Bug ID 480686: Packet loop in VLAN Group

Last Modified: Oct 16, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 11.5.1, 11.5.0, 11.4.1, 11.4.0, 11.3.0

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.2, 11.4.1 HF6

Opened: Sep 23, 2014

Severity: 3-Major

Related Article: K15781

Symptoms

On an active VIPRION or vCMP guest with a VLAN Group configuration, the CPU usage unexpectedly rises, and traffic flowing through the device may experience high latency and packet drops. A packet capture shows packets looping internally between VLAN members of the VLAN Group.

Impact

This results in high CPU usage and potentially unresponsive GUI. Traffic flowing through the VLAN Group may experience high latency and packet drops. The Self IP on the affected VLAN becomes almost impossible to reach.

Conditions

This occurs when using a VLAN Group (in Translucent or Transparent mode) on VIPRION hardware (including vCMP guest of a VIPRION), and an IP address conflict exists between the BIG-IP and another device on the VLAN Group. Note: The device causing the IP conflict may be unrelated to packets that are found looping in a packet capture.

Workaround

Disable vlangroup.flow.allocate db variable to prevent flow creation for vlangroup forwarded packets.

Fix Information

Internal vlangroup loop no longer occurs when the Translucent/Transparent vlangroup setting exists with a duplicate IP address.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips