Open Issues

The AE interfaces in per-unit-scheduler mode and committing CoS configuration on AE IFLs in a single commit leads to race-conditions. PR1666010

A few duplicate packets might be seen in an A/A EVPN scenario when the remote PE device sends a packet with an IM label due to MAC not learned on the remote PE device, but learned on the A/A local PE device. The nondesignated forwarder sends the IM-labeled encapsulated packet to the PE-CE interface after MAC lookup instead of dropping the packet, which causes duplicate packets to be seen on the CE side. PR1245316

In PBB-EVPN (Provider Backbone Bridging - Ethernet VPN) environment, ARP suppression feature which is not supported by PBB might be enabled unexpectedly. This could cause MAC addresses of remote CEs not to be learned and hence traffic loss. PR1529940

This is a case where interface is disabled and comes up as CE after a timeout. A manual intervention of clear ce interface command should restore this.

As a workaround,

• Clear auto-evpn ce-interface interface-name

• Configure edit activate interface-name family inet inet6

  PR1630627

When GRES is triggered by SSD hardware failure, the syslog error of rpd[2191]: krt_flow_dfwd_open,8073: Failed connecting to DFWD, error checking reply - Operation timed out might be seen. The issue can be recovered by restarting the dfwd daemon. PR1397171

On all Junos dual-RE platforms, when performing activate/deactivate Graceful Routing Engine Switchover (GRES) multiple times, synchronization issues are observed between the master and backup dfwd process. PR1697959

AFEB crashing with PTP thread hog on the device. PR1068306

On the PTX Platform with FPC-PTX-P1-A or FPC2-PTX-P1A, you might encounter a single event upset (SEU) event that might cause a linked-list corruption of the TQCHIP. The following syslog message gets reported: Jan 9 08:16:47.295 router fpc0 TQCHIP1: Fatal error pqt_min_free_cnt is zero Jan 9 08:16:47.295 router fpc0 CMSNG: Fatal ASIC error, chip TQ Jan 9 08:16:47.295 router fpc0 TQ Chip::FATAL ERROR!! from PQT free count is zero Jan 9 08:16:47.380 router alarmd[2427]: Alarm set: FPC color=RED, class=CHASSIS, reason=FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 Jan 9 08:16:47.380 router craftd[2051]: Fatal alarm set, FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 The Junos OS Chassis Management error handling detects such a condition, raises an alarm, and disables the affected Packet Forwarding Engine entity. To recover this Packet Forwarding Engine entity, restart the FPC. Contact your Juniper support representative if the issue persists even after the FPC restarts. PR1254415

If a vmhost snapshot is taken on an alternate disk and there is no further vmhost software image upgrade, the expectation is that if the current vmhost image gets corrupted, the system boots with the alternate disk so the user can recover the primary disk to restore the state. However, the host root file system and the node boots with the previous vmhost software instead of the alternate disk. PR1281554

When VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter is not installed. PR1362609

TALUS(number) PCIe(number) DMA RX interrupt received. Queue stuck status 0xeeeeee0 are spurious messages which are triggered in system logs due to queue-back pressure or FPGA drops. PR1465888

With NAT/Stateful-firewall/TCP tickle (enable by default) configured on MS-MPC/MS-MIC, the vmcore crash sometimes along with mspmand crash might happen if large-scale traffic flows (e.g. million flows) are processed by it. PR1482400

When there are hardware link errors occurred on all 32 links on an FPC 11. Because of these link errors, all FPCs reported destination errors towards FPC 11 and FPC 11 was taken offline with reason offlined due to unreachable destinations. PR1483529

Runt, fragment and jabber counters are not incrementing. PR1492605

After backup Routing Engine halt, CB1 goes offline and comes back online; this leads to the backup Routing Engine booting up, and it shows the reboot reason as 0x1:power cycle/failure. This issue is only for the RE reboot reason, and there is no other functional impact of this. PR1497592

PR1463859 introduces a software defect that causes a 10GE interface to flap continuously when configuring with the WAN-PHY framing with the default hold-down timer (0). Once upgrading a router to an affected software release, the interface might flap continuously. This is not applicable to an interface with the default framing - LAN-PHY. PR1508794

