Bug ID 793669

Bug Tracker
ID 793669

Bug ID 793669: FQDN ephemeral pool members on high availability (HA) pair does not get properly synced of the new session value.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5

Fixed In:
16.1.0, 15.1.5.1, 14.1.4.6, 13.1.5

Opened: Jun 14, 2019

Severity: 3-Major

Symptoms

On a high availability (HA) paired device group configuration, where there are FQDN nodes as pool members in a pool, when the pool member is enabled or disabled on one device, and with config-sync, the other device does not fully update the peer. The template node gets updated with the new value, but the ephemeral pool member retains the old value.

Impact

FQDN pool member enabling/disabling is not being fully propagated to the other device after config-sync.

Conditions

Steps to Reproduce: 1. Configure HA, specifically a Device group (for example, Failover) with two BIG-IP systems. 2. Create an HTTP pool (TEST_FQDN_POOL) and FQDN Pool Member on both systems. 3. Wait for the FQDN pool member to report as AVAIL_GREEN and the ephemeral node as AVAIL_BLUE on both systems. 4. Tmsh login to any of the systems. 5. Run the command: tmsh run cm config-sync to-group Failover 6. Run the command: tmsh modify ltm pool TEST_FQDN_POOL members modify { example.com:http { session user-disabled } } 7. Run the command: tmsh run cm config-sync force-full-load-push to-group Failover

Workaround

Delete the fqdn node from the pool and add it back.

Fix Information

FQDN ephemeral pool members are now in sync and disabled on the high availability (HA) peer.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips