BIG-IP Next Known Issues¶

This list highlights known issues for this BIG-IP Next release.

BIG-IP Next Release Notes BIG-IP Next Release Information

Version: 20.0.1
Build: 20.0.1-2.139.10+0.0.136

Known Issues in BIG-IP Next v20.0.1

BIG-IP Next Issues

ID Number	Severity	Links to More Info	Description
1353673-1	1-Blocking		Unable to delete application service if migration fails
1352969-1	1-Blocking		Upgrades with TLS configuration can cause TMM crash loop
1352825-1	1-Blocking		host-qkview errors in qkview manifest and logs for F5OS
1351325-1	1-Blocking		Cannot delete a tagged VLAN and recreate an untagged VLAN with same name within ~10 minutes
1329853-1	1-Blocking		Identical listeners can be deployed to the same BIG-IP Next instance
1324545-1	1-Blocking		L3 validation fails after a BIG-IP Next HA instance fails over
1321417-1	1-Blocking		Cannot use WAF modules on VELOS on deploying tenant with 10 CPUs
1293209-1	1-Blocking		After backing up and restoring a BIG-IP Next HA instance, traffic stops passing
1280713	1-Blocking		VELOS high availability (HA) cluster goes into active/active after upgrade★
1189933-1	1-Blocking		BIG-IP Next Central displays a BIG-IP Next Instance as 'IsHealthy': true even if traffic isn't passing
1162213-1	1-Blocking		Incorrect state when upgrading a BIG-IP Next HA instance★
1104625	1-Blocking		The BIG-IP Next VE tmstat table does include stats for the management interface
1365005-1	2-Critical		Analytics data is not restored after upgrading to BIG-IP Next version 20.0.1
1355213-1	2-Critical		Memory value reported as part of container metrics endpoint includes inactive cache
1348365-1	2-Critical		Endpoint Health shows as good for invalid endpoint when after DSSM POD goes down/auto restarted
1328789-1	2-Critical		Errors are returned after backing up BIG-IP Next Central Manager
1294565	2-Critical		After upgrading, login API might return 401 with correct credentials
1271477	2-Critical		BIG-IP Next instance on VELOS reports unhealthy status if upgrade fails★
1268361	2-Critical		API GET /upgrade/systems/{system_id}/stats/{type} is VE specific only★
1232993-1	2-Critical		Forced reboot during BIG-IP Next upgrade can cause instability★
1216525-1	2-Critical		BIG-IP Next HA instance on VELOS health status fluctuates
1162253	2-Critical		Monitors in an application cannot be removed from stacks and traffic stops running
1123381	2-Critical		Standby node in a BIG-IP Next HA instance loses it's license when HA is disassembled
1090205	2-Critical		Floating IP address for a BIG-IP Next HA instance is unavailable during an active node reboot
1087937	2-Critical		API endpoints do not support page query
1083205	2-Critical		Default network is the only supported network
1078013-1	2-Critical		BIG-IP Next HA instance fails when VLANs exist or invalid VLANs are submitted
1366321-1	3-Major		BIG-IP Next Central Manager behind a forward-proxy
1365433	3-Major		Creating a BIG-IP Next instance on vSphere fails with "login failed with code 501" error message★
1360121-1	3-Major		Unexpected virtual server behavior due to removal of objects unsupported by BIG-IP Next
1360097-1	3-Major		Migration highlights and marks "net address-list" as unsupported, but addresses are converted to AS3 format
1360093-1	3-Major		Abbreviated IPv6 destination address attached to a virtual server is not converted to AS3 format
1359209-1	3-Major		The health of application service shown as "Good" when deployment fails as a result of invalid iRule syntax
1358985-1	3-Major		Failed deployment of migrated application services to a BIG-IP Next instance
1355605	3-Major		"NO DATA" is displayed when setting names for appliction services, virtual servers and pools, that exceed max characters
1354293	3-Major		Changing a template set in a FAST template creates a 404 error
1354089	3-Major		Cannot deploy an application service without a pool using standard template in Central Manager
1352781-1	3-Major		The coredns pod continuously logs warnings
1347901-1	3-Major		Cannot edit a deployed application service to add or remove Virtual Servers and Pools
1342185-1	3-Major		iRules are not supported for WAF policies
1335661-1	3-Major		Abbreviated IPv6 destination address attached to a virtual server is not converted to AS3 format
1329653-1	3-Major		Unexpected virtual server behavior due to removal of objects unsupported by BIG-IP Next
1328709-1	3-Major		The coredns pod continuously logs warnings
1326385	3-Major		Floating self-IP address for a BIG-IP Next HA instance
1325297	3-Major		Metrics are missing for application services with names longer than 24 characters
1324713-1	3-Major		Migration highlights and marks "net address-list" as unsupported, but addresses are converted to AS3 format
1306317-1	3-Major		Telemetry services with invalid hostnames are not rejected by the API
1306229	3-Major		Updating a self-IP address on a BIG-IP Next instance that was created from BIG-IP Next Central Manager does not work
1294081-1	3-Major		AS3 applications configured with HTTP2 and TLS do not function
1293901	3-Major		If pool member/endpoint name is omitted, app creation/edit screen might crash
1286181-1	3-Major		Add a service with Transport Layer Security (TLS), but one or more of the certs is missing or invalid
1286173-1	3-Major		Telemetry services that do not exist appear to have been deleted using an API call
1267981	3-Major		BIG-IP Next pool monitors use management network as fallback
1251181	3-Major		VLAN names longer than 15 characters can cause issues with troubleshooting
1235089	3-Major		Selected signatures for cookies are not added to overriden signature section
1234093	3-Major		BIG-IP Next Central Manager iRules do not support double quote characters
1231089	3-Major		Multiple applications can be configured with duplicate values for virtualAddresses and virtualPort
1230993	3-Major		'Mandatory request body is missing' violation in staging but request is unexpectedly blocked
1220077	3-Major		Failover for a BIG-IP Next HA instance between upgrades can time out★
1195281-1	3-Major		Endpoint is down when sendString contains double escaped characters
1172933	3-Major		Stack name must be unique in an application regardless of types
1142217-1	3-Major		Access Policies that have both signature required and encryption configured fail to validate and returns an error
1134225	3-Major		AS3 declarations with a SNAT configuration do not get removed from the underlying configuration as expected
1122689-3	3-Major		Cannot modify DNS configuration for a BIG-IP Next VE instance through API
1120457-1	3-Major		Data interfaces for BIG-IP Next VE are not visible on the host after the interface configuration is sent to TMM
1120417	3-Major		Machine ID on the BIG-IP Next properties pages shows an error
1117817	3-Major		Interface assignments are unpredictable when more than 4 interfaces are configured
1117805	3-Major		Unable to determine the TMM interface for MAC addresses on BIG-IP Next VE from the API
1117765	3-Major		BIG-IP Next Central Manager displays empty network interface metrics for a BIG-IP Next instance
1112285	3-Major		Cannot update management IP address on BIG-IP Next HA instances
1110805	3-Major		Setup needs to be finished on the host OS before BIG-IP Next can function properly.
1109933-1	3-Major		Unexpected behavior when multiple routes with identical route configuration and different names are created
1107757-1	3-Major		Large numbers of AS3/API requests can trigger job timeout errors.
1107533-1	3-Major		Upgrading a BIG-IP Next instance endpoint does not accept file names★
1106573	3-Major		If an application deployment fails due to BIG-IP Next instability, the policies referenced in the application cannot be deleted from BIG-IP Next Central Manager
1089201	3-Major		BIG-IP Next HA instance in an HA configuration fails when control plane IP address is configured incorrectly
1087881	3-Major		Network API endpoints reject Content-Type application/hal+json
1086221-1	3-Major		Content-Type response header does not match documented in BIG-IP Next OpenAPI spec
1079873	3-Major		Text in first column of a BIG-IP Next Central Manager grid might overlap with text in subsequent columns
1060829	3-Major		Unable to delete template from BIG-IP Next Central Manager if it was used for the application deployment
1058837	3-Major		Incorrect item count following application deletion and subsequent deletions fail
1057493	3-Major		'HTTP::header insert' command does not work under ASM iRule events
1053009-1	3-Major		Transaction in progress message and dropped connections using Files API to upload a cert/key
1365445	4-Minor		Creating a BIG-IP Next instance on vSphere fails with "login failed with code 401" error message★
1365417	4-Minor		Creating a BIG-IP Next VE instance in vSphere fails when a backslash character is in the provider username★
1360709	4-Minor		Application page can show an error alert that includes "FAST delete task failed for application"
1360621	4-Minor		Adding a Control Plane VLAN must be done only during BIG-IP Next HA instance creation
1354645	4-Minor		Error displays when clicking "Edit" on the Instance Properties panel
1350365	4-Minor		Performing licensing changes directly on a BIG-IP Next instance
1346905	4-Minor		Application Location and Source details missing in the application panel from the security policy grid
1325769	4-Minor		VLANs with a blank tag cannot be used to create a BIG-IP Next instance
1325713-1	4-Minor		Monthly backup cannot be scheduled for the days 29, 30, or 31
1325369	4-Minor		Saved JSON Web Token licenses do not appear after upgrade
1306997	4-Minor		Deselecting the Tagged Interface when creating a BIG-IP Next HA instance on VELOS causes an error
1305761	4-Minor		While configuring a BIG-IP Next HA instance, the "Next" button is enabled while the instance is still checking node state
1305757	4-Minor		Configuring a BIG-IP Next HA instance from BIG-IP Next Central Manager returns an error
1294393	4-Minor		Sorting and filtering create instance tasks on the My Instances page
1294137	4-Minor		BIG-IP Next HA instance creation fails
1291473	4-Minor		Creating a BIG-IP Next HA instance with instances that have deployed applications
1284665-1	4-Minor		When adding a new BIG-IP Next instance, the error message from an unsuccessful addition attempt is not cleared
1235105	4-Minor		Endpoint grid is shown only for applications that use the HTTPS-Load-Balancing-Service template
1209649-1	4-Minor		Load More' button reloads data already on the page for FAST Apps on BIG-IP Next Central Manager
1137869	4-Minor		Attempting to create an application from BIG-IP Next Central Manager sometimes fails
1114841-2	4-Minor		Creating a BIG-IP Next HA instance from BIG-IP Next Central Manager fails
1113593	4-Minor		BIG-IP Next Central Manager cannot deploy an application to an unhealthy BIG-IP Next instance
1109633	4-Minor		Creating a BIG-IP Next HA instance on VE from BIG-IP Next Central Manager
1106477	4-Minor		Cannot control the order of the fields generated from a BIG-IP Next Central Manager application template
1104397	4-Minor		When creating a new application from BIG-IP Next Central Manager, the form might show the deployment status of an application created previously in the same session
1104393	4-Minor		Testing an application deployment from BIG-IP Next Central Manager and copying to clipboard
1090405	4-Minor		Error messages in logs: pem block and tls failed to find PEM data
1082417	4-Minor		Application status displays as deployed before it has been created
1227605	5-Cosmetic		Item count on the BIG-IP Next Central Manager My Apps and Instances pages shows -1 items
1113045	5-Cosmetic		BIG-IP Next Central Manager displays No Data for mgmt network interface metrics

Known Issue details for BIG-IP Next v20.0.1

1366321-1 : BIG-IP Next Central Manager behind a forward-proxy

Component: BIG-IP Next

Symptoms:
Using "forward proxy" for external network calls from BIG-IP Next Central Manager fails.

Conditions:
When the network environment BIG-IP Next Central Manager is deployed in has a policy of routing all external calls through a forward proxy.

Impact:
BIG-IP Next Central Manager does not currently support proxy configurations, so you cannot deploy BIG-IP Next instances in that environment.

Workaround:
Allow BIG-IP Next Central Manager to connect to external endpoints by bypassing the "forward proxy" until BIG-IP Next Central Manager supports proxy configurations.

1365445 : Creating a BIG-IP Next instance on vSphere fails with "login failed with code 401" error message★

Component: BIG-IP Next

Symptoms:
Creating a BIG-IP Next VE instance in vShpere fails.

Conditions:
This happens when the randomly generated initial admin password contains an unsupported character.

Impact:
Creating a BIG-IP Next VE instance fails.

Workaround:
Try recreating the BIG-IP Next VE instance.

1365433 : Creating a BIG-IP Next instance on vSphere fails with "login failed with code 501" error message★

Component: BIG-IP Next

Symptoms:
Creating a BIG-IP Next VE instance fails and returns a code 503 error.

Conditions:
Attempting to create a BIG-IP Next VE instance from BIG-IP Next Central Manager when the vSphere environment has insufficient resources.

Impact:
Creating a BIG-IP Next VE instance fails.

Workaround:
Use one of the following workarounds.

- Retry creating the BIG-IP Next instance.
- Create the BIG-IP Next instance directly in the vSphere provider environment then add it to BIG-IP Next Central Manager.

1365417 : Creating a BIG-IP Next VE instance in vSphere fails when a backslash character is in the provider username★

Component: BIG-IP Next

Symptoms:
If you include a backslash character in the provider username when creating a BIG-IP Next VE instance creation fails because BIG-IP Next Central Manager parses it as an escape character.

Conditions:
Creating a BIG-IP Next VE instance that includes a backslash character in the provider username.

Impact:
Creation of the BIG-IP Next instance fails.

Workaround:
Do not use the backslash character in the provider username.

1365005-1 : Analytics data is not restored after upgrading to BIG-IP Next version 20.0.1

Component: BIG-IP Next

Symptoms:
After upgrading from BIG-IP Next version 20.0 to 20.0.1, analytic data is not restored.

Conditions:
After upgrading from BIG-IP Next version 20.0 to 20.0.1.

Impact:
Analytics data is not automatically restored after upgrading and cannot be restored manually.

1360709 : Application page can show an error alert that includes "FAST delete task failed for application"

Component: BIG-IP Next

Symptoms:
After you successfully delete a BIG-IP Next instance that has application services deployed to it, an alert banner on the Applications page states that the delete task failed even though it's successful.

Conditions:
Delete a BIG-IP Next instance and then navigate to the Applications page.

Impact:
This can cause confusion.

1360621 : Adding a Control Plane VLAN must be done only during BIG-IP Next HA instance creation

Component: BIG-IP Next

Symptoms:
If you attempt to edit a BIG-IP Next HA instance properties to add a Control Plane VLAN, it fails.

Conditions:
Editing the properties for an existing BIG-IP Next VE HA instance and attempting to add a Control Plane VLAN.

Impact:
The attempt to edit/add Control Plane VLAN fails.

Workaround:
Create the Control Plane VLAN when you initially create the BIG-IP Next HA instance.

1360121-1 : Unexpected virtual server behavior due to removal of objects unsupported by BIG-IP Next

Component: BIG-IP Next

Symptoms:
The migration process ensures that application services are supported by BIG-IP Next. If a property value is not currently supported by BIG-IP Next, it is removed and is not present in the AS3 declaration. If the object was a default value, the object is replaced by a default value that is supported by BIG-IP Next.

Conditions:
1. Migration a UCS archive from BIG-IP to BIG-IP Next Central Manager.

