Bug ID 720799: Virtual Server/VIP flaps with FQDN pool members when all IP addresses change

Last Modified: Jun 20, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2

Fixed In:
14.1.0, 14.0.0.3, 13.1.1.4, 12.1.4.1

Opened: May 18, 2018
Severity: 3-Major

Symptoms

When using FQDN pool members, if all ephemeral members are removed and replaced by a DNS query that returns an entirely new set of IP addresses (no overlap with previous DNS query results), all ephemeral pool members are removed before the new ephemeral pool members are created. This results in a brief moment when there are no ephemeral members (that can receive traffic) in the pool.

Impact

The brief moment during which there are no ephemeral members (that can receive traffic) in the pool can cause a Virtual Server or Virtual Address using that pool to flap.

Conditions

A DNS query for the FQDN node in which the pool members belong, returns an entirely new set of IP addresses (no overlap with previous DNS query results).

Workaround

It is possible to work around this issue by: 1. Adding a pool member with a statically-configured IP address. 2. Including multiple FQDN pool members in the pool, to limit the effect of the ephemeral members changing for a single FQDN pool member.

Fix Information

When using FQDN pool members, ephemeral members whose IP addresses are not present in the most DNS query results are not immediately deleted from the pool. To prevent the brief condition in which there are no ephemeral members in the pool (which can cause a Virtual Server or Virtual Address using that pool to flap), creation of new ephemeral nodes and pool members occurs immediately, but deletion of old new ephemeral nodes and pool members occurs after a delay. The duration of the delay follows the fqdn 'down-interval' value configured for the associated FQDN template node.

Behavior Change