Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.6.2 HF1, 11.4.0, 11.4.1
Fixed In:
11.6.0, 11.5.1 HF6, 11.4.1 HF6
Opened: Mar 28, 2014 Severity: 3-Major Related Article:
K15418
If an iRule or remote-logging profile is configured to send logging (HSL) and the destination address matches a network virtual, where network virtual is when mask is greater than /1 and less than /32 for IPv4 and less than /128 for IPv6, the virtual server will process the logging traffic.
Log messages might be lost.
This occurs when a network virtual which matches the remote-logging destination address.
Create a host virtual, where host virtual is when the mask is /32 for IPv4 and /128 for IPv6, which matches the HSL destination address and forwards the traffic to intended destination with SNAT automap enabled.
Remote-logging will never match a wildcard virtual server. In route-domain 0, remote-logging can only match a host virtual where the destination exactly matches the logging destination. For all other route-domains, remote-logging will continue to match network and host virtuals where the destination exactly matches the logging destination. There is no source matching.