Bug ID 480686: Packet loop in VLAN Group

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.2, 11.4.1 HF6

Opened: Sep 23, 2014
Severity: 3-Major
Related AskF5 Article:
K15781

Symptoms

On an active VIPRION or vCMP guest with a VLAN Group configuration, the CPU usage unexpectedly rises, and traffic flowing through the device may experience high latency and packet drops. A packet capture shows packets looping internally between VLAN members of the VLAN Group.

Impact

This results in high CPU usage and potentially unresponsive GUI. Traffic flowing through the VLAN Group may experience high latency and packet drops. The Self IP on the affected VLAN becomes almost impossible to reach.

Conditions

This occurs when using a VLAN Group (in Translucent or Transparent mode) on VIPRION hardware (including vCMP guest of a VIPRION), and an IP address conflict exists between the BIG-IP and another device on the VLAN Group. Note: The device causing the IP conflict may be unrelated to packets that are found looping in a packet capture.

Workaround

Disable vlangroup.flow.allocate db variable to prevent flow creation for vlangroup forwarded packets.

Fix Information

Internal vlangroup loop no longer occurs when the Translucent/Transparent vlangroup setting exists with a duplicate IP address.

Behavior Change