Bug ID 425033: overlapping LSN-pools may result in non-unique translations

Last Modified: Nov 22, 2021

Affected Product(s):
BIG-IP CGN(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF6

Opened: Jul 11, 2013

Severity: 3-Major


A DNAT configuration may be written to the LTM log (and used for reverse mapping an address) that reverse maps to two different source addresses, depending on which DNAT configuration text is used to reverse map.


Non-unique reverse mappings.


If you configure lsn-pools, assigns to virtuals, and passes traffic through those virtuals that have lsn-pools with overlapping translation ranges. An example would be and, with source ranges of and Or the translation ranges may be identical. The result is that two different source ranges use the same translation space. The config for each will be logged in the ltm log. This is not a problem if the same lsn-pool is assigned to multiple virtual servers, even if those virtual servers have different source ranges. (That is a correct configuration.)


Do not use overlapping translation ranges in two different lsn-pools in deterministic mode. (The same lsn-pool may safely be assigned to multiple virtuals with different source ranges or ports.)

Fix Information

Validation will now prevent LSN pools with overlapping prefixes from being configured.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips