to inject the C-Multicast flow in the access VLAN. This triggers the PIM Assert mechanism, which should result in either PE1 or PE2 (one of them, not both) injecting the traffic. However, the following two situations might occur during 1 minute or more:
- Both PE1 and PE2 keep injecting traffic in the VLAN.
- Both PE1 nor PE2 stop injecting traffic in the VLAN.
Releases with the fix work fine regarding the PIM Assert mechanism and do not show this abnormal behavior. PR880575
In L2circuit scenario, after L2circuit established, if pseudowire flaps (e.g. interface flapping), while routing protocol process (rpd) is processing this change, memory corruption might occur, causing rpd process to crash generating core files. PR900257
This PR enables default advertisement of MVPN from the main BGP routing tables bgp.mvpn.0 and bgp.mvpn-inet6.0 instead of VRF routing table foo.mvpn.0 or foo.mvpn-inet6.0. It also removes withdraw suppression for extranets. If extranets are used, advertise-from-main-vpn-table is enabled by default for a MVPN NLRI. PR908199

Modified: 2016-06-10

Download This Guide

Download this guide: Release Notes: Junos OS Release 13.2R8 for the EX Series, M Series, MX Series, PTX Series, and T Series

TechLibrary

Download This Guide

Related Documentation

Resolved Issues

Resolved Issues: Release 13.2R8

Class of Service (CoS)

Forwarding and Sampling

General Routing

Infrastructure

Interfaces and Chassis

Layer 2 Features

MPLS

Network Management and Monitoring

Platform and Infrastructure

Routing Protocols

Services Applications

Subscriber Access Management

VPNs

Resolved Issues: Release 13.2R7

Class of Service (CoS)

General Routing

Interfaces and Chassis

Layer 2 Features

MPLS

Platform and Infrastructure

Routing Protocols

Services Applications

User Interface and Configuration

Resolved Issues: Release 13.2R6

Class of Service (CoS)

Forwarding and Sampling

General Routing

High Availability (HA) and Resiliency

Interfaces and Chassis

J-Web

Layer 2 Features

MPLS

Network Management and Monitoring

Platform and infrastructure

Routing Protocols

Services Applications

Subscriber Access Management

User Interface and Configuration

VPNs

Resolved Issues: Release 13.2R5

Class of Service (CoS)

Forwarding and Sampling

General Routing

Infrastructure

Interfaces and Chassis

MPLS

Platform and Infrastructure

Routing Protocols

Services Applications

Software Installation and Upgrade

User Interface and Configuration

VPNs

Resolved Issues: Release 13.2R4

Forwarding and Sampling

General Routing

High Availability (HA) and Resiliency

Interfaces and Chassis

Layer 2 Features

MPLS

Platform and Infrastructure

Routing Policy and Firewall Filters

Routing Protocols

Services Applications

Subscriber Access Management

User Interface and Configuration

VPNs

Resolved Issues: Release 13.2R3

Class of Service (CoS)

General Routing

Interfaces and Chassis

Layer 2 Features

MPLS

Network Management and Monitoring

Platform and Infrastructure

Routing Policy and Firewall Filters