Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
13.1.0, 12.1.3.6
Opened: Jun 02, 2017 Severity: 3-Major
The association of Local Traffic Policies to virtual servers do not synchronize properly. This can result in configuration sync failures with error messages including: -- 01070635:3: The policy (/Common/asm_auto_l7_policy__vs_27) is referenced by one or more virtuals. -- Configuration error: The bot-defense-asm profile /Common/asm_policy_1 was added to virtual server /Common/vs1 but it does not match the asm-controlling policy. The bot-defense-asm profile is added to the virtual server automatically. -- 010716fd:3: Virtual Server '/Common/vs' cannot contain policies with conflicting controls. In other circumstances, BIG-IP systems report themselves as 'in sync' despite a virtual server having different local traffic policies associated. Under certain circumstances, configuration sync fails after an LTM policy is removed from a virtual server and deleted.
Configuration fails to sync, or devices report 'In Sync' but have different LTM policies associated with virtual servers.
This occurs under the following conditions: -- Full sync operations (e.g., 'full-load-on-sync' or 'force-full-load-push'). And either of the following: -- Configuration changes made where local traffic policies are removed or added from a virtual server. -- Configuration changes made where a local traffic policy is removed from a virtual server, and then the virtual server is deleted.
There is no workaround at this time.
Configuration sync is successful.