Bug ID 1090449

Bug Tracker
ID 1090449

Bug ID 1090449: IPsec: Turn down pfkey logging

Last Modified: Oct 04, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1

Fixed In:
17.1.0

Opened: Mar 28, 2022

Severity: 4-Minor

Symptoms

A lot of pfkey messages are observed in the log file ipsec.log.

Impact

Excessive pfkey messages are logged.

Conditions

This occurs at the debug2 log level.

Workaround

None

Fix Information

Protected pfkey messages under ipsec.debug.pfkey.msg DB variable. 1. Set ipsec.debug.pfkey.msg value 1 --pfkey logging seen in ipsec.log file 2. Set ipsec.debug.pfkey.msg value 0 --pfkey logging not seen in ipsec.log file

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips