Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP Install/Upgrade, LTM
Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3
Fixed In:
13.1.0, 13.0.1, 12.1.3.2
Opened: Mar 13, 2017 Severity: 3-Major Related Article:
K41685444
Beginning with v12.0.0, there has been additional validation for LTM Policy rule names to allow only certain valid characters. Prior to v13.1.0, the slash (/) character was included in the set of valid characters. But because the slash character is used as a delimiter in the BIG-IP virtual path hierarchy (e.g., /Common/my_policy/my_rule), extra slashes in a rule name causes validation problems because the rule appears to the system as having additional path segments.
Configuration will not load. Configuration may load, but admin GUI may not show policy rule.
LTM Policy rule contains the slash (/) character.
In the bigip.conf file, the LTM Policy rule names can be manually edited to either remove the illegal character or to substitute a valid character. For example, the following policy won't load because the rule name contains a slash (/) character: ltm policy mypolicy { ... rules { /testperson/a { ... } But it will load when the slash (/) characters are changed to a legal character, such as underscores (_): ltm policy mypolicy { ... rules { _testperson_a { ... }
For upgraded configurations, the roll-forward process will automatically translate slash (/) to underscore (_) in LTM Policy rule names. When creating new rules, validation will not succeed if a rule name contains an illegal character, such as a slash, so the issue will be prevented.