Bug ID 991501: Pool members with HTTPS monitor may be incorrectly marked down.

Last Modified: Sep 16, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
16.0.1, 16.0.0, 15.1.2, 15.1.1,,, 14.1.4,,

Opened: Feb 09, 2021
Severity: 2-Critical


A pool with an HTTPS monitor may have its members marked down due to the monitor not being able to find a matching cipher for the SSL connection. This occurs when the @STRENGTH keyword is provided in the cipher suites list in the server SSL profile used by the HTTPS monitor, because bigd does not handle this keyword correctly.


Pool members are wrongly marked down, preventing them from handling incoming traffic.


Problem is observed when all conditions listed below are met: - The db variable bigd.tmm set to disable (default setting). - Pool is using an HTTPS monitor. - The HTTPS monitor uses a custom server SSL profile. - The server SSL profile uses a cipher string with @STRENGTH keyword.


1. Select the cipher group instead of cipher suites in the server SSL profile. 2. Manually enter the ciphers in the desired order.

Fix Information


Behavior Change