(SOL30483109) TopicVirtual servers can use default persistence profiles to ensure that subsequent client connections bypass load balancing and consistently return to the same pool member. Virtual servers can also use a Fallback persistence profile to create a secondary or fallback persistence record for each new client connection. The system evaluates subsequent client connections using persistence data provided by the client and locally stored persistence records. This overview describes in further detail th
↧
Informational: Overview of Fallback Persistence
↧
Security Advisory: BIG-IP last hop kernel module vulnerability CVE-2015-5516
(SOL00032124)
↧
↧
Security Advisory: Datastor kernel vulnerability CVE-2015-7394
(SOL17407)
↧
Known Issue: The BIG-IP configuration may fail to load after an upgrade to 11.6.0 or 12.0.0
(SOL17384) Known IssueThe BIG-IP configuration may fail to load after you upgrade the system to BIG-IP 11.6.0 or 12.0.0.This issue occurs when the following conditions are met:Your BIG-IP configuration contains a Secure Sockets Layer (SSL) profile that references an SSL certificate key chain in a non-default administrative partition. Note: The default administrative partition is Common. You upgrade the BIG-IP system from a software version earlier than BIG-IP 11.6.0.ImpactThe BIG-IP configuration fails to
↧
Known Issue: Host-based SSH authentication may fail after installing a UCS
(SOL17318) Known IssueHost-based secure shell (SSH) authentication may fail after you install a user configuration set (UCS).This issue occurs when all of the following conditions are met:Your BIG-IP configuration allows host-based SSH authentication.You use the Traffic Management Shell (tmsh) to install a UCS.ImpactThe BIG-IP system requires a password for command line access.SymptomsAs a result of this issue, you may encounter the following symptom:When attempting to access the command line of the BIG-IP
↧
↧
Known Issue: The vs-index field for a virtual server may be different on each blade in a chassis
(SOL16458) Known IssueThe vs-index field for a virtual server may be different on each blade in a VIPRION chassis.This issue occurs when the following conditions are met:The VIPRION platform has two or more blades.You attempt to create a virtual server in which the source and destination IP address and the port match an existing virtual server.The virtual server index (vs_index) is a unique number assigned to a virtual server on the BIG-IP system. This issue may occur if you create a virtual server (for ex
↧
Known Issue: The TMM process may restart and produce a core file during configuration load
(SOL17366) Known IssueThe TMM process may restart and produce a core file during configuration load. This issue occurs when the following condition is met:The configuration contains a large number of Secure Sockets Layer (SSL) certificates, keys, and/or Certificate Revocation Lists (CRLs).Loading a configuration that contains a large number of SSL certificates, keys, and/or CRLs causes the TMM process to miss its heartbeat (by default, the heartbeat time limit is 10 seconds). As a result, the sod process s
↧
Known Issue: BIG-IP systems that use the factory default administrator password will fail to establish a trust relationship after upgrading from 10.x to 11.x
(SOL16649) Known IssueBIG-IP systems that use the factory default administrator password will fail to establish a trust relationship after upgrading from 10.x to 11.x.Note: Beginning in 11.x, the BIG-IP systems must establish a trust relationship before they can synchronize configuration data or fail over.This issue occurs when all of the following conditions are met:You have a high-availability pair of BIG-IP devices running 10.x software.You have never modified the administrator password; it remains as t
↧
Known Issue: Older monitor instances may remain in the system after performing a configuration merge that modifies an existing pool monitor
(SOL17388) Known IssueOlder monitor instances may remain in the system after you perform a configuration merge that modifies an existing pool monitor.This issue occurs when all of the following conditions are met:Your BIG-IP configuration contains a pool with a health monitor that is actively monitoring pool members.You perform a configuration merge using the following command syntax: tmsh load sys config merge <file> The configuration merge modifies the type of health monitor used by the pool.Impact
↧
↧
Known Issue: Failing AD/LDAP server connections may cause the apd process to stop processing requests when service is restored
(SOL16501) Known Issue
Failing Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) server connections may cause the apd process to stop processing requests when service is restored.
This issue occurs when all of the following conditions are met:
Your BIG-IP APM system is configured with either an AD or LDAP type AAA server.
The AAA server is configured to use direct or a pool of servers.
The backend authentication server becomes temporarily unavailable when communicating with the BIG-
↧
Known Issue: Loading a large number of SSL certificates, keys, and CRLs may cause TMM to exit
(SOL41555452) Known IssueLoading a large number of Secure Sockets Layer (SSL) certificates, keys, and Certificate Revocation Lists (CRLs) may cause the Traffic Management Microkernel (TMM) to exit.This issue occurs when all of the following conditions are met:A large number of SSL objects or profiles are configured on the BIG-IP system.The configuration is loaded. For example, the configuration is loaded during configuration synchronization (ConfigSync) or system startup.When the configuration is loaded, all
↧
Security Advisory: libwww-perl vulnerability CVE-2014-3230
(SOL34144932)
↧
How-To: Downloading software and firmware from F5
(SOL167) TopicAll F5 software downloads are located in a central location. Hotfix release notes are available on the Select a Download page for each specific hotfix. To access the download files and begin the download process, perform the following procedure:Note: Software files and patches on the F5 Download site have a corresponding MD5 checksum file that you can download along with the software. To access the MD5 file for a given software file or patch, click the software name from the product contain
↧
↧
Security Advisory: Linux kernel vulnerability CVE-2014-0101
(SOL15317)
↧
Known Issue: Reports that span longer time periods, which use AVR statistics, may not include the latest portion of collected data
(SOL17555) Known Issue
Reports that span longer time periods, which use Analytics (AVR) statistics, may not include the latest portion of collected data.
This issue occurs when all of the following conditions are met:
The BIG-IP system is provisioned with the AVR module.
A BIG-IP Analytics profile is associated with a virtual server, and is gathering statistics.
You view Analytics statistics reports with a Time Period of Last Year, Last Month, or Last Week.
The amount of data not included in the reports
↧
Known Issue: The BIG-IP system may produce excessive ERR_UNKNOWN messages
(SOL46811087) Known IssueThe BIG-IP system may produce excessive ERR_UNKNOWN messages.This issue occurs when of the following condition is met:Your BIG-IP system is running under heavy load.ImpactThis error is cosmetic and may be safely ignored.SymptomsAs a result of this issue, you may encounter the following symptom:You may view an error message in the /var/log/ltm file that appears similar to the following example: err tmm3[12345]: 016e0002:3: Execution of action 'asm enable policy/Common/test_policy' fai
↧
Policy: F5 Silverline Services Acceptable Use Policy
(SOL49604758) Policy InformationThis Acceptable Use Policy (Acceptable Use Policy ) sets forth guidelines for acceptable use of F5 Networks, Inc.’s (“F5”) cloud-based application services marketed as Silverline services (the “Silverline Services”). By using the Silverline Services, the customer (“Customer”) acknowledges that it has read, understood and agrees to comply with the terms of this Acceptable Use Policy. Customer agrees to ensure that there is no breach, compromise or violation, by Customer employee
↧
↧
Known Issue: TMM may exit when the BIG-IP system processes SSL handshakes
(SOL17547) Known IssueThe Traffic Management Microkernel (TMM) may exit when the BIG-IP system processes Secure Sockets Layer (SSL) handshakes.This issue occurs when all of the following conditions are met:Your system runs on either of the following platforms: BIG-IP 2000BIG-IP 4000 The SSL handshake is processed by the crypto acceleration hardware on the platform.This issue can occur when processing SSL handshakes in the crypto acceleration hardware for the affected versions listed. However, this issue
↧
Overview: Overview of failover capabilities in the event of a FIPS hardware failure (9.x - 10.1.0)
(SOL8892) TopicThis article applies to BIG-IP 9.x through 10.1.0. For information about other versions, refer to the following article:SOL49022416: Overview of failover capabilities in the event of a FIPS hardware failure (10.2.x - 12.x)BIG-IP 9.2.4 introduced failover capabilities in the event of a FIPS kernel driver failure or FIPS hardware failure. This feature is enabled by default on all BIG-IP LTM devices that use FIPS cards; you cannot disable this feature.The fipsutil monitor is the daemon respons
↧
Manual: BIG-IP Device Service Clustering: Administration
↧