Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Resolved Issues

Learn about the issues fixed in this release for vSRX.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Flow-based and Packet-Based Processing

  • In vSRX orphan backup sessions will exhaust session resources due to high backup session timeout value PR1846897

  • Type 5 VXLAN traffic drops are observed when SRX run as L3-VNI gateway and the ingress and egress traffic goes to the same Type-5 VXLAN peer PR1847419

  • Data Plane CPU on one device spikes up to 95% during primary node system reboot in SRX cluster PR1856521

  • SRX platforms drops MPLS traffic when "gre-performance-acceleration" knob is enabled PR1876356

General Routing

  • Crash dump on DNSF plugin observed on SRX platforms PR1816951

  • RTO traffic loss and accumulation of session on secondary node is observed when RTO traffic not evenly distributed to all FLT (Flow Thread) threads PR1819911

  • IKE SAs tunnel is down for IPv6 with IKEv1 on NFX350 PR1832087

  • Dedicated-offload-cpu requires a full restart of vSRX 3.0 in 24.4R1 PR1842550

  • Auto-re-enrollment for local certificate once fail, not trigger again on SRX platforms PR1845573

  • vSRX3.0 kernel panic when deployed in Qemu version 8.1 and above PR1845886

  • PIM IP ESP packet fragments dropped in SRX platform PR1854130

  • Split brain scenario is observed on vSRX3.0 with public cloud MNHA deployment PR1855010

  • Cloud Instances (GCP/Azure/AWS): Missing vCPU After Downgrading from Image 25.2 to Lower Versions PR1871397

  • The srxpfe process crash is observed on vSRX platform after set disable on the ge- interface and then rollback PR1874848

  • On vSRX3.0 platforms, MNHA link fails to come up when MNHA ICL tunnel is enabled alongside dedicated-offload-cpu PR1875491

  • [SRX_TYPE_5_USECASE] When source and dest VRF is present in match criteria of a security policy, policy match does not work for vxlan traffic PR1884150

Platform and Infrastructure

  • FTP default mode changed from active to passive on 24.2R2 PR1874525

Routing Policy and Firewall Filters

  • Failed inter-process communication results in higher heap and buffer usage which impacts the functionality of processes PR1823591

Routing Protocols

  • Updating a source-file to load ROAs should be done by changing the name of the source file PR1853025

VPNs

  • ICL link encryption should be used for connection between pub-broker sub-broker with loopback interface IP's should be used with to avoid IPsec session sync failure between master and backup MNHA devices. PR1840788

  • L3MNHA with SRG1 IPSEC : "show chassis high-availability information" cli says SRG1 control plane state as Ready eventhough ICL connection between Pub-Broker Sub-broker is not established properly and IPsec sessions are not syncing between Master and Standby MNHA peers. PR1840803

  • IPSEC tunnel distribution table on the RE is not cleaned up hitting SRXPFE coredump eventhough DPD is configured. PR1850526

  • On vSRX 3.0 platform IPSec tunnels do not redistributed with dedicated-offload-cpu knob enabled PR1860693