Bug ID 934697: Route domain is not reachable (strict mode)

Last Modified: Jul 23, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
16.1.2.1, 16.1.2, 16.1.1, 16.1.0, 16.0.1.2, 16.0.1.1, 16.0.1, 16.0.0.1, 16.0.0, 15.1.5, 15.1.4.1, 15.1.4, 15.1.3, 15.1.2.1, 15.1.2, 15.1.1, 15.1.0.5, 15.1.0.4, 15.1.0.3, 15.1.0.2, 15.1.0.1, 15.1.0, 15.0.1.4, 15.0.1.3, 14.1.4.5, 14.1.4.4, 14.1.4.3, 14.1.4.2, 14.1.4.1, 14.1.4, 14.1.3.1, 14.1.3, 14.1.2.8, 13.1.4.1, 13.1.4, 13.1.3.6, 13.1.3.5, 13.1.3.4

Fixed In:
17.0.0, 16.1.3, 15.1.6.1, 14.1.5

Opened: Aug 10, 2020

Severity: 3-Major

Symptoms

Network flows are reset and following errors are found in /var/log/ltm: Route domain not reachable (strict mode).

Impact

Traffic is not sent to the node that is in a route domain. The iRule 'node' method and/or LTM policy 'node' specification require a route_domain to be specified in order for the traffic to be sent to a node that is assigned to a route domain.

Conditions

This might occur in either one of the following scenarios: Scenario 1 ========== -- LTM with iRules configured. -- The iRule directs traffic to a node that is in a route domain. or Scenario 2 ========== -- LTM with an LTM policy configured. -- The policy directs traffic to a node that is in a route domain. Other ===== Tunnel scenario's such as IPSec where client and encrypted traffic are in different route domains.

Workaround

Specify the node along with Route Domain ID. -- For iRules, change from this: when HTTP_REQUEST { node 10.10.10.10 80 } To this (assuming route domain 1): when HTTP_REQUEST { node 10.10.10.10%1 80 } -- For LTM policies, change from this: actions { 0 { forward select node 10.2.35.20 } } To this (assuming route domain 1): actions { 0 { forward select node 10.2.35.20%1 } }

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips