Bug ID 521333: IPv6 management addresses may not function properly for vCMP guests.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP vCMP(all modules)

Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3

Fixed In:
12.0.0

Opened: May 05, 2015
Severity: 3-Major

Symptoms

When vCMP guests communicate via IPv6 management addresses, traffic may fail to pass. If there is a default gateway configured, tcpdumps of the management port (eth0) will show the guest attempting to deliver response traffic to the gateway. Also the Linux management route will be missing, this can be observed as follows: Management IP: 2001::1234:5678/64 Management Gateway: 2001::6:6 ip -6 route show table 245 2001::/64 dev eth0 src 2001::1234:5678 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 default via 2001::6:6 dev eth0 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 On an affected system, the non-default route entry in the ip command's output will be missing so it will appear like this: ip -6 route show table 245 default via 2001::6:6 dev eth0 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295

Impact

Passing traffic over the management port can be affected, including general system management via ssh or the web gui as well as HA or config-sync traffic.

Conditions

This issue occurs in vCMP guests configured with IPv6 management IPs.

Workaround

In /config/startup on the vCMP guest, add the following lines: sysctl -w net.ipv6.conf.eth0.accept_dad=0 sysctl -w net.ipv6.conf.eth0.dad_transmits=0 Then reboot all blades of the vCMP guest. A vCMP hypervisor reboot is not required to implement the workaround.

Fix Information

An issue affecting vCMP guests when using IPv6 management IPs has been resolved.

Behavior Change