Bug ID 926417: AFM not using the proper FQDN address information

Last Modified: Aug 14, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1

Opened: Jul 13, 2020

Severity: 3-Major

Symptoms

Duplicate resolved entries in FQDN address-lists may cause FQDN to use incorrect address information until the next FQDN reload.

Impact

Even after one of the duplicate entries is removed, AFM does not use proper FQDN address information.

Conditions

Any two FQDN address-lists having entries which DNS resolves to the same IP address present in the configuration, at any point since the last TMM restart/FQDN load.

Workaround

Remove the problematic rule and recreate the same rule again or Remove one of the duplicate addresses, and run "tmsh load security firewall fqdn-entity all" command, or restart TMM.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips