Bug ID 749249: IPsec tunnels fail to establish and 100% cpu on multi-blade BIG-IP

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,

Fixed In:

Opened: Nov 08, 2018
Severity: 2-Critical


IPsec tunnels fail to establish and CPUs go to 100%.


The CPU exhaustion may cause system instability. The tmm logs may contain large numbers of messages similar to the following: -- notice SA is not in LARVAL state when receives PFKEY UPDATE: src= dst= spi=0xc9cd688 proto=0x32 dir=0x1:IN reqid=0.0:0:0x10c81 state=1


- IPsec tunnels configured. - System has multiple blades.


For vCMP systems, provision the Guest on one blade only. There is no workaround for bare-metal systems.

Fix Information

An internal control-plane messaging loop has been fixed.

Behavior Change