Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
13.1.0, 12.1.2 HF1
Opened: Dec 09, 2016 Severity: 2-Critical Related Article:
K21964367
When external logging is configured for ACL rule hits, and the logging server connection is routed through a Forwarding Virtual, the ACL logging causes a TMM crash and service disruption.
Traffic disrupted while tmm restarts.
The problem is seen when all the following conditions match: 1. External Logging server configured for ACL rule match. 2. External logging server is routed through a Forwarding Virtual (the destination IP of the external logging server matches a Forwarding Virtual's destination address/mask and hence gets routed through the Forwarding VIP). 3. The forwarded logging destination connection causes a crash in TMM.
Use one of the following workarounds: --Avoid configuring remote logging to be forwarded through a Forwarding Virtual. -- Do not have logging enabled on the forwarding Virtual.
Connections originated from the BIG-IP to the remote logging server are not subjected to ACL checks, which prevents generation of logs for log server connection, which prevents the error conditions.