Bug ID 504899: Duplicated snat-translation addresses are possible (a named and an anonymous (created by snatpool) one)

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5

Fixed In:
12.0.0, 11.6.0 HF6, 11.5.3 HF2

Opened: Feb 05, 2015
Severity: 3-Major

Symptoms

It is possible to have duplicated snat-translation addresses if one is explicitly created (named one) and the other is implicitly created when adding anonymous addresses to a snatpool.

Impact

As duplicated snat-translation addresses may exist, any change to an address entry that is assigned to an snatpool might not affect the right entry, for example, with the following snat-addresses: snat_address_01 address 1.2.3.1 1.2.3.1(anonymous) address 1.2.3.1 And the following snatpool: snat_pool { 1.2.3.1 1.2.3.2 } If there is a change in snat_address_01 (whose address is part of snat_pool (1.2.3.1)), then the actual snat_pool member (anonymous 1.2.3.1) will not be updated with the new setting, and there will be no effect.

Conditions

No special conditions required other than to perform the configuration changes.

Workaround

None.

Fix Information

The system now automatically converts anonymous addresses added to snatpool into named snat-translation objects if they exist.

Behavior Change