Bug ID 437026: Enhanced SQL monitor logging may cause change in packet-level behavior

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Fixed In:
11.6.0

Opened: Nov 07, 2013
Severity: 3-Major

Symptoms

For applications relying on a specific SQL packet-level result sequence from the SQL monitor, changes made to the SQL monitor may change the nature of the network packets received.

Impact

No impact to those not introspecting the SQL network packets, as the monitor results will be visibly unchanged. Logging will record more information. A change in the format and contents of the raw network packets may make diagnostic tools or iRules unable to parse the packet contents.

Conditions

Querying a result to be returned by the SQL server and using the packet-level results in an iRule or other network diagnostic tool.

Workaround

Ignore network introspection, or modify the introspection filter/script to take into account new packet format. Example: Add a SQL return statement in their mssql monitor "send" string on v11.5.3 ltm monitor mssql /Common/VIEW_sql_event_db_pod2 { count 0 database evdb debug yes defaults-from /Common/mssql destination *:* interval 60 password <pw> recv test send "SELECT * FROM [evdb].[dbo].[Connected_View]; return;" <<<<<<<<<<<<<<< time-until-up 0 timeout 181 username <user> } This solves the problem and makes the iRule to work fine also on v11.5.3 HF2.

Fix Information

When bigd.debug is enabled, the monitor can log the query message, response received from the server, and the expected string to the /var/log/DBDaemon.log file.

Behavior Change