Bug ID 469129: pccd could crash compiling a firewall policy with rules having large number of IP addresses

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
11.6.2 HF1

Fixed In:
11.6.0, 11.5.1 HF4

Opened: Jun 26, 2014

Severity: 2-Critical

Symptoms

pccd crashes when compiling a firewall policy with 1750 Rules each having 10 source and 10 destination IP addresses

Impact

policy compilation fails.

Conditions

firewall policy with 1750 Rules each having 10 source and 10 destination IP addresses

Workaround

None

Fix Information

Fixed a bug where the a crash could occur when compiling a firewall policy with a large number of IP addresses. Compiling such a policy can take several hours; to reduce compilation time set the variable pccd.hash.load.factor value to 25.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips