Bug ID 894545: Creating a virtual server in the GUI with a destination address list and 'All Ports' can erroneously conflict with other virtual servers

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 15.0.0, 15.0.1, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4

Fixed In:
16.0.0, 15.1.0.5, 15.0.1.1, 14.1.2.8

Opened: Mar 31, 2020
Severity: 3-Major

Symptoms

If you have an existing virtual server that uses an address list for its destination and 'All Ports' configured for its port, then if you attempt to create another virtual server with a different (non-overlapping) address list with 'All Ports' configured and a protocol that overlaps (i.e., is either the same, or one of the protocols is 'All Protocols'), then creation of the virtual server will fail with an error similar to: 01b90011:3: Virtual Server /Common/test's Traffic Matching Criteria /Common/test_VS_TMC_OBJ illegally shares destination address, source address, service port, and ip-protocol with Virtual Server /Common/test2 destination address, source address, service port.

Impact

Unable to create a valid virtual server.

Conditions

-- Using the GUI. -- An existing virtual server that uses an address list as its destination and has its Service Port set to 'All Ports'. -- An attempt to create another virtual server with a (non-overlapping) destination address list and 'All Ports' that has an overlapping Protocol (i.e., is either the same, or one of the protocols is 'All Protocols').

Workaround

Use TMSH to create the second virtual server instead.

Fix Information

None

Behavior Change