Bug ID 1091441: Modifications to default port lists are lost after configuration reload

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3

Opened: Mar 30, 2022
Severity: 3-Major

Symptoms

Modifications to the two default port lists are lost after a full reload of the configuration: net port-list _sys_self_allow_tcp_defaults net port-list _sys_self_allow_udp_defaults For example, delete a port from a list and it will return to the list in the running configuration after a reload.

Impact

The running configuration is wrong and deletions made to the port-list are lost. When the port list in question is used, traffic handling behavior may differ from what is expected. For example, if the port list is used in a firewall policy, ports and services may become unexpectedly allowed or disallowed after a config reload.

Conditions

-- Default port list modified, and a default value from the port-list is removed. -- Configuration reload via "tmsh load sys config", loading UCS, mcpd forceload, or upgrade

Workaround

Do not modify the default port lists. Create a new port list and use that instead.

Fix Information

None

Behavior Change