Bug ID 1023817: Misleading "Enabling NAT64 for virtual server with security NAT policy configured is redundant/not required." warning

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP AFM, CGN, TMOS(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3

Fixed In:
17.0.0, 15.1.5.1

Opened: Jun 08, 2021
Severity: 4-Minor

Symptoms

While loading the configuration or specifying that NAT64 should be disabled on a virtual server, a warning is displayed or logged: "Enabling NAT64 for virtual server with security NAT policy configured is redundant/not required." This warning should only be displayed when a virtual server has both NAT64 enabled and a security NAT policy present, but may occur incorrectly even when NAT64 is disabled.

Impact

An erroneous warning is logged. It can be safely ignored.

Conditions

This warning may be incorrectly generated when all of these conditions are met: -- a multi-bladed VIPRION -- virtual servers in the configuration security NAT policies -- receiving a ConfigSync from a peer, or running "tmsh load sys config" on the primary blade

Workaround

None

Fix Information

The warning message is now only generated when both NAT64 and a security NAT policy are present on a virtual server.

Behavior Change