Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.6.2 HF1, 11.2.0, 11.2.1, 11.4.0, 11.4.1
Fixed In:
11.6.0, 11.5.1 HF6
Opened: Feb 14, 2014 Severity: 3-Major
The global iRule command "nexthop" is used to set the nexthop of a flow to specific VLANs, but it does not support setting the nexthop to tunnel interfaces.
Tunnel interfaces cannot be used in the same way as VLANs.
This occurs in all cases.
None.
Tunnel interfaces can be used by iRule nexthop/lasthop commands to set a flow's nexthop/lasthop behaviors. 1. To send traffic to the tunnel, use "nexthop tun0 ..." on CLIENT_ACCEPTED iRule event, or "lasthop tun0 ..." on SERVER_CONNECTED iRule event. 2. A point-to-point tunnel can be supplied with an IP address, although it does not have an effect. 3. A wild-card tunnel can be supplied with the IP address of the remote-point to build the tunnel on the fly.