When an AMS ifd is configured for the first time or any member of the AMS bundle is removed or added, the PICs on which the members of AMS bundle are present go for a reboot. There is a timer running in the AMS kernel which is used as a delay for the PIC reboot to complete and once that timer expires AMS assumes that the PICs might have been rebooted and it moves into next step of AMS fsm. In scaled scenarios, this rebooting of the PIC is delayed due to DCD. This is because when a PIC goes down, DCD is supposed to delete the IFDs on that PIC and then the PIC reboot happens. But DCD is busy processing the scaled configuration and the IFD deletion is delayed. This delay is much greater than the timer running in AMS kernel. When the above timer expires, the FSM in AMS kernel incorrectly assumes the PIC reboot would be completed by then, but the reboot is still pending. By the time DCD deletes this IFD the AMS bundles are already UP. Because of this, there is a momentary flap of the bundles. PR1521929

In Mac-OS platforms when Juniper Secure Connect client connects successfully, the client is not getting minimized to tray icon and needs to be minimized manually.PR1525889

Due to BRCM KBP issue route lookup might fail. Need to upgrade KBP to address this issue. PR1533513

If vMX product is configured to run in performance mode via configuring chassis fpc 0 performance-mode (Note: performance mode is enabled by default starting from Junos OS Release 15.1F6), flow cache will be used to improve the traffic forwarding performance. With performance mode enabled, if traffic cause a single flow in the flow cache to have a large number of flow actions which hit the max supported number (that is, 18) of flow actions. Typically, the addition of lots of firewall counters and policers in a single flow can make it add up. The riot might crash. It is a rare issue. PR1534145

In scaled MX2020 router, with vrf localisation enabled, 4 million nexthop scale, 800k route scale. FPCs might go offline on GRES. Post GRES, router continues to report many fabric related CM_ALARMs. FPC might continue to reboot and not come online. Rebooting master and backup Routing Engine will help recover and get router back into stable state. PR1539305

On MX platforms with MS-MPC/MS-MIC service card installed, the card might run out of memory due to process mspmand memory leak, which might cause traffic interruption if adding and/or deleting of telemetry sensor. This is because these operations will trigger the memory allocation for decoding configuration change messages and will not release the memory at the end of processing. PR1540538

During RE switchover interface flap might be seen along with Scheduler slippage. PR1541772

USF-SPC3 : With ipsec PMI/fat-core enabled, show services sessions utilization CLI not displaying right CPU utilization. PR1557751

The Sync-E to PTP transient simulated by Calnex Paragon Test equipment is not real network scenario. In real network deployment model typically there will be two Sync-E sources (Primary and Secondary) and switchover happens from one source to another source. MPCE7 would pass real network SyncE switchover and associated transient mask. PR1557999

This is a feature enhancement and work is in progress to provide this support. This will have impact only when routing daemon crashes and will not have impact on rest of the NSR support. PR1561059

Due to a race condition, the show multicast route extensive instance instance-name output might display the session status as Invalid. This output is a cosmetic defect and not indicative of a functional issue. PR1562387

To avoid the additional interface flap , interface hold time needs to be configured. PR1562857

When Inline Jflow is configured and high sampling rate (more than 4000 per second) is set, high CPU utilization might be observed and this might result in relevant impacts on traffic analysis and billing. This issue is fixed from 21.3R1 via RLI 49464.PR1569229

Copying files to /tmp/ causes a huge JTASK_SCHED_SLIP. Copy files to /var/tmp/ instead. PR1571214

This issue is caused by /8 pool with block size as 1, when the configuration is committed the block creation utilizes more memory causing NAT pool memory shortage, which is currently being notified to customer with syslog tagged RT_NAT_POOL_MEMORY_SHORTAGE. PR1579627

In a fully loaded devices, at times, firewall programming was failing due to scaled prefix configuration with more than 64800 entries. However, this issue is not observed in development setup. PR1581767

Error message seen on MX10K8 chassis with SyncE/PTP configurations, This does not affect any functionality. The error seen here because the API called is specific to ferrari platform which needs to be vecterized. PR1583496

