Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.4.0, 11.4.1, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF6, 11.5.3 HF2
Opened: Feb 05, 2015 Severity: 3-Major
It is possible to have duplicated snat-translation addresses if one is explicitly created (named one) and the other is implicitly created when adding anonymous addresses to a snatpool.
As duplicated snat-translation addresses may exist, any change to an address entry that is assigned to an snatpool might not affect the right entry, for example, with the following snat-addresses: snat_address_01 address 1.2.3.1 1.2.3.1(anonymous) address 1.2.3.1 And the following snatpool: snat_pool { 1.2.3.1 1.2.3.2 } If there is a change in snat_address_01 (whose address is part of snat_pool (1.2.3.1)), then the actual snat_pool member (anonymous 1.2.3.1) will not be updated with the new setting, and there will be no effect.
No special conditions required other than to perform the configuration changes.
None.
The system now automatically converts anonymous addresses added to snatpool into named snat-translation objects if they exist.