Last Modified: Oct 21, 2024
Affected Product(s):
F5OS F5OS-A
Fixed In:
F5OS-C 1.6.2, F5OS-A 1.8.0, F5OS-A 1.7.0
Opened: Dec 11, 2023 Severity: 2-Critical
When BIG-IP Next tenant is installed, a default route rule is added on host. If tenant management and host management IPs are on same subnet, then two similar rules are created with destination as same subnet. The tenant route rule is created with higher priority (metric 0) resulting any management egress traffic destination belonging to same subnet is going through tenant management interface instead of host management interface.
End users receiving traffic from appliance, will observe sender IP as tenant management interface instead of host management interface. Note: a. This issue will be observed only when host management & tenant management subnet is same and also destination to which data is sent is on same subnet. b. This impacts management plane traffic within the appliance's management subnets.
BIG-IP Next tenant is deployed on appliance.
N/A
N/A