Bug ID 719600: TCP::collect iRule with L7 policy present may result in connection reset

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1, 14.0.0,,

Fixed In:

Opened: May 10, 2018
Severity: 3-Major


If an iRule utilizing TCP::collect and HTTP_REQUEST is on a virtual server with an L7 policy, the policy engine may cause the connection to be unexpectedly reset with a 'policy execution error' reset cause, and 'Unable to resume pending policy event on connflow' will be logged to /var/log/ltm.


Connections may be unexpectedly reset and errors logged to /var/log/ltm.


TCP::collect and HTTP_REQUEST iRule with L7 policy on virtual server.


At the start of the HTTP_REQUEST event, issue an 'after 1' command to allow the policy engine to reach a consistent state before proceeding with the remainder of the iRule.

Fix Information


Behavior Change