Bug ID 471324: SNAT list enabling on empty VLAN list still translates

Last Modified: Mar 21, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4

Fixed In:
12.0.0

Opened: Jul 11, 2014
Severity: 3-Major
Related AskF5 Article:
K15805

Symptoms

SNAT translation happens though SNAT list is configured with 'vlans enabled' on 'vlans none'. For example, having the configuration as follows, tmsh list ltm snat ltm snat default_snat { origins { 0.0.0.0/0 { } } translation /Common/10.10.10.20 vlans-enabled } This is not expected to translate, since vlans are not specified.

Impact

Translation is not getting disabled.

Conditions

Having the snat list as follows, with vlans enabled flag and no vlans specified. tmsh list ltm snat all-properties ltm snat default_snat { app-service none auto-lasthop default description none metadata none mirror disabled origins { 0.0.0.0/0 { app-service none } } partition Common source-port preserve translation /Common/10.10.10.20 vlans none vlans-enabled }

Workaround

Work around is to have "vlans disabled" with the list of all vlans to be disabled.

Fix Information

SNAT list enabling on empty VLAN list no longer translates. This is correct behavior.

Behavior Change