Bug ID 496498: Firewall rule compilation will fail in certain scenario when there are multiple scheduled AFM rules and one of the non scheduled AFM rule is modified.

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AAM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.2

Opened: Dec 13, 2014
Severity: 3-Major

Symptoms

Firewall rule compilation will fail and following message will appear in /var/log/ltm: Serialization failed: No Blobs available. pktclass-daemon will transit in the failed state and any further firewall rule modifications will be rejected till the corrective action is taken.

Impact

Firewall rule compilation will fail and pktclass-daemon will go into failed state causing any further firewall rule update to be ignored till user-initiated corrective action is taken.

Conditions

For this issue to manifest, following conditions may suffice: i) Presence of multiple scheduled firewall rules (expiring at different intervals). ii) Presence of non scheduled firewall rules. iii) Modify any non scheduled firewall rules in between the time interval of expiry to any 2 scheduled rules.

Workaround

None

Fix Information

The aforementioned incorrect behavior has been fixed.

Behavior Change