2. Review the AS3 declaration during the Pre Deployment staged.

Example for "cache-size" property of "web-acceleration" profile:
- BIG-IP config cache-size = 500mb OR 0mb
- AS3 schema supported range = 1-375mb
- BIG-IP Next stack (clientSide/caching/cacheSize) supported range 1-375mb
- AS3 output created by migration does not produce "cacheSize" property if cache-size is greater than 375mb or lower than 1mb.
- Deployment of AS3 declaration uses BIG-IP Next defaults in both cases (cache-size 375 or 0mb)

Impact:
Default values of virtual server's objects may change, impacting virtual server's behavior.

Workaround:
Although you cannot use values which are unsupported by BIG-IP Next, you can update the AS3 declaration with missing properties to specify values other than default ones added during the migration process.

To do so, read: https://mbip.pages.gitswarm.f5net.com/components/f5-appsvcs-core/public-docs/schema-reference-by-class.html

to modify AS3 declaration by adding missing properties and specifying values within supported range.

1360097-1 : Migration highlights and marks "net address-list" as unsupported, but addresses are converted to AS3 format

Component: BIG-IP Next

Symptoms:
Objects of a type: "net address-list" are incorrectly marked as unsupported, while virtual servers in AS3 output contain the property "virtualAddresses".

Conditions:
If an address list is used to configure a virtual server, it will be highlighted as unsupported in the configuration editor even if it is properly translated to AS3 "virtualAddresses" property.

Example of the object:

net address-list /tenant3892a81b1f9e6/application_11/IPv6AddressList {
    addresses {
        fe80::1ff:fe23:4567:890a-fe80::1ff:fe23:4567:890b { }
        fe80::1ff:fe23:4567:890c { }
        fe80::1ff:fe23:4567:890d { }
    }
    description IPv6
}

Example of an AS3 property:
"virtualAddresses": [
          "fe80::1ff:fe23:4567:890a-fe80::1ff:fe23:4567:890b",
          "fe80::1ff:fe23:4567:890c",
          "fe80::1ff:fe23:4567:890d"
        ],

Impact:
- The object is translated to virtualAddresses property in the AS3, but an application is marked as yellow.
- The object is translated, but one of the values from the address list is not supported on BIG-IP Next (IPv6 value range)

Workaround:
Verify that all addresses from 'net address-list' object are configured as "virtualAddresses" property value list in the AS3 output.

Verify that all addresses from 'net address-list' are supported on BIG-IP Next. Remove or modify virtualAddresses value list if needed.

1360093-1 : Abbreviated IPv6 destination address attached to a virtual server is not converted to AS3 format

Component: BIG-IP Next

Symptoms:
Service class in AS3 output does not have 'virtualAddresses' property, for example:

      "Common_virtual_test": {
        "snat": "none",
        "class": "Service_TCP",
        "profileTCP": {
          "use": "/tenant017b16b41f5c7/application_9_SMtD/tcp_default_v14"
        },
        "persistenceMethods": []
      }

Conditions:
Migrate an application service with abbreviated IPv6 address:

ltm virtual-address /tenant017b16b41f5c7/application_9_SMtD/aa::b {
    address aa::b
    arp enabled
    traffic-group /Common/traffic-group-1

Impact:
Virtual server is misconfigured, no listener on a specific IP address is created.

Workaround:
All application services containing virtual servers configured with abbreviated IPv6 addresses should be updated once they are migrated to BIG-IP Next Central Manager.

Go to Applications -> My Application Services, find your application service name and edit it.

Find your virtual server name and update it with a property

"virtualAddresses": [
          "aa::b",
        ]

like this:

      "Common_virtual_test": {
        "snat": "none",
        "class": "Service_TCP",
        "virtualAddresses": [
          "aa::b",
        ],
        "profileTCP": {
          "use": "/tenant017b16b41f5c7/application_9_SMtD/tcp_default_v14"
        },
        "persistenceMethods": []
      }

1359209-1 : The health of application service shown as "Good" when deployment fails as a result of invalid iRule syntax

Component: BIG-IP Next

Symptoms:
When an application with an invalid iRule is deployed to an instance from BIG-IP Next Central Manager, deployment is shown as successful but the post deployment iRule validation failed on the instance. Health status should be changed to "Critical/Warning" but it is still showing as good.

Conditions:
Deploy an application service with an invalid iRule.

Impact:
Incorrect status of the application service is shown in the My Application Services page.

Workaround:
Always try to use a valid iRule when deploying to BIG-IP Next.

1358985-1 : Failed deployment of migrated application services to a BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
Deployment of a migrated application service to a BIG-IP Next instance might fail even if the declaration is valid. This can occur after the application service was successfully saved as draft on BIG-IP Next Central Manager
The following can appear in the deployment logs:
- No event with error code from deployment to instance in migration logs
- 202 response code "in progress" from deployment to instance in migration logs
- 503 response code "Configuration in progress" from deployment to instance in migration logs

Conditions:
1. Migrate an application service during a migration session

2. Select a deployment location and deploy the application service.

Review the migration log: the application service was successfully saved to BIG-IP Next Central Manager, but the deployment to the selected location failed with error.

Impact:
There are 3 different errors that can result in the deployment logs (Deployment Summary>View logs):

Reason 1:

Migration process started.
Application: <application name> saved as draft to BIG-IP Next Central Manager.
Migration process failed.

Reason 2:

Migration process started
Application: <application name> saved as draft to BIG-IP Next Central Manager.
Log Message: Deployment to <BIG-IP Next IP address> failed with the error: '{'code': 202, 'host': '<hostname>, 'message': 'in progress', 'runTime': 0, 'tenant': '<tenant name>'}'.
Migration process failed.

Reason 3:

If you are currently processing the same AS3 declaration sent from a different source or migration session:
Migration process started.
Application: <application name> saved as draft to BIG-IP Next Central Manager.
Log message: Deployment to <BIG-IP Next IP address> failed with the error: '{'code': 503, 'errors': [], 'message': 'Configuration operation in progress on device, please try again later.'}'.
Migration process failed.

Workaround:
The application service was successfully saved as a draft on BIG-IP Next Central Manager.

You can go to My Application Services, select the application service that failed to deploy, and deploy the application service to a selected instance location.

1355605 : "NO DATA" is displayed when setting names for appliction services, virtual servers and pools, that exceed max characters

Component: BIG-IP Next

Symptoms:
"NO DATA" is displayed in the application metrics charts when setting a name that exceeds 33 characters for an application service, pool, or virtual server.

Conditions:
1. Create an application service with a virtual server and a pool.
2. Set the name of each of the objects above to be 34 characters or longer.
3. Add an endpoint to the pool.
4. Deploy the application service, and wait for the application service to pass traffic.

Impact:
"NO DATA" is displayed in the application service, pool and virtual server data metrics charts.

Workaround:
When creating an application the names of the application services, pools and virtual servers cannot exceed 33 characters.

1355213-1 : Memory value reported as part of container metrics endpoint includes inactive cache

Component: BIG-IP Next

Symptoms:
The response from the endpoint `/api/v1/metrics/systems/{systemId}/summary` provides memory values for individual containers. These values are sourced from the Cgroup's `memory.usage_in_bytes` attribute. It's important to note that this value includes the inactive cache value as well, which is accessible for any other process to consume.

Conditions:
Always

Impact:
The results of metrics api response could be misleading as the memory value for individual container could include inactive cache which is available for any other process to consume

1354645 : Error displays when clicking "Edit" on the Instance Properties panel

Component: BIG-IP Next

Symptoms:
When editing the properties of a BIG-IP Next instances page, a "Error: unsupported platform type" displays.

Conditions:
When viewing the Instances page, the BIG-IP Next instance's hostname to view its properties. On the Instance Properties panel, click the Edit button.

Impact:
This can cause confusion.

Workaround:
Wait for the BIG-IP Next instance's hostname to load on Instance Properties panel before clicking the Edit button.

