Last Modified: May 29, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
14.1.0, 14.1.0.1
Fixed In:
15.0.0, 14.1.0.2
Opened: Jan 16, 2019 Severity: 2-Critical
Ignored suggestions for Multiple decoding or HTTP Protocol Settings present after upgrading a unit to 14.1.0 can cause the asm_config_server and pabnagd processes to enter restart loops.
-- Multiple asm_config_server restarts. -- System instability, including inability to manage ASM settings or use traffic learning. -- No local logging.
1) On a 13.1.x system send traffic that will generate suggestions for Max Decoding Passes, Maximum Headers, and/or Maximum Parameters. 2) Set those Suggestions to be Ignored. 3) Upgrade to 14.1.0.
You can use either of the following workarounds: A) Delete any such ignored suggestions using the following SQL command: > DELETE FROM PL_SUGGESTIONS WHERE element_type IN (7,193,75); B) Delete any such ignored suggestions before upgrade using the GUI/REST/SQL.
The system now handles removed Entity types during upgrade for Ignored Suggestions: Ignored suggestions for Multiple decoding or HTTP Protocol Settings are removed during upgrade. You must reconfigure the Ignore settings after upgrade.
Refactoring in 14.1.0 modified the functionality of the following Entity types: Max Decoding Passes, Maximum Headers, and/or Maximum Parameters. Ignored suggestions for Multiple decoding or HTTP Protocol Settings are removed during upgrade, so you must reconfigure the Ignore settings after upgrade.