Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.4.0, 11.4.1, 11.5.0
Fixed In:
11.6.0, 11.5.1, 11.4.1 HF4, 11.4.0 HF6
Opened: Dec 02, 2013 Severity: 3-Major Related Article:
K15256
When asynchronous commands are used in iRules in both the SERVER_CLOSED and CLIENT_CLOSED, it is possible for the flows to be left allocated. These flows are left in the flow table (and will appear in tmsh show sys conn), and can possibly match new client flows but will not pass traffic.
Increased memory usage leading to a possible outage after time; new flows from the same client port may match this flow and be silently dropped by the BIG-IP.
Asynchronous commands must be executed in both SERVER_CLOSED and CLIENT_CLOSED on UDP VIPs.
Don't use asynchronous commands in iRules in both CLIENT_CLOSED and SERVER_CLOSED. After the error occurs, the only correction is to restart tmm.
Flows with asynchronous iRule commands in CLOSED events will be cleaned up normally, and will not match any new requests.