Bug ID 625785: Specific error logs with or without bd core

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
13.0.0

Opened: Oct 30, 2016

Severity: 3-Major

Symptoms

bd crashes, and the bd error log contains the following message: cant add ip entry - second bank

Impact

Failover, traffic disruption

Conditions

Specific rare scenario involving multiple in-progress web scraping or brute force attacks.

Workaround

Use the internal parameter external_entity_hash_size . The default is 100000. Increasing the value (200000) might allow the system to last longer, but the system still might get to the error state after some time. To configure external_entity_hash_size, run the following commands: /usr/share/ts/bin/add_del_internal add external_entity_hash_size 20000 tmsh restart sys service asm

Fix Information

Fixed a rarely occurring crash scenario.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips