Bug ID 1071701: VE rate limit should not count packet that does not have a matched vlan or matched MAC address

Last Modified: Oct 24, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1

Fixed In:
15.1.6.1

Opened: Jan 06, 2022

Severity: 3-Major

Symptoms

Virtual Edition (VE) Rate limit counts packets that are not intended for BIG-IP.

Impact

If you do not have an unlimited license for a Virtual Edition device, you cannot use VLAN tags or MAC Masquerading without a greatly increased risk of running out of licensed bandwidth. Even if you are not using any service, BIG-IP counts all traffic seen on the interface against the license. Due to VMWare's switch design you have to expose the device to all of the traffic to use those two features.

Conditions

-- Rate-limited license in BIG-IP Virtual Edition (VE) -- Promiscuous mode is enabled

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips