Bug ID 724653: In a device-group configuration, a non-empty partition can be deleted by a peer device during a config-sync.

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6, 16.0.0,, 16.0.1,,, 16.1.0, 16.1.1, 16.1.2,,

Fixed In:
17.0.0, 16.1.3,, 14.1.5

Opened: Jun 19, 2018

Severity: 3-Major


In a device-group configuration, a BIG-IP administrator can add a non-synced object to a partition on one device, then delete that partition on a peer device, syncing the delete (this is assuming the partition is empty on the peer). Although the config-sync operation will report as having completed successfully on both devices, and no errors will be visible in the /var/log/ltm file of either device, a number of issues can manifest at a later time. For instance, assuming the non-synced object was a VLAN, listing all VLANs across all partitions will return the following error: root@(bigip-ntr-d)(cfg-sync In Sync)(Active)(/)(tmos)# list net vlan recursive 01070712:3: Internal error, can't load folder or nested folder for: /test/my_vlan And reloading the config will return the following error (as the partition has been deleted, including its flat config files): root@(bigip-ntr-d)(cfg-sync In Sync)(Active)(/Common)(tmos)# load sys config Loading system configuration... /defaults/asm_base.conf /defaults/config_base.conf /defaults/ipfix_ie_base.conf /defaults/ipfix_ie_f5base.conf /defaults/low_profile_base.conf /defaults/low_security_base.conf /defaults/policy_base.conf /defaults/wam_base.conf /defaults/analytics_base.conf /defaults/apm_base.conf /defaults/apm_saml_base.conf /defaults/app_template_base.conf /defaults/classification_base.conf /var/libdata/dpi/conf/classification_update.conf /defaults/urlcat_base.conf /defaults/daemon.conf /defaults/pem_base.conf /defaults/profile_base.conf /defaults/sandbox_base.conf /defaults/security_base.conf /defaults/urldb_base.conf /usr/share/monitors/base_monitors.conf Loading configuration... /config/bigip_base.conf /config/bigip_user.conf /config/bigip.conf 01070523:3: No Vlan association for STP Interface Member 1.2. Unexpected Error: Loading configuration process failed. These are just examples, and the exact failures will depend on the type of non-synced object and its use within your configuration.


The partition is deleted on the peer device, even though it still contains non-synced objects. A number of config issues can arise at a later time as a result of this.


-- Two or more devices in a device-group configuration. -- Using partitions that contain non-synced objects. -- Deleting the partition on a device and syncing the changes to the other devices.


In some cases, if you need to define non-synced objects, you can do so in partitions or folders that are associated with 'device-group none' and 'traffic-group none'. This would prevent the partition or folder from synchronizing to other devices in the first place.

Fix Information

Validation has been added that will make a config-sync receiver reject the operation if this includes the deletion of a non-empty partition. In this case, the config-sync will fail and report an error message similar to the following example: 0107082a:3: All objects from local device and all HA peer devices must be removed from a partition (test) before the partition may be removed, type ID (467), text ID (60706)

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips