Open Issues

In PBB-EVPN (Provider Backbone Bridging - Ethernet VPN) environment, ARP suppression feature which is not supported by PBB might be enabled unexpectedly. This could cause MAC addresses of remote CEs not to be learned and hence traffic loss. PR1529940

On all platforms, MAC-IP route deletion and addition are triggered when re-ARP (Address Resolution Protocol) on MH (Multihoming) device fails in the EVPN-MPLS multihoming scenario resulting in traffic drop.PR1691132

On all Junos dual-RE platforms, when performing activate or deactivate Graceful Routing Engine Switchover (GRES) multiple times synchronization issues are observed between the primary and backup dfwd process. PR1697959

When there is an input failure on one of the AC PEMs (low or high) its wrongly categorized as Mix of AC PEMs so instead of PEM input failure you will see Mix of AC PEMs alarm raised. PR1315577

On WRL8 based VMHost platforms there is no log rotation for resild log and temperature sensor info is incorrectly written into resild log which could result in continuous logs in resild log file. The disk usage might keep increasing due to this issue. The disk usage could be eventually full which could cause system to hang and reboot. PR1480217

When there are HW link errors occurred on all 32 links on an FPC 11. Because of these link errors, all FPCs reported destination errors towards FPC 11 and FPC 11 was taken offline with reason offlined due to unreachable destinations. PR1483529

After backup Routing Engine halt, CB1 goes offline and comes back online; this leads to the backup Routing Engine booting up, and it shows the reboot reason as "0x1:power cycle/failure." This issue is only for the RE reboot reason, and there is no other functional impact of this. PR1497592

In the platform using INH (indirect next hop, such as Unilist) as route next hop type for multiple paths scenario (such as BGP PIC or ECMP), the session fast-reroute might be enabled in Packet Forwarding Engines (PFEs). When the version-id of session-id of INH is above 256, the PFE might not respond to session update, which might cause the session-id permanently to be stuck with the weight of 65535 in PFE. It might lead PFE to have a different view of Unilist against load-balance selectors. Then either the BGP PIC or the ECMP-FRR might not work properly and traffic might be dropped or silently discarded. PR1501817

Software defect that causes a 10GE interface to flap continuously when configuring with the WAN-PHY framing with the default "hold-down" timer (0). Once upgrading a router to an affected software release, the interface may flap continuously. This is not applicable to an interface with the default framing - LAN-PHY. PR1508794

Due to BRCM KBP issue route lookup might fail. Need to upgrade KBP to address this issue, Due to high risk KBP SDK upgrade planned for Junos OS release21.1. PR1533513

With IPsec PMI/fat-core enabled, the show services sessions utilization command does not display the right CPU utilization. PR1557751

The Sync-E to PTP transient simulated by Calnex Paragon Test equipment is not real network scenario. In real network deployment model typically there will be two Sync-E sources (Primary and Secondary) and switchover happens from one source to another source. MPCE7 would pass real network SyncE switchover and associated transient mask. PR1557999

VE and CE mesh groups are default mesh groups created for a given Routing instance. On vlan/bridge-domain add, flood tokens and routes are created for both VE and CE mesh-group/flood-group. Ideally, VE mesh-group doesn't require on a CE router where IGMP is enabled on CE interfaces. Trinity based CE boxes have unlimited capacity of tokens, so this would not be a major issue. PR1560588

When deactivate or activate of security configuration is executed continuously, there are instances in which when gkmd process can core while the process exits. PR1566044

When the active backup interface is deactivated, the PTP lock status is set to 'INITIALIZING' state in show ptp lock-status output for few seconds before BMCA chooses the next best backup interface. This is the day-1 behavior and there is no functional impact. PR1585529

Pim VXlan not working on TD3 chipsets enabling VXLAN flexflow after Junos OS release 21.3R1. Customers Pim VXlan or data plane VXLAN can use the Junos OS release 21.3R1. PR1597276

During Routing Engine switchover, if there is a burst of ICMP/BFD/SSH/FTP/TELNET/RSVP packets (around 18,000 pps) you might see new backup Routing Engine restarting. PR1604299