When the active slave interface is deactivated, the PTP lock status is set to 'INITIALIZING' state in show ptp lock-status output for few seconds before BMCA chooses the next best slave interface. This is the day-1 behavior and there is no functional impact. PR1585529

On all devices running Junos OS Release 19.1R3-S5-J3, the subscriber logical interface (IFL) might be in a stuck state after the Extensible Subscriber Services Manager (ESSM) deletion. PR1591603

Pim Vxlan not working on TD3 chipsets enabling VxLAN flexflow after Junos OS Release 21.3R1. Customers Pim Vxlan or data plane VxLAN can use the version 21.3R1. PR1597276

MX2010, MX2020: MPC11E: unified ISSU is not supported for software upgrades from Junos OS Release 21.2 to release 21.3 and 21.4 releases due to a flag day change. PR1597728

During Routing Engine switchover, if there is a burst of ICMP/BFD/SSH/FTP/TELNET/RSVP packets (~18K pps) you might see new backup RE restarting. PR1604299

On MX Series Virtual Chassis platforms with MS-MPC or SPC3 service cards and Aggregated Multi-Service (AMS), traffic on the line card in the backup chassis might not be load-balanced properly due to timing conditions. This works well on the line card in the master chassis. There might be traffic loss when interfaces are not properly balanced. PR1605284

Leaf difference with regards to memory-usage/heap in the output of Sensor (/junos/system/linecard/firewall) between MPC7E and MPC10E. PR1606791

On all MX platforms, in a subscriber management environment, new subscribers might not connect if Class of service (CoS) CR-features (Classifier Rewrite) are used by the Variable Based Flow (VBF) service. The reference count mismatching between Routing Engine (RE) and VBF is caused by VBF flow VAR CHANGE failure. PR1607056

If RPD Agent sends INH deletion/additions out of order (rarely occurs) to backup RPD, RPD generates core files. PR1607553

NPU and IFL sensors path not programmed on AFT and EVO based LC. PR1610766

When user tries to disable AMS ifd using configuration statement, the ipsec tunnels are not deleted. Deactivating the services will provide the desired result. PR1613432

In some NAPT44 and NAT64 scenarios, duplicate SESSION_CLOSE Syslog will be seen. PR1614358

Percentage physical-interface policer is not working on AE, after switching between baseline configuration to policer configuration. PR1621998

Tunnel statistics displays incorrect values because it was not supposed that tunnel interfaces would cache flow. PR1627713

On all Junos platforms the MAC address of the 17th ae interface might be changed after the upgrade from Junos OS 18.4+ to 20.4+ releases. It will lead to mac based service interruption.PR1629050

For a topology with VSTP and VRRP configured and IPv6 traffic, if VSTP bridge priority is changed a couple of times (to trigger toggling of root bridge), it is possible that v6 traffic drop is seen on some of the streams. PR1629345

For ACX5448, MX204 and MX2008 "VM Host-based" platforms, starting with Junos OS Release 21.4R1 or later, ssh and root login is required for copying line card image (chspmb.elf for MX2008) from Junos VM to Linux host during installation. The ssh and root login are required during installation. Use deny-password instead of deny as default root-login option under ssh configuration to allow internal trusted communication. Ref https://kb.juniper.net/TSB18224 PR1629943

The fabric statistics counters are not displayed in the output of show snmp mib walk ascii jnxFabricMib. PR1634372

On all devices running Junos OS or Junos OS Evolved, where this is a high BGP scale with flapping route and the BGP Monitoring Protocol (BMP) collector/station is very slow, the rpd process might crash due to memory pressure. PR1635143

Same vlan cannot be used as data vlan and voip vlan together. PR1637195

With SFP+-10G-CU3M DAC, peer cannot detect admin down on MX10008. PR1640799

The mspmand daemon running on MS-MPC/MS-MIC cards might occasionally crash when the service card (fpc/pic) is turned offline and then online at regular intervals when the number of service-set configured is moderately high and when extensive hardware crypto operations are being performed. Exact issue is yet to be isolated. PR1641107

Source MAC should not be configured on the underlying static interface on the UP for PPPoE login to work correctly. PR1641495

WIth PTPoIPv6 on MPC2E 3D EQ, PTP slave stays in acquiring state.PR1642890

When CFP2-DCO is used, operator need to configure otn-option - that is the only mode supported. PR1643815

Committing configuration changes during the Packet Forwarding Engine reset pause window (when PFE is disabled, yet the PFE reset proper has not started yet) has the potential of causing errors and traffic loss. In particular, configuration changes that result in re-allocating policers (which are HMC-based) might lead to traffic being entirely policed out (that is, not flowing). Once the PFE reset procedure has started configuration changes ought to be avoided until the procedure is completely done.PR1644661

bb device has to be manually enabled in configuration for DHCP and PPP access models for BNG CUPS. Configuration to enable bb device is as follows: #set system subscriber-management mode force-broadband-device. PR1645075

On Junos platform, PTP does not lock when port speed is not configured under PIC hierarchy or port speed for some additional random ports are configured under the PIC hierarchy or perform PIC deactivate/activate. PR1645562

When per-interface egress and per-sid egress SR sensor stats are configured using the CLI commands below, the (pushed) MPLS label length does not get included in the output/Tx octets field that gets exported from the sensor:

set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link egress

set protocols isis source-packet-routing sensor-based-stats per-sid egress

This is a day-1 behavior on all Trio ASIC based FPCs on the MX platform.

With overlapping NAT pool configured with different NAT rules under different service sets, when service outside interface is moved between different routing instances (For example, from vr1 to default, and from default to vr1), NAT routes corresponding to the service-set in default routing instance are getting deleted, resulting in reverse path traffic failure for NAT sessions. PR1646822

It is non impacting message in journal logs, without any functional impact. Removing all .include inclusions from service files, via this PR.PR1647592

In the IPv6 segment routing deployment, packets are sent out with the incorrect ethernet type. PR1647622

Configuring MPC11 in 4x100G and keeping peer in 400G mode, Link comes up on peer while staying down on local end. This issue is also specific to 400G-ZR optics as it has single media lane. The issue is not seen on other 400G optics supporting 4x100G mode.PR1653946

When interop with the following systems, flow control must be enabled when MACsec is configured on the peer system. Because on these systems, flow control is forced to be on regardless of the CLI provisioning. Other Reference (already documented) https://www.juniper.net/documentation/us/en/software/junos/security-service s/topics/ref/statement/interfaces-edit-security-macsec-mx-series.htmlPR1655712

Currently user can install images older that the minimum supported image on RE-S-X6-128G-K. System comes up in Linux prompt in such cases.PR1655935

Core file reported intermittently where random grpc stack crash is observed. The license service will auto restart and recover. PR1656975

UDP Telemetry output fields might misalign on AFT-based line cards such as MPC10/11 or Junos Evolved platform. PR1658017

ZTP: DHCPACK not received at ztp-server after zeroize of the device (client). PR1658287

On Junos platforms, in the VPLS environment when having routing-options resolution preserve-nexthop-hierarchy configured results in the packet dropped at egress PE for multiple MPLS stack labels. PR1658406

SNMP MIB walk on jnxVpnInfo show snmp mib walk jnxVpnInfo for EVPN or EVPN-VPWS routing instance. PR1659466

On configuring network-services lan and performed commit check, the system changes the Layer 2 structures and family bridge disappeared from CLI.PR1661057

The OpenSSL project has published security advisories for multiple vulnerabilities resolved in OpenSSL. Please Refer to https://kb.juniper.net/JSA70186 for more information.PR1661450

When there is hard failure on the RE-RE link, the system might fail to recognise the fault and report as an alarm. PR1661635

Traffic drop observed for few instances while it send via irbv6 routed interface.PR1662620

The version details for certain daemons will appear in the command output after the device has been rebooted after the completion of the USB installation of Junos.PR1662691

If the physical link status of the ethernet link between the RE and FPC goes down, there are recovery attempts to bring up the link again. Log messages indicate the recovery attempts and the success/failure status of the attempt. However an alarm is not raised when this failure occurs. PR1664592

RE0 to RE1 interface EM4 MTU is changed to 9192 bytes through PR 1642364. If one of the REs don't have this fix, RE sync fails. Due to this reason, ISSU will not work. In such scenario, cold image upgrade should be done. PR1665690

