Last Modified: May 13, 2026
Affected Product(s):
BIG-IP DNS
Known Affected Versions:
17.1.3, 17.1.3.1, 17.1.3.2, 17.5.1.3, 17.5.1.4, 17.5.1.5, 17.5.1.6, 21.0.0, 21.0.0.1
Opened: Mar 27, 2026 Severity: 3-Major
After setting gtm virtual server that has a BIG-IP (or bigip-link) monitor associated with it to 'disabled', and then performing any action that causes the gtm monitor list to be recalculated (adding a monitor, deleting a monitoring, establishing or disonnecting an iquery connection, adding a gtm server, removing a gtm server, or any other actions that result in the association of gtm monitors to their responsible gtmd process to be rebuilt), the virtual servers that were in a disabled start are no longer monitored at all, and show a down reason of of 'no reply from big3d: timed out' and a "offline/disabled" state, even after re-enabling that virtual server Log messages similar to these may be seen in /var/log/gtm: bigipdns.local alert gtmd[21078]: 011ae0f2:1: Monitor instance /Common/bigip 10.1.1.192:80 UP --> DOWN from /Common/bigipdns (no reply from big3d: timed out) bigipdns.local alert gtmd[21078]: 011a6006:1: SNMP_TRAP: virtual server vs2 (ip:port=10.1.1.192:80) (Server /Common/bigipltm) state change green --> red ( Monitor /Common/bigip : no reply from big3d: timed out: disabled directly)
Virtual servers in this stated move from "available/disabled" (black circle icon on GUI) to "offline/disabled" (black rhombus icon on GUI), and are not monitored and not available for use in DNS replies. Once this problem has occurred, those disabled virtual servers remain unavailable, even after re-enabling then, and show a state of "offline/enabled" (red rhombus icon in the GUI)
All of the following conditions need to be met. -- The DNS system monitors a remote LTM device (or gtm link) and its virtual servers. -- DNS system has the BIG-IP or bigip-link monitor types assigned to those virtual servers (automatic if the gtm server type is 'bigip') -- There is at least one disabled virtual servers in the LTM device object. -- The "Monitor Disabled Objects" setting under "DNS >> Settings : GSLB : General" is unchecked (default). -- A change is made the DNS configuration or state that results in the monitor list being recalculated. The issue can be triggered by either of the following sequences: - Disabling and then re-enabling a GTM Link, after which some or all associated virtual servers remain down until big3d is restarted. - Re-establishing iQuery and then re-enabling the "link"; in some environments, all VSes may remain disabled after this sequence.
To recover already-affected virtual servers, on the DNS system, temporarily assign any DNS monitor object to the affected virtual server (not to the gtm server obejct), and then remove that monitor again. For example: # tmsh modify gtm server bigipltm virtual-servers modify { vs1 { monitor gateway_icmp } vs2 { monitor gateway_icmp } } # tmsh modify gtm server bigipltm virtual-servers modify { vs1 { monitor none } vs2 { monitor none } } # tmsh save /sys config gtm-only Alternatively, restart the gtmd process on all members of the DNS sync group (this will cause all iquery connections to have to reconnect, and may trigger some monitored targets to be briefly marked down and should therefore be performed during a short maintenance window) # tmsh restart sys service gtmd To avoid this issue occurring again, set the configuration setting "gtm global-settings general monitor-disabled-objects" parameter to "yes". # tmsh modify /gtm global-settings general monitor-disabled-objects yes # tmsh save /sys config gtm-only
None