Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0, 11.6.0 HF6
Opened: May 04, 2015 Severity: 3-Major Related Article:
K16751
There is a memory leak that causes the Authentication Token worker to run Out of Memory after approximately 27,000 token requests, when running with 96 MB image on a BIG-IP system. Any service might receive the OutOfMemory exception, so the external symptoms might vary (e.g., Socket failure, Bad Gateway, and others). To identify this issue, check for Out Of Memory exceptions in /var/log/restjavad.0.log.
It takes a long time to log in 27,000 times, when logons come in through the GUI.
This usually occurs when scripting against the rest interface. On a vCMP guest, guestagentd generates an authentication token every 90 seconds so that hostagentd on the vCMP hypervisor can make periodic REST calls to the guest. This info is used to populate the 'tmsh show vcmp health' stats.
Restart restjavad after 10,000 tokens. To stop auth token generation on vCMP guests, on the hypervisor run the commands: -- tmsh modify vcmp guest all capabilities add { stats isolated-mode }. -- bigstart restart hostagentd
Fixes a memory leak in Authentication Token mechanism in restjavad.