Bug ID 955897: Configuration may fail to load with named virtual-address for 0.0.0.0 in a non-zero route domain

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP Install/Upgrade, TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1

Opened: Oct 15, 2020
Severity: 3-Major

Symptoms

When reading the configuration from /config files, the BIG-IP system may fail to load the configuration regarding a virtual server with a named virtual-address for address 0.0.0.0 in a non-default route domain: err mcpd[21812]: 0107028b:3: The source (0.0.0.0%123) and destination (0.0.0.0) addresses for virtual server (/Common/vs1) must be in the same route domain. Unexpected Error: Loading configuration process failed.

Impact

The configuration fails to load from disk when the affected objects do not yet exist in running memory or binary cache, for example, during: - Reinstalling - Upgrading - Loading manual changes to the /config/*.conf files - MCP force-reload Other operations such as rebooting, relicensing, and reloading the same configuration (such as 'tmsh load sys config' are not affected.

Conditions

-- An LTM virtual-address object with a name. -- The virtual-address's address is 0.0.0.0 (or the keyword 'any'). The IPv6 address :: (or the keyword 'any6') is not affected. -- The virtual-address's address is in a route domain other than route domain 0. The route domain can be the partition's default route domain. -- An LTM virtual server that uses the affected address as its destination. Example: tmsh create net route-domain 123 tmsh create ltm virtual-address allzeros-rd123 address 0.0.0.0%123 tmsh create ltm virtual allzeros-rd123 destination 0.0.0.0%123:0 tmsh save sys config

Workaround

Replace the configuration that uses a named virtual-address with the direct address. Here is an example of the configuration in bigip.conf: ltm virtual-address allzeros-rd123 { address any%123 mask any } ltm virtual allzeros-rd123 { destination allzeros-rd123:0 mask any source 0.0.0.0%123 } This can be rewritten to remove the virtual-address object, and replace the virtual server destination with the address (0.0.0.0 or 'any'): ltm virtual allzeros-rd123 { destination any%123:0 mask any source 0.0.0.0%123 }

Fix Information

None

Behavior Change