Bug ID 451507: Standby unit may continue to respond to ARP after failover

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2

Fixed In:
11.6.0, 11.5.1 HF3, 11.5.0 HF4, 11.4.1 HF4

Opened: Mar 06, 2014
Severity: 3-Major
Related AskF5 Article:
K15346

Symptoms

The BIG-IP system may incorrectly respond to Address Resolution Protocol (ARP) requests after entering standby state.

Impact

Connection requests to virtual servers, secure network address translations (SNATs), and network address translations (NATs) may be sent to the standby BIG-IP system. Packet captures show that the standby BIG-IP system incorrectly responds to ARP traffic. For more information, see SOL15346: The BIG-IP system may incorrectly respond to ARP requests after entering standby state on AskF5.

Conditions

This occurs when the BIG-IP system has transitioned to standby and the 'next_active' device is unknown (for example, after experiencing a gateway failsafe event).

Workaround

Disable gateway fail-safe

Fix Information

When entering standby due to a failover condition, the BIG-IP system no longer incorrectly responds to ARP requests.

Behavior Change