Operational Defect Database
BugZero found this defect 339 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1298033
Mirrored connection on Standby is not closed until TCP profile idle-timeout expires.
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP TMOS
Affected releases:
15.1.3.1
15.1.4
15.1.4.1
15.1.5
15.1.5.1
15.1.6
15.1.6.1
15.1.7
15.1.8
15.1.8.1
15.1.8.2
15.1.9
Fixed releases:
No fixed releases provided.
Description:
Bug ID 1298033: Mirrored connection on Standby is not closed until TCP profile idle-timeout expires. ... Symptoms ... When a pool member is detected down, the standby system holds a mirrored connection until the TCP profile idle-timeout expires even when the FIN packet is properly mirrored to the Standby system from the Active system. ... The Active peer, on the other hand, properly closes the connection after the 4-way closure. ... Impact ... Conditions ... - Connection mirroring is enabled on a virtual server - Pool member status changes to unavailable on the standby before it becomes active (i.e., pool member monitor down occurs, or pool member is manually disabled) - HTTP(S) virtual server has an iRule which utilizes HTTP::close command, such as below. ... --------- ... Workaround ... Do not use iRule with HTTP::close if possible Alternatively use a smaller idle timeout and when manually shutting down a pool member, do so on the active first. ... Another alternative is to have t...
