Last Modified: Feb 25, 2026
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 16.1.6.1, 17.0.0, 17.0.0.1, 17.0.0.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3, 17.1.3.1, 17.5.1.4
Opened: Jul 25, 2023 Severity: 4-Minor
After failover, newly active BIG-IP does not refresh the server nexthop or lasthop value when a routing change occurs.
Connection failure until the flow entry is deleted.
-- BIG-IP in high availability (HA) scenario with connection mirroring. -- A network failure triggers a failover and also stops the newly active from reaching the server nexthop. -- A routing change (eg: bgp peering timeout) occurs which should trigger a recalculation of the server nexthop mac-address. -- BIG-IP devices having different egress interface subnets/gateway going towards the affected destination IP.
Leverage /config/failover/active (K6008) to automatically delete the affected connflows. Remove connection mirroring. Reconfigure network so that active and standby have equal access to the network in the event of failure. Use VRRP/HSRP or similar on the downstream network.
None