Bug ID 667707: LTM policy associations with virtual servers are not ConfigSynced correctly

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.3,,,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:

Opened: Jun 02, 2017

Severity: 3-Major


The association of Local Traffic Policies to virtual servers do not synchronize properly. This can result in configuration sync failures with error messages including: -- 01070635:3: The policy (/Common/asm_auto_l7_policy__vs_27) is referenced by one or more virtuals. -- Configuration error: The bot-defense-asm profile /Common/asm_policy_1 was added to virtual server /Common/vs1 but it does not match the asm-controlling policy. The bot-defense-asm profile is added to the virtual server automatically. -- 010716fd:3: Virtual Server '/Common/vs' cannot contain policies with conflicting controls. In other circumstances, BIG-IP systems report themselves as 'in sync' despite a virtual server having different local traffic policies associated. Under certain circumstances, configuration sync fails after an LTM policy is removed from a virtual server and deleted.


Configuration fails to sync, or devices report 'In Sync' but have different LTM policies associated with virtual servers.


This occurs under the following conditions: -- Full sync operations (e.g., 'full-load-on-sync' or 'force-full-load-push'). And either of the following: -- Configuration changes made where local traffic policies are removed or added from a virtual server. -- Configuration changes made where a local traffic policy is removed from a virtual server, and then the virtual server is deleted.


There is no workaround at this time.

Fix Information

Configuration sync is successful.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips