Bug ID 435335: SSL proxy session ID cache does not respect limit set by tmm.proxyssl.cachesize

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1

Fixed In:
11.6.0, 11.5.3, 11.4.1 HF9

Opened: Oct 25, 2013
Severity: 3-Major
Related AskF5 Article:
K16038

Symptoms

After setting tmm.proxyssl.cachesize to a non-default value and restarting TMM, the new maximum size is not respected, either causing too many or too few entries to be retained. This can lead to memory exhaustion over time.

Impact

The setting has no effect, so if it is being used to avoid low-memory conditions, the low-memory conditions persist.

Conditions

Proxy SSL feature enabled with non-default tmm.proxyssl.cachesize value set.

Workaround

None

Fix Information

The tmm.proxyssl.cachesize and tmm.proxyssl.bucketcount settings are now respected when set and TMM has been restarted after the new values have been set.

Behavior Change