Bug ID 632731: specific external logging configuration can cause TMM service restart

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0, 12.1.2 HF1

Opened: Dec 09, 2016
Severity: 2-Critical
Related AskF5 Article:
K21964367

Symptoms

When external logging is configured for ACL rule hits, and the logging server connection is routed through a Forwarding Virtual, the ACL logging causes a TMM crash and service disruption.

Impact

Traffic disrupted while tmm restarts.

Conditions

The problem is seen when all the following conditions match: 1. External Logging server configured for ACL rule match. 2. External logging server is routed through a Forwarding Virtual (the destination IP of the external logging server matches a Forwarding Virtual's destination address/mask and hence gets routed through the Forwarding VIP). 3. The forwarded logging destination connection causes a crash in TMM.

Workaround

Use one of the following workarounds: --Avoid configuring remote logging to be forwarded through a Forwarding Virtual. -- Do not have logging enabled on the forwarding Virtual.

Fix Information

Connections originated from the BIG-IP to the remote logging server are not subjected to ACL checks, which prevents generation of logs for log server connection, which prevents the error conditions.

Behavior Change