Bug ID 449100: Extend iRule nexthop command to tunnel

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.0, 11.2.1, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5

Fixed In:
11.6.0, 11.5.1 HF6

Opened: Feb 14, 2014
Severity: 3-Major

Symptoms

The global iRule command "nexthop" is used to set the nexthop of a flow to specific VLANs, but it does not support setting the nexthop to tunnel interfaces.

Impact

Tunnel interfaces cannot be used in the same way as VLANs.

Conditions

This occurs in all cases.

Workaround

None.

Fix Information

Tunnel interfaces can be used by iRule nexthop/lasthop commands to set a flow's nexthop/lasthop behaviors. 1. To send traffic to the tunnel, use "nexthop tun0 ..." on CLIENT_ACCEPTED iRule event, or "lasthop tun0 ..." on SERVER_CONNECTED iRule event. 2. A point-to-point tunnel can be supplied with an IP address, although it does not have an effect. 3. A wild-card tunnel can be supplied with the IP address of the remote-point to build the tunnel on the fly.

Behavior Change