Bug ID 632731: specific external logging configuration can cause TMM service restart

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0, 12.1.2 HF1

Opened: Dec 09, 2016

Severity: 2-Critical

Related Article: K21964367


When external logging is configured for ACL rule hits, and the logging server connection is routed through a Forwarding Virtual, the ACL logging causes a TMM crash and service disruption.


Traffic disrupted while tmm restarts.


The problem is seen when all the following conditions match: 1. External Logging server configured for ACL rule match. 2. External logging server is routed through a Forwarding Virtual (the destination IP of the external logging server matches a Forwarding Virtual's destination address/mask and hence gets routed through the Forwarding VIP). 3. The forwarded logging destination connection causes a crash in TMM.


Use one of the following workarounds: --Avoid configuring remote logging to be forwarded through a Forwarding Virtual. -- Do not have logging enabled on the forwarding Virtual.

Fix Information

Connections originated from the BIG-IP to the remote logging server are not subjected to ACL checks, which prevents generation of logs for log server connection, which prevents the error conditions.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips