Bug ID 976525: Transparent monitors can have the incorrect source address when snat.hosttraffic is enabled

Last Modified: Oct 10, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP LTM, TMOS(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4, 16.0.0,, 16.0.1,,, 16.1.0

Opened: Dec 23, 2020
Severity: 3-Major


In BIG-IP v13.1.3.2 and later, there is new functionality to SNAT the traffic coming from the host system. When there are multiple routes to a destination address and transparent monitors are in use, tmm occasionally picks the wrong source IP for these connections.


The system chooses the wrong source IP address for the egress interface. That incorrect source IP address might cause traffic to return on the wrong VLAN.


-- The db variable snat.hosttraffic is enabled. -- Gateway pool with multiple members. -- Transparent monitors.


Use either of the following workarounds: -- Disable VLAN keyed connections: modify sys db connection.vlankeyed value disable -- Upgrade to a version with a fix for ID 826905 (https://cdn.f5.com/product/bugtracker/ID826905.html) and disable snat.hosttraffic.

Fix Information


Behavior Change