Bug ID 618779: Route updates during IPsec tunnel setup can cause tmm to restart

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2

Fixed In:
13.0.0, 12.1.2 HF1

Opened: Sep 26, 2016

Severity: 2-Critical


During the setup of IPsec tunnel flows, tmm depends on a valid route being available towards a remote peer to correctly create the IPsec inbound tunnel flows. The absence of the route at this stage, causes tmm to crash and restart. This is more likely to happen if the route towards the endpoint is dynamic.


Traffic disrupted while tmm restarts.


IPsec tunnels are being set up with a given remote peer and the route towards that peer is not reliably present (as is in the case of dynamic route updates)


Ensure that there is always a valid route towards each of the remote peers.

Fix Information

The tmm process no longer restarts if there is no valid route towards the remote peer during IPsec tunnel setup.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips