Bug ID 970033: BIG-IQ: Tunnel objects may end up with an incorrect "ifIndex" value

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IQ ADC(all modules)

Known Affected Versions:,,, 7.1.6,, 7.1.7,,, 7.1.8,,,,,, 7.1.9,,,, 8.0.0,

Opened: Dec 05, 2020

Severity: 3-Major


Deployment fails with the error: '"profile" is a required property and may not be set to "none" or an empty value'.


You are unable to deploy the affected BIG-IP device(s).


Either: a) An imported Tunnel object has been modified on BIG-IQ. b) One or more imported Tunnel objects has ended up with an incorrect "ifIndex" value on BIG-IQ. The conditions that cause this are unknown.


If you have made any changes to Tunnel objects on BIG-IQ, make a note of the changes, so they can be re-applied to the Tunnel objects after performing the steps below. First, try to resolve the issue using the BIG-IQ UI: A. Discover & import the device into BIG-IQ again, selecting "Use BIG-IP" to clear any changes from Tunnel objects on BIG-IQ. B. Attempt to deploy to the device again. If the above does not resolve the issue, then you will need to manually copy the current config into the working config. Log into the BIG-IQ shell (e.g., using SSH), and run the following commands: 1. Write all tunnels to a file # restcurl /cm/adc-core/working-config/net/tunnels/tunnel | jq .items[] -c > /var/tmp/wc # restcurl /cm/adc-core/current-config/net/tunnels/tunnel | jq .items[] -c > /var/tmp/cc 2. Diff content of ifIndex # cat /var/tmp/cc | jq .id -r | sort | while read uuid ; do grep $uuid /var/tmp/cc | jq .ifIndex > /var/tmp/mycc ; grep $uuid /var/tmp/wc | jq .ifIndex > /var/tmp/mywc ; diff /var/tmp/mywc /var/tmp/mycc >/dev/null ; if [ $? -eq "1" ] ; then echo $uuid ; fi ; done > /var/tmp/diffout 3. Make sure that diffout contains UUID only, and test one of them to check the difference. ** You should something similar to this by running the following commands: # test=$(head -n1 /var/tmp/diffout) ; grep $test /var/tmp/cc | jq .ifIndex 384 # test=$(head -n1 /var/tmp/diffout) ; grep $test /var/tmp/wc | jq .ifIndex 400 4. Create a script called fixTunnel.sh with the following: TUNNELID=$1 restcurl "/cm/adc-core/current-config/net/tunnels/tunnel/$TUNNELID" | sed -e 's/current/working/g' | jq 'del(.generation,.lastUpdateMicros)' > workfinal curl "localhost:8100/cm/adc-core/working-config/net/tunnels/tunnel/$TUNNELID" -X PUT -d @workfinal | jq . 5. Provide execution permissions to fixTunnel.sh # chmod +x fixTunnel.sh 6. Use the fixTunnel.sh script to correct the ifIndex: # cat /var/tmp/diffout | while read UUID ; do echo $UUID ; ./fixtunnel.sh $UUID ; done 7. At the end of the procedure, you can re-run steps 1 and 2 again, and confirm that /var/tmp/diffout is empty.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips