Bug ID 744936: Adding a default tmm gateway in AWS breaks failover between two instances if the default tmm gateway can't provide route to the ec2 metadata service at

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP MA-VE(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,

Opened: Sep 24, 2018
Severity: 3-Major


Instance failover breaks with the following messages in /var/log/ltm: /usr/libexec/aws/aws-failover-tgactive.sh (traffic-group-1): Instance sanity check failed with error: /usr/libexec/aws/aws-failover-tgactive.sh (traffic-group-1): ('Connection aborted.', error(111, 'Connection refused'))


As moving the elastic-ip between the Active and Stand-by instances breaks, the failover can't complete and the new Active instance can't takeover the BIG-IP operations.


- BIG-IP is deployed in AWS with multiple NICs. - Also, the BIG-IP is part of a failover group. - The Failover/HA in AWS depends on access to the instance metadata provided by the EC2 cloud via the http endpoint at - The default gateway provided by AWS through DHCP ensures access to this metadata endpoint without any additional configuration. However, when using a custom default gateway, the access to the instance metadata endpoint might not work.


Add the ip rule for the link local address as following: ip rule add to lookup 245

Fix Information


Behavior Change