Bug ID 885201: BIG-IP DNS (GTM) monitoring: 'CSSLSocket:: Unable to get the session"'messages appearing in gtm log

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP DNS(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 16.0.0,, 16.0.1,,

Fixed In:
16.1.0, 15.1.3,

Opened: Feb 26, 2020
Severity: 3-Major


Err (error) level messages in /var/log/gtm log when DNS (GTM) SSL monitors such as https are used and are unable to connect to the monitored target IP address: err big3d[4658]: 01330014:3: CSSLSocket:: Unable to get the session. These messages do not indicate the IP address or port of the target that failed to connect, and this ambiguity may cause concern.


The system reports unnecessary messages; the fact that the monitor failed is already detailed by the pool/virtual status change message, and the target changing to a red/down status. These messages can be safely ignored.


-- SSL-based DNS (GTM) monitor assigned to a target, for example https -- TCP fails to connect due to a layer 2-4 issue, for example: - No route to host. - Received a TCP RST. - TCP handshake timeout.


If you want to suppress these messages, you can configure a syslog filter. For more information, see K16932: Configuring the BIG-IP system to suppress sending SSL access and request messages to remote syslog servers :: https://support.f5.com/csp/article/K16932.

Fix Information

Added debug messages for SSL probing with attached DB variable

Behavior Change