UDP Telemetry might not work when subscribes to /junos/system/linecard/intf-exp/ sensor. PR1666714

On MX platforms with MIC-MACSEC-20GE, FEB(Forwarding Engine Board) might go down while activating/deactivating Graceful Routing Engine Switchover (GRES) configuration.PR1668983

These are expected error logs, and doesn't cause any functional impact. jsr_iha_pri_unrepl_msg_func: Error: Invalid primary handle in msg 0x10006c600000621, error=2 These logs might be seen if the following conditions are met:

On all Junos OS platforms

non stop routing is enabled

with scaled setup

The possible triggers would be restart chassisd, ksyncd, switchover, re reboot, which causes nsr unreplication/replication. PR1675057

The issue was recreated only with IXIA connection. Arp response is not received in the DUT port to store the destination MAC address. unable to determine if the issue is with the MX port or medium or IXIA port. PR1677624

The IFD remaining stats flag is not set properly in chassid in today's code. It should be set to TRUE only if HCOS is configured on an interface. Else, it should not be SET. Not setting this rightly, results in statistics not being displayed or the command output not being displayed at all. The impacted command is run show interfaces extensive intf-name and the impact is seen in GNF environment with no explicit CoS configuration on the interfaces. Not using extensive will ensure there is no issue as well. This is specific to MPC11 with sub LC (GNF) setup.PR1678071

There will be drop of syslog packets seen for RT_FLOW: RT_FLOW_SESSION_CREATE_USF logs until this is fixed. This will not impact the functionality.PR1678453

On all MX platforms with MPC7E-10GE line card, auto-negotiation will not be set properly when changing the port speed from 10GE to 1G on a port with auto-negotiation configured. The port remains down until the commit is done separately for changing the port speed.PR1682962

One time l2ald (Layer 2 Address Learning Daemon) core will be seen once the box comes up after zeroize. There will be no service impact due to this.PR1686097

On all Junos and Junos Evolved platforms, configuring Link Layer Discovery Protocol (LLDP) with system services netconf notification enabled will trigger the l2cpd crash. This crash causes the CPU to spike. PR1695057

On all Junos platforms, the dcd (device control daemon) process crash is observed when more than 256 VLANs as name tags are added on the same interface.PR1696428

FIPS mode is not supported in this release.PR1697999

The optic configuration mismatch alarm was always enabled, but was not reported by the RE during show chassis alarms. This alarm will now be correctly reported by the FPC and displayed in the RE. There is no behavior change other than the alarm being reported correctly now.PR1700606

When GRES is performed with the interface em0 (or fxp0) disabled on the primary Routing Engine, then enable the interface on the new backup Routing Engine, it isn't able to access network.PR1372087

Below IPC timeouts logs can be seen for statistics query to kernel(queried from cli or daemons querying internally)when there is config churn, or large number of IPCs getting exchanged between kernel and pfe in the system. if_pfe_msg_handler: pfe_peer_msg_handler error: error for msg type type, msg subtype subtype, opcode op and peer index index Default IPC timeout value in kernel for IPC statistics request is 10s. This can be incremented to larger value by setting below hidden config to avoid IPC timeout errors. # set system stats-timeout-lifetime 15 # commit. PR1629930

On MX platforms with Subscriber Management configured, the subscribers will fail to negotiate the PPP (Point-to-Point Protocol) session and be unable to login when jpppd transitions from backup to Master and does not receive all the Routing Table events from Kernel post upgrade.PR1686940

In case of the access-side interfaces used as SP-style interfaces, when a new logical interface is added and if there is already a logical interface on the physical interface, there is 20--50 ms traffic drop on the existing logical interface. PR1367488

In MVPN case, if the nexthop index of a group is not same between master and backup after a nsr switchover, we might see a packet loss of 250 to 400 ms. PR1561287

Ingress will retry after lsp stay down for extended period of time or customer can clear lsp to speed up the retry. PR1631774

On all Junos and Junos OS Evolved platforms, if CCC (Circuit Cross-Connect) is configured to use a label-switched-path such as IGP routed, i.e., no-cspf and no strict ERO (Explicit Route Object) configuration, then restarting egress CCC node or restarting FPC on the egress CCC node containing remote-interface-switch configuration multiple times may cause CCC to remain stuck in remote-if-down state, resulting in loss of traffic. (The knob remote-interface-switch is configured on the egress LER of the RSVP-TE LSP (Resource Reservation Protocol-Traffic Engineering label-switched-path) which binds the LSP terminating on the node to a local interface).PR1694777

When maximum-password-length is configured and user tries to configure password whose length exceeds configured maximum-password-length, error is thrown, along with error 'ok/' tag is also emitted. (Ideally 'ok/' tag should not be emitted in an error scenario.) The configuration does not get committed.PR1585855

On Junos and Junos Evolved platforms, post ephemeral database configuration commit sync leads to a state mismatch between master and backup.PR1610713

On all Junos and Junos OS Evolved platforms, while using source-address NTP configuration parameter and issue the command set ntp date from the CLI, packets will be sent with the source address of the outgoing interface rather than the manually configured IP address. Typically, the manually configured IP address would be a loopback address. The problem does not apply to automatically generated NTP poll packets. PR1545022

On MX platform, when the "fast-lookup-filter" statement is configured with a match that is not supported in the FLT(fast-lookup-filter) hardware, traffic might be lost.PR1573350

Don't use the control-type light under platforms where this feature is not supported at present. At present IPv4 and IPv6 twamp-light is supported on the platforms using TRIO and PE chipsets. PR1603128

VM cores and Virtual Chassis split might be observed with multicast scale scenario. PR1614145

With given multi dimensional scale, if configuration is removed and restored continuously for more than 24 times, MX Trio based FPC might crash and restart. During the reboot, there can be traffic impact if backup paths are not configured. PR1636758

On SRX5k and MX240/MX480/MX960 platforms,when device is powered on with multiple line cards, power might not be sufficient and few line cards fail to come into online state.PR1645817

The process sshd will crash if Terminal Access Controller Access Control System (TACACS) user authentication is configured and the user is successfully authenticated by the TACACS server. The crash occurs with every successful authentication and an sshd coredump will be created. Because of the core ssh access is denied. PR1672581

On Junos with MX platform using specific MPC7E/MPC8E/MPC9E/JNP10K-LC2101/JNP10003-LC2103/JNP10K-LC480 line cards in the event of a transient memory hardware issue, parity errors are generated which cannot be rectified by the ASIC. When the Flexible PIC Concentrators(FPC) encounters such an error, it will automatically deactivate the Packet Forwarding Engine(PFE) which leads to traffic impact. PR1706494

Certain BGP traceoption flags (for example, "open", "update", and "keepalive") might result in (trace) logging of debugging messages that do not fall within the specified traceoption category, which results in some unwanted BGP debug messages being logged to the BGP traceoption file. PR1252294

LDP OSPFs are in the Synchronization state because the IGP interface is down with ldp-synchronization enabled for OSPF. PR1256434

On MX platforms, unexpected log message will appear if the CLI command show version detail or request support information is executed.PR1315429

On all platforms, the issue is when the first time when ESIS is coming up sometimes the ESIS route might not get installed. PR1559005

On MX platforms, initial multicast register packets might get dropped, this might affect multicast services. PR1621358

On all Junos and Junos OS Evolved platforms, when configuring the network instance for openconfig, an error might be observed while executing a commit if the configured network instance type is "default_instance" but the instance name is not default.PR1644421

RFC 8950/RFC 5549, permits the advertisement of a BGP Nexthop of a different family (e.g. IPv6) than the NLRI address family (e.g. IPv4). The mapping of possible address families that can be used are exchanged using BGP Capabilities. The BGP Capabilities specification, RFC 5492, recommends that a single capability TLV of a given type is advertised when multiple elements within that TLV are present. That RFC also permits multiple capabilities of the same type to be advertised for multiple elements for backward compatibility. Junos BGP handling of the BGP extended nexthop capability did not handle multiple capabilities of the same code point when multiple extended nexthop capabilities were present. It incorrectly kept only the last one sent. This PR addresses that deficiency. PR1649332

The show security keychain detail CLI displays algorithm as hmac-* instead of ao.PR1651195

