Bug ID 702675: CGNAT translations fail when using Fastl4 + Default Dag + intra-chassis connection mirroring

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP CGN(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Fixed In:
14.1.0

Opened: Jan 18, 2018

Severity: 3-Major

Symptoms

CGNAT translations fail with the error message 'LSN Pick took too long'. The error message can be observed in logs or with the command 'tmsh show ltm lsn-pool failure-cause'.

Impact

Some outbound translations are rejected.

Conditions

-- VIPRION 4450N blades when using default dag (net vlan cmp-hash default). -- FastL4 is configured -- Intra-chassis connection mirroring is configured.

Workaround

You can use any of the following workarounds: -- Use SP Dag (net vlan cmp-hash src-ip/dst-ip). -- Disable connection mirroring. -- Configure a profile on the virtual server that is not FastL4.

Fix Information

Translation attempts no longer fail in this configuration.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips