Last Modified: May 07, 2026
Affected Product(s):
BIG-IP AFM, BIG-IQ, TMOS
Fixed In:
17.5.1.6, 17.1.3.2
Opened: Sep 30, 2025 Severity: 3-Major
Pushing large AFM rule sets from BIG-IQ to BIG-IP greatly increases response processing time, exceeding the default Apache HTTPD timeout and causing a 502 error on BIG-IQ.
BIG-IQ receives a 502 error from BIG-IP when deploying AFM rules.
Occurs when, - AFM is provisioned on the device. - The device has a large AFM rule set. - BIG-IQ encounters a 502 error when communicating with BIG-IP.
1. Apply the required sys db parameters: modify sys db provision.extramb value 8192 modify sys db icrd.timeout value 600 modify sys db restjavad.timeout value 600 modify sys db restnoded.timeout value 600 modify sys db provision.restjavad.extramb value 4096 modify sys db provision.tomcat.extramb value 1024 2. Update and verify HTTPD timeout: grep -E '^Timeout[[:space:]]+[0-9]+' /etc/httpd/conf/httpd.conf sed -i 's/^Timeout <timeoutValue>$/Timeout 900/' /etc/httpd/conf/httpd.conf Example: ????? # grep -E '^Timeout[[:space:]]+[0-9]+' /etc/httpd/conf/httpd.conf Timeout 300 # sed -i 's/^Timeout 300$/Timeout 900/' /etc/httpd/conf/httpd.conf # grep -E '^Timeout[[:space:]]+[0-9]+' /etc/httpd/conf/httpd.conf Timeout 900? 3. Restart HTTPD bigstart restart httpd
Added support for configuring the HTTPD request timeout via tmsh: tmsh modify sys httpd request-timeout 900