Specifications
Routing Policy and Firewall Filters
•
In the BGP environment, if operator "!" exists in the regex for as-path, the commit
operation fails. PR1040719
Services Applications
•
Added support to bring up Tunnel-switched sessions when tunnel-group is not
configured at LTS and tunnel attributes are returned from RADIUS. PR1030799
•
When NAT has multiple terms that refer to the same NAT Pool, the command 'show
snmp mib walk jnxSvcsMibRoot ascii' always prints out jnxNatPoolTransHits for the
count of jnxNatRuleTransHits in the first term. PR1035635
•
The cause of the KMD crash is not known. This is not due to SA (Security Association)
memory corruption. The code sees that SA is getting freed without clearing the table
entry. PR1036023
•
When the tunnel between L2TP access concentrator (LAC) and L2TP network server
(LNS) is destroyed, the tunnel information will be maintained until destruct-timeout
expire (if the destruct-timeout is not configured, the default value is 300 seconds). If
the same tunnel is restarted within the destruct-timeout expire, the LNS will use the
previously negotiated non default UDP port, which might lead to the tunnel negotiation
failure. PR1060310
Subscriber Access Management
•
The MX960 will send out error message when it processes idle-timeout. PR1041654
VPNs
•
For VPLS over VPLS topology, when the VPLS payload has two labels
(Customer-VPLS-label and Customer-MPLS-label), the frame might be dropped by
the core facing interface hosted on IQ2 PIC with "L2 mismatch timeout" error. This
particular scenario is fixed. But there are some other worse scenarios which might hit
this issue again due to the system architecture limitation, which are not fixed but need
to avoid: * Addition of VLAN tags on Service provider's or CE's VPLS payload e.g.
configuring QinQ. * Addition of MPLS tags on Service provider or CE's VPLS payload.
* Enabling VPLS payload load balancing on Service provider's PE router. PR1038103
•
In NG MVPN, after the route to C-RP flaps, traffic loss might be seen for a short period
of time. PR1049294
•
In NG-MVPN scenario, when a source is directly connected to a PE that is acting as an
RP stops sending the traffic, the PE never withdraws the Type 5 route. This causes the
Type 7 routes and forwarding routes to remain on the egress and ingress PEs. PR1051799
•
In L2VPN scenario with local switching enabled, in corner cases, the rpd process might
crash after flapping the PE-CE link. For example, if the L2VPN connection type changes
from remote to local after link flaps, for a brief period of time, two route entries (for
old remote VC connection and for the new local VC connection) might exist for the
same egress route (with interface name as destination prefix). In that case, when
deleting remote VC connection and route entry associated with that remote connection,
89Copyright © 2015, Juniper Networks, Inc.
Resolved Issues