Bug ID 1067669: TCP/UDP virtual servers drop all incoming traffic.

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP GTM, LTM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,

Fixed In:
17.0.0, 16.1.4, 15.1.9

Opened: Dec 13, 2021

Severity: 2-Critical


-- Incoming TCP/UDP traffic is not processed by virtual servers on the BIG-IP system. Instead, legitimate traffic appears to be dropped by the BIG-IP system. -- A tcpdump taken on the BIG-IP system shows the traffic arriving on VLAN 0 instead of the actual VLAN. -- Inspection of the dns_rapid_response_global tmstat table shows many entries in the failed_ifc column.


All TCP/UDP virtual servers fail to process incoming traffic.


-- Using a BIG-IP 2000, 4000, or VE device. -- Using a trunk with an untagged VLAN. -- Using a virtual server with a dns profile configured for rapid-response.


You can work around this issue by performing any one of the following actions: -- Avoid using an untagged VLAN with your trunks. -- Avoid using a trunk if you cannot avoid using untagged VLANs. -- Disable rapid-response in all dns profiles (this option is disabled by default).

Fix Information

TCP/UDP traffic is no longer dropped under the conditions described in this article.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips