Bug ID 660170: tmm may crash at ~75% of VLAN failsafe timeout expiration

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 13.0.0, 13.0.0 HF1

Fixed In:
13.1.0, 13.0.0 HF2, 12.1.2 HF1

Opened: Apr 24, 2017
Severity: 4-Minor
Related AskF5 Article:


When VLAN failsafe is configured, and the VLAN failsafe timeout is 3/4 expired, tmm wants to generate ICMP traffic to evoke a network response. When this occurs, the system might experience a crash.


TMM crashes, failover is triggered, as it would with a fully expired VLAN-failsafe-timeout condition (note that failover with a fully expired VLAN failsafe is correct behavior). Traffic on other VLANs might be disrupted while TMM restarts. (Traffic on the VLAN-failsafe-triggered VLAN is already disrupted, causing the timeout to expire.)


- VLAN failsafe is configured on a VLAN, for example with the recommended VLAN failsafe timeout of 90 sec. - The VLAN does not observe ARP/ndp traffic for 3/4 of the timeout, 67.5 seconds. - ICMP traffic generated to provoke a network response can under certain circumstances cause a TMM crash.


1. To allow for VLAN failsafe to be updated for any frame, run the following command with VLAN failsafe enabled, run the following command: tmsh modify failover.vlanfailsafe.resettimeronanyframe enable This configuration increases the confidence that in the case of a timeout expiry a real traffic disruption is detected. 2. Set the timeout of VLAN failsafe to 4/3 of the setting you want, for example, to have a timeout setting of 90, specify 120. With this setting, failover occurs at 90 seconds for a fully quiescent network. Note: Having a fully quiescent network is a rare occurrence and likely indicates that another issue is occurring anyway.

Fix Information

Generating ICMP traffic from TMM is no longer exposed to a potential crash in an invalid configuration or a completely quiet network, when generating ICMP traffic to provoke a network response on an expiring timer of VLAN failsafe, assuming the following configuration: - VLAN failsafe is configured. - VLAN failsafe expired 3/4 of the configured timeout (e.g., 67.5 seconds of 90 seconds ).

Behavior Change