Bug ID 1060541: Increase in bigd CPU utilization from 13.x when SSL/TLS session resumption is not utilized by HTTPS pool members due to Open SSL upgrade

Last Modified: Feb 14, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 17.0.0.1, 17.0.0.2

Opened: Nov 09, 2021

Severity: 3-Major

Symptoms

The bigd process uses more CPU than it did in previous versions when HTTPS monitors are used for pool members and the pool members do not resume the SSL/TLS session. This is due to upstream changes in the OpenSSL library.

Impact

High CPU utilization.

Conditions

-- HTTPS monitors. -- Pool members that do not allow or are not using TLS/SSL session resumption.

Workaround

Ensure the pool members have SSL/TLS session resumption enabled.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips