Bug ID 743127: Changing unicast network failover address via BIG-IP GUI may disrupt network failover communication

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3

Fixed In:
15.0.0

Opened: Sep 06, 2018
Severity: 3-Major

Symptoms

After changing the network failover port in the GUI, the configuration contains different values for 'effective-port' and 'port'. This may result in failover heartbeats from peer devices being sent to a different port than the one where the local system is actually listening to receive the traffic. Both sets of IP and port can be examined via tmsh: tmsh list cm device <name of local device> cm device /Common/bigip1 { unicast-address { { effective-ip management-ip effective-port 1026 <--- the port to which peers send traffic ip management-ip port 4094 <--- the local system listens on this port }

Impact

HA heartbeat traffic may be disrupted, which could result in multiple devices becoming active simultaneously.

Conditions

-- Changing the network failover address via the BIG-IP GUI to a different value (i.e., changing it away from the default, 1026).

Workaround

Use tmsh or iControl REST to modify the unicast network failover addresses for the local system.

Fix Information

Changing the unicast network failover port via the BIG-IP GUI now updates both the 'effective-port' and 'port'.

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks