Symptoms

Misconfigured GRE tunnel and route objects on the BIG-IP system might cause an ill-formed routing loop inside the TMM, resulting in a TMM crash. The following is an example to illustrate how misconfiguration can lead to an ill-formed routing loop inside the TMM. net tunnels tunnel gre1 { if-index 5472 local-address 10.10.0.1 mtu 1400 profile gre remote-address 10.20.0.1 } net self 10.9.0.1/24 { address 10.9.0.1/24 traffic-group traffic-group-local-only vlan gre1 } net route 10.20.0.0/24 { interface /Common/gre1 network 10.20.0.0/24 } In the above example, if a packet is destined for the network 10.20.0.0/24, the packet is sent over the GRE tunnel for encapsulation. After encapsulation, the destination address of the encapsulated packet is 10.20.0.1 (i.e., tunnel's remote-address) which matches the configured route again. As a result, the encapsulated packet is fed to the tunnel again and this process repeats to form a routing loop inside the TMM.

Impact

TMM crash. Traffic disrupted while tmm restarts.

Conditions

Misconfigured GRE tunnel and route objects, leading to an ill-formed routing loop inside the TMM. Please refer to the above example for an illustration.

Workaround

This issue is caused by misconfiguration which can be avoided. The recommendation is to examine the configuration, making sure that it does not lead to an ill-formed routing loop inside the TMM.

Fix Information

The TMM has been enhanced to detect an ill-formed single-level routing loop in a tunnel setting (e.g., refer to the above example). When an ill-formed single-level routing loop is detected in a tunnel setting, the packets will be dropped and the TMM no longer crashes, and the following message is also logged in /var/log/ltm: Tunnel output has a potential loop for remote endpoint <IP address>, tunnel name = <name>.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips