Bug ID 519216: Abnormally high CPU utilization from external SSL/OpenSSL monitors

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0, 11.6.1, 11.5.4 HF2

Opened: Apr 21, 2015

Severity: 3-Major

Related Article: K17334

Symptoms

The BIG-IP system may experience high CPU utilization when SSL/OpenSSL monitors are used to obtain availability status for 30 or more pool members.

Impact

High CPU utilization reported with potential performance degradation.

Conditions

External SSL monitors using OpenSSL. This includes but is not limited to EAV, ldap, sip, soap, firepass, snmpdca, real-server, wmi, virtual-location. Builtin monitors are not affected, e.g., https, inband.

Workaround

To work around this issue, you can use a different type of monitor to obtain pool member availability status. Impact of workaround: Performing the recommended workaround should not have a negative impact on your system.

Fix Information

The CPU utilization is reduced when SSL/OpenSSL monitors are used to obtain availability status for 30 or more pool members.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips