Last Modified: Feb 11, 2025
Affected Product(s):
BIG_IP_NEXT(CM) TMOS
Known Affected Versions:
20.3.0
Opened: Sep 26, 2024 Severity: 3-Major
BIG-IP Next supports Virtual Routing and Forwarding (VRF), but it must be configured when the networks are being created. If you do not choose a default VRF this can lead to traffic issues later when applications are created.
No VLANs get marked as a default VRF, and this setting may be unchangeable after the instance is created.
Setting up networking for a new BIG-IP Next instance. When creating a new BIG-IP Next instance, you are prompted to set the instance's network settings, including Self IPs, VLANs, and L1 Networks. The VLANs section includes a checkbox labeled "Default VRF". This checkbox is unchecked by default and can lead to an empty list of L3 Networks.
If you do have any VLANS set as a Default VRF, you will not pass any traffic. When deploying an application, the application will use your Default VRFs by default, but you may select a different VRF if you have created multiple VRFs. When creating your isntance, check the "Default VRF" checkbox for VLANs as appropriate when creating a new instance. If you're uncertain which VLAN to select, select your instance's External VLAN.
None