On MX-VC (Virtual Chassis) platforms with MS-MPC or SPC3 service cards and AMS(Aggregated Multi-Service), traffic on the line card in the backup chassis may not be load-balanced properly due to timing conditions. This works well on the line card in the master chassis. There might be traffic loss when interfaces are not properly balanced. PR1605284

When user tries to disable AMS ifd using config knob, the ipsec tunnels are not deleted. Deactivating the services will provide the desired result. PR1613432

In some NAPT44 and NAT64 scenarios, duplicate SESSION_CLOSE syslog gets generated. PR1614358

On all Junos OS platforms, the MAC address of the 17th aggregate Ethernet interface might be changed after the upgrade from 18.4+ to 20.4+ releases. It will lead to MAC based service interruption.PR1629050

For a topology with VSTP and VRRP configured and IPV6 traffic, if VSTP bridge priority is changed a couple of times (to trigger toggling of root bridge), it is possible that IPv6 traffic drops on some of the streams. PR1629345

The fabric statistics counters are not displayed in the output of the show snmp mib walk ascii jnxFabricMib command. PR1634372

On all devices running Junos OS or Junos OS Evolved, where this is a high BGP scale with flapping route and the BGP Monitoring Protocol (BMP) collector/station is very slow, the rpd process might crash due to memory pressure. PR1635143

Source MAC should nt be configured on the underlying static interface on the UP for PPPoE login to work correctly. PR1641495

On Junos platform, PTP does not lock when port speed is not configured under PIC hierarchy or port speed for some additional random ports are configured under the PIC hierarchy or perform PIC deactivate or activate. PR1645562

When per-interface egress and per-sid egress SR sensor stats are configured using the CLI commands below, the (pushed) MPLS label length does not get included in the output/Tx octets field that gets exported from the sensor. set protocols isis source-packet-routing sensor-based-stats per-interface-per-member-link egress set protocols isis source-packet-routing sensor-based-stats per-sid egress This is a day-1 behavior on all Trio ASIC based FPCs on the MX platform. PR1646799

Pressing N during the PXE install and the reboot prompt is supposed to abort the installation, not reboot, and provide a debug shell. On MX304, the shell is not spawned and the system hangs for a while and then reboots. PR1647534

Core dump reported intermittently where random grpc stack crash is observed. The license service will auto restart and recover. PR1656975

On Junos platforms, in the VPLS environment when having "routing-options resolution preserve-nexthop-hierarchy" configured results in the packet dropped at egress PE devices for multiple MPLS stack labels. PR1658406

For MX204 and MX10003 devices, if a non-default SSH port is configured for system login, after upgrade to 21.4 release, the FPC is stuck in offline. To avoid such issue please use default SSH port and use protect Routing Engine filter to only allow the access from the trusted source. PR1660446

The /telemetry-system/subscriptions/dynamic-subscriptions/ support on GNF will be from 22.4. PR1661106

Not all MAC addresses are learnt for some VPLS instances after "clear vpls mac-table" command is executed. PR1664694

With following configuration changes subscribers are coming up. Config changes: ============= set forwarding-options dhcp-relay overrides allow-snooped-clients set forwarding-options dhcp-relay group DHCP-FO overrides allow-snooped-clients set forwarding-options dhcp-relay group DHCP-FO overrides user-defined-option-82 100.112.77.66 deactivate forwarding-options dhcp-relay group DHCP-FO interface ae31.0 overrides. PR1665499

You must not modify the locator attributes, instead locator, SIDs should be deleted and configured back. Otherwise it will lead to coredump. PR1667320

On MX devices with MIC-MACSEC-20GE, FEB (Forwarding Engine Board) might go down while activating or deactivating GRES configuration. PR1668983

Sometimes cores are reported on backup Routing Engine during init after a reboot etc. When the backup Routing Engine initialization is being done and system is busy, some commands executed in context of spmbpfe are taking more time to complete due to the initial heavy lifting by the kernel, In this stage, if in case the commands from spmbpfe process do not complete for less than 2.5 seconds, then there are chances of spmbpfe cores. This is a temporary issue seen on backup Routing Engine during init time only. This may not be impacting because if in case spmbpfe process crashes due to this, it would restart by itself and continue to init and run once the initial high CPU condition has passed. It should not cause any functionality or performance impact especially since it is reported only on backup Routing Engine. PR1675268

There will be drop of syslog packets seen for RT_FLOW: RT_FLOW_SESSION_CREATE_USF logs until this is fixed. PR1678453

The Queue stats may show constant PPS / bps after interface is disabled. The stats don't increment and remain same when the interface went down. PR1685344

When you change the hostname configuration, the change is not reflected in the RIFT output. Also when changes are made to the REDIS configuration, they are not applied until rift is restarted through "restart rift-proxyd". PR1686233

If MVRP is enabled on an MSTP enabled interface, the interface will be made part of all the existing instances on the switch, So, if there are two interfaces between R1 and R2 as below: R1(et-0/0/1 & et-0/0/2)======(et-0/0/1 & et-0/0/2)R2 And one interface is MVRP enabled (say et-0/0/1), and et-0/0/2 is not MVRP enabled. By configuration et-0/0/1 is part of MSTI-1 and et-0/0/2 is part of MSTI-2. MSTI-1 is running on vlan-100 and MSTI-2 is running on Vlan-200. R2 in this case, is advertising only vlan-100. The MVRP enabled interface will become part of all the MSTIs(MSTI-1 and MSTI-2 both) configured on the device and it will take part in the FSM of all the MSTIs. Although et-0/0/1 is not member interface of vlan-200(correspnding to MSTI-2). This potentially can cause a problem where et-0/0/1 although not a vlan-200 member, will go into FWD state and et-0/0/2, genuine member of vlan-200 goes into BLK state for MSTI-2. So, when traffic is received in vlan-200 it will be sent out of et-0/0/1, an it will be dropped.PR1686596

With sharding enabled, when BGP route is resolved over RSVP LSP, LSP name is not displayed in the output of the show route extensive command for inactive route. PR1687890

When an interface's configuration is changed between channelized and non-channelized modes and the PIC requires a bounce, rapid toggles between the two may result in the interface(s) not coming up. It is recommended to give the PIC time to complete its bounce and initialize the interfaces - at least 15 seconds - before issuing another configuration change for that interface. PR1688767

JNP10K-LC9600: G.8275.1: Synce to PTP and SyncE to 1PPS Transient Response not meeting G.8273.2 mask. PR1692202

JNP10K-LC9600: G.8275.1: PTP and PTP to PTP Noise transfer performance not meeting G.8273.2 mask. PR1692272

With Sharding enabled, BGP advertised metric are not displayed for active route in ?show route prefix extensive output. This information can be seen using the show route prefix extensive rib-sharding shard-name command. PR1692755

With Sharding enabled, BGP flags like the following are not displayed on Active route in the output of the show route extensive command: Accepted Multipath MultipathContrib MultiNexthop" Per shard view, using "show route extensive prefix rib-sharding shard-name" . PR1693207

On all Junos platforms supporting MPC10/11, due to a mismatch of API signature, the IPsec packets are not handed over to the Services Processing Card (eg. SPC3) for decryption and get dropped.PR1694942

When MX10004 and MX10008 chassis has a malfunctioning Line card plugged in, Upstream SyncE source interface will get stuck in abort state. PR1695156

We have traffic drop seen for some streams in intra-as srte color only ipv6 tunneling shard test on VMX10008/VMX304 with IPv6. This is working on VMX (MX960) and physical PTX10008(Vale) This is being investigated and will be fixed in the next release ( R2). PR1695669

MX10008 and MX10004: G.8275.1: PTP over AE: PTP clock goes into FREERUN instead of HOLDOVER upon disabling phase locked slave aggregate Ethernet interface. PR1696028

With JNP10K-LC2101 is backup/primary in a multi line card scenario, spikes can be seen in 2way time error during LAG switchover with primary and backup across the line cards.PR1696527

Spikes seen in 2way time error with JNP10K-LC2101 is either ptp backup or primary and any switchover is done. PR1697167

JNP10K-LC9600: G.8275.1: Noise generation performance fails post GRES. PR1697602

On MX platforms, traffic egressing on the IRB (Integrated routing and bridging) interface with the underlying L2 (layer2) access port has VLAN tags imposed incorrectly.PR1700321

When distributed multicast service is activated on several hundred subscribers, bbe-smg-upd process may crash. PR1700571

JNP10K-LC9600: G.8275.1: Multiple GRES operation resulting in huge time error. PR1701017

When you perform GRES with the interface em0 (or fxp0) disabled on the primary Routing Engine, then enable the interface on the new backup Routing Engine, the network is unable to access. PR1372087

When the MX virtual-chassis was upgraded by using the Sequential Upgrade method, there is the possibility that pfe provisioning might start before link training completes and all PICs are online. In such scenario, the IFD provisioning is preserved and if the preserved state is applied to the Packet Forwarding Engine before fabric training has completed and all of the pics have been powered on, ifd missing errors will be seen. PR1670345

MediaType value in SNMP/Jvision is not correct at the beginning after the switch comes up only for the DOWN interfaces where copper mediaType is connected till the link is not UP. This value is correct always in CLI output. You can bring the link up by connecting to the other side and restarting the dcd daemon to fix this issue. PR1671706

If a client sends a DHCP request packet, and option 55 includes PAD option (0), a DHCP ACK will not be sent back to the client. PR1201413

IPv4 ALQ not working with authentication and the following error message gets generated on the backup router: Message failed sanity test - the access-profile info is invalid. length:0. PR1688272

In case of the access-side interfaces used as SP-style interfaces, when a new logical interface is added and if there is already a logical interface on the physical interface, there is 20 to 50 miliseconds traffic drop on the existing logical interface. PR1367488

Ingress retries after lsp stay down for extended period of time or customer can clear lsp to speed up the retry. PR1631774

On all Junos OS platforms, if CCC (Circuit Cross-Connect) is configured to use a label-switched-path that is IGP routed, i.e., no-cspf and no ERO (explicit route object) configuration, then restarting egress CCC node or restarting FPC on the egress CCC node containing receive-switch configuration multiple times may cause CCC to remain stuck in Remote-if-down state. Traffic loss will be there. PR1694777

When you configure maximum-password-length and try to configure password whose length exceeds configured maximum-password-length, an error messgae gets generated and 'ok' tag also gets emitted. The configuration does not get committed. PR1585855

With given multi dimensional scale, if configuration is removed and restored continuously for more than 24 times, MX Trio based FPC may crash and restart. During the reboot, there can be traffic impact if backup paths are not configured. PR1636758

On all Junos OS platforms, a random IBGP (Interior Border Gateway Protocol) session flaps is observed immediately after committing unrelated configuration changes with the error BGP_IO_ERROR_CLOSE_SESSION and a connection reset.PR1685113

PVSTP protocol packets is getting duplicated when it tunnelled through Layer2 tunnelling protocol. Other protocol data units PDUs( STP,VTP,CDP ) are not impacted. PR1686331

In EVPN-VxLAN, traffic drop can be seen for some local CEs which are multihomed to at least one MX devices. PR1696106

When l2cpd (in the context of xSTP) clears the entries that it has programmed on ppmd, ie when you delete xSTP configs from the box, there can be a possibility of ppmd core. If ppmd is in distributed mode then there will be no service impact, else there can be service impact as packet transmission for various protocols will happen via if ppmd is in centralized mode. PR1660299

BGP LU statistics does not report correct statistics when sharding is enabled. This is not specific to BGP CT feature of this RLI. PR1684238

Junos OS release 22.3 and later, IS-IS yang gets uplifted to 1.0.0 version which has major change in existing OC path that was supported earlier. Since OC path has change, same need to reflected in translation script which is not done. As part of D27 release for cloud, translation script will be modified with newer OC path. Till then supported older OC config is broken. eventually D27 code will come back to DCB and things will work fine after that. PR1686751

When Lsys is configured with family route-target, there is a certain corner case scenario where Lsys shutdown does not complete on a deactivate logical-system. This will be fix in the next maintenance release. Manually, restart routing logical-system <name> can be used to force shutdown of Lsys.PR1695050

SR-TE secondary LSP should be only standby in forwarding table, however, it is also active and forwarding traffic due to the wrong metric calculation. PR1696598

When a configured tunnel interface is changed to another one, flow-tap-lite functionality stops working that is packets don't get mirrored to content destination. But, this problem is not consistently seen.PR1660588