Bug ID 519216: Abnormally high CPU utilization from external SSL/OpenSSL monitors

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0, 11.6.1, 11.5.4 HF2

Opened: Apr 21, 2015
Severity: 3-Major
Related AskF5 Article:
K17334

Symptoms

The BIG-IP system may experience high CPU utilization when SSL/OpenSSL monitors are used to obtain availability status for 30 or more pool members.

Impact

High CPU utilization reported with potential performance degradation.

Conditions

External SSL monitors using OpenSSL. This includes but is not limited to EAV, ldap, sip, soap, firepass, snmpdca, real-server, wmi, virtual-location. Builtin monitors are not affected, e.g., https, inband.

Workaround

To work around this issue, you can use a different type of monitor to obtain pool member availability status. Impact of workaround: Performing the recommended workaround should not have a negative impact on your system.

Fix Information

The CPU utilization is reduced when SSL/OpenSSL monitors are used to obtain availability status for 30 or more pool members.

Behavior Change