When l2cpd (in the context of xSTP) clears the entries that it has programmed on ppmd, ie when you delete xSTP configs from the box, there can be a possibility of ppmd core. If ppmd is in distributed mode then there will be no service impact, else there can be service impact as packet transmission for various protocols will happen via if ppmd is in centralized mode.PR1660299

The rpd (routing protocol daemon) crash happens when a non-BGP (Border Gateway Protocol) route is exported via LDP (Label Distribution Protocol) and later on, if the same prefix advertised by BGP is received, we select that as the forwarded route rather than the already advertised route. This is due to the logic in the forwarding route to pick the BGP route for the BGP-owned routes rather than the active route. This is a rare case and the system recovers by itself until the next event.PR1671081

Dynamic IFL add request is waiting to be processed in KRT queue during that if chassid down event occurs. To handle the chassid down event RPD Infra sends notification to protocol(producer of Dynamic IFL add request) and it is producer jobs to DELETE the dynamic ifls request which were there in the KRT queue. PIM code is not clearing those Dyanamic IFLs ADD request during chassis fpc down event. Hence getting error 'ENOENT -- Item not found' when chassis comes back up.PR1675212

Any platforms with Micro BFD configured on member links of the LAG/ae interface, BFD Session state in RE remains as UP always even though PEER device has ceased.PR1675921

On all Junos and Junos Evolved platforms, the rpd ( routing protocol daemon) can crash when PIM (Protocol Independent Multicast), MoFRR (Multicast only Fast Reroute) configuration is present and some network churn event such as continuous interface cost changes, resulting in a change of active and backup paths for ECMP (Equal Cost Multi-Path) happens. There will be service impact because of the rpd crash but the system self-recovers until the next crash.PR1676154

VRF Rouging table might not get updated immediately upon change of maximum-prefixes. PR1680277

OSPF Route Type Extended Community cannot be configured as 'rte-type'. PR1687273

On all Junos and Junos Evolved platforms BGP-LU (Border Gateway Protocol Labeled-Unicast) Advertisements fail with the message "BGP label allocation failure: Need a gateway" based on timing conditions involving route resolution and installation.PR1689904

On Junos and Junos Evolved platforms configured with graceful-shutdown sender under the BGP dynamic neighborship, the peer device does not receive routes with communities "graceful-shutdown", as it is not advertised by the sender causing the traffic drop for the affected routes.PR1699633

On all Junos and Junos Evolved platforms, when IPv4 prefix advertisement received by an IS-IS/OSPF router in the Extended IP reachability TLV and SR mapping server (SRMS) advertisement for the same prefix received through the segment identifier (SID) label Binding TLV, then SRMS advertised label preferred over IS-IS/OSPF SID label advertised via opaque-AS Extended-Prefix. Traffic will be sent via incorrect path due to this issue. PR1702456

Tunnel debugging configuration is not synchronized to the backup node. It needs to be configured again after RG0 failover. PR1450393

Change here is basically reverting to old enum value used for ATM VPN, and using a new value for BGP Multicast address family, and although these is no visible behavior change due to this, there might be impact on ISSU for ATMVPN and BGP Multicast address family if enabled.PR1590331

When using Group VPN, in certain cases, the PUSH ACK message from the group member to the group key server may be lost. The group member can still send rekey requests for the TEK SAs before the hard lifetime expiry. Only if the key server sends any new PUSH messages to the group members, those updates would not be received by the group member since the key server would have removed the member from registered members list. PR1608290

This happens only when MVPN protocol has separate route targets configured and then both the address families are disabled. RPD infra parsing does not check if MVPN protocol is disabled and hence will create the auto policies for route-targets if configured. So if those policies are not marked as active in MVPN configuration flow, it does not get resolved and thereby the policy object may not be valid thus leading to the core files. PR1700345

With inter area/AS segmented scenario the provider tunnel termination interface on ASBR/ABR is set to global lo0 and added to tai data structure. However if there is a change in lsi/vt interface, specifically causing deletion of interface, in change notification callback MVPN tries to delete tai data structure with lsi/vt interface and not lo0 since this is inter area/AS segmented scenario. Since lsi/vt was never added, the code asserts. PR1710255