Bug ID 450794: VE devices working in AWS can lose DNS resolver information if DHCP Options Set of VPC is not correctly configured on AWS.

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4

Fixed In:
11.6.0, 11.5.1 HF5

Opened: Feb 28, 2014
Severity: 2-Critical

Symptoms

Virtual Edition (VE) devices working in AWS can fail to obtain, and in some cases lose (unpredictably) their DNS resolver information and thus become unable to look up any DNS names when attempts are made to call external servers by name.

Impact

BIG-IP will be unable to make any API calls to EC2. In particular this affects high availability (HA) functionality of BIG-IP systems. For example, when, during failover, VIPs from one instance's interface are moved to another instance's interface. In this circumstance a failover does occur, but EC2 routes all IP traffic destined for the traffic group's VIPs to the BIG-IP system on which the traffic group was previously active.

Conditions

VE devices working in AWS.

Workaround

- In your VPC, go to 'DHCP Options sets'. - Create a new 'DHCP Options Sets' and configure domain-name as per the AWS documentation for DHCP Options Sets and domain-name-servers = AmazonProvidedDNS. - Modify your VPC to use these 'DHCP Options Sets' instead of the defaults.

Fix Information

An issue with handling DHCP information in virtual environments has been corrected.

Behavior Change