1354293 : Changing a template set in a FAST template creates a 404 error

Component: BIG-IP Next

Symptoms:
When changing a template set in a FAST template, the updated details might not be refreshed in the template list and you receive a 404 error when you open template details drawer.

Conditions:
Update a FAST template template set to a new template set, and then save the template changes.

Impact:
You receive a 404 error in the templates list which changing a template's template set.

Workaround:
Refresh the template list page until the new template set is displayed.

1354089 : Cannot deploy an application service without a pool using standard template in Central Manager

Component: BIG-IP Next

Symptoms:
When you create an application service using a standard template from BIG-IP Next Central Manager, you cannot create the application service without a pool.

Conditions:
Create an application service using a standard FAST template on BIG-IP Next Central Manager. Add a virtual server without adding any pools to virtual server. The 'Review & Deploy' button remains disabled and does not allow you to proceed.

Impact:
Creating an application service with a FAST template does not allow virtual servers without added pools.

Workaround:
Create a virtual server and add a pool without adding pool members.

1353673-1 : Unable to delete application service if migration fails

Component: BIG-IP Next

Symptoms:
Application migration fails to deploy an application service because of an unsupported feature and is saved as draft to BIG-IP Next Central Manager. When trying to delete the application service, deletion fails with a 500 error.

Conditions:
1. Try to deploy an application service through the migration process.

2. Ensure the original app is fitted with unsupported features.

3. Go to My Application Services, and Delete the application service.

Impact:
A 500 error appears with error msg: "AS3-0008: AS3 Validation Error: FailedToValidateInstance"

Workaround:
1. Force delete the application with force=true as query parameter.

DELETE /api/v1/spaces/default/appsvcs/documents/{document-id}?force=true

2. If force deletion fails, then try deleting the deployment(s) with local delete set to true.

DELETE
/api/v1/spaces/default/appsvcs/documents/{document-id}/deployments/{deployment-id}?local_delete=true

After this, delete app again using API in step 1.

1352969-1 : Upgrades with TLS configuration can cause TMM crash loop

Component: BIG-IP Next

Symptoms:
After upgrading from a version prior to 20.0.1, connection is lost.

Conditions:
- Keys and certificates are configured as files in TLS configuration.
- Upgrading from a version prior to 20.0.1.

Impact:
An error similar to the following is logged: Failed to connect to <IP address port: xx> No route to host

Workaround:
After upgrading, reconfigure the private key files so that validation properly occurs.

Fix any existing mismatch keys and certificates.

1352825-1 : host-qkview errors in qkview manifest and logs for F5OS

Component: BIG-IP Next

Symptoms:
BIG-IP Next on an F5OS platform does not support host-qkview information as part of its QKView collection process. However, during QKView collection, host-mode socket failure errors are posted in logs and QKView manifest file, similar to the following: A "host-qkview socket connection failure error" is displayed in logs and QKView manifest file.

Conditions:
Request QKView through open API.

Impact:
There is no impact on QKView collection process and the data collected as part of QKView.

Workaround:
You can safely ignore the error message.

1352781-1 : The coredns pod continuously logs warnings

Component: BIG-IP Next

Symptoms:
The coredns pod in the kube-system namespace of the kubernetes cluster continuously logs the following warnings:

[WARNING] No files matching import glob pattern: /etc/coredns/custom/*.override
[WARNING] No files matching import glob pattern: /etc/coredns/custom/*.server

Conditions:
BIG-IP Next VM has been created and assigned an IP address.

Impact:
There is no operational impact.

Workaround:
Not Applicable

1351325-1 : Cannot delete a tagged VLAN and recreate an untagged VLAN with same name within ~10 minutes

Component: BIG-IP Next

Symptoms:
If you delete an existing tagged VLAN and attempt to create a new untagged VLAN with the same name within 10 minutes, the creation fails.

Conditions:
Delete an existing tagged VLAN then try to create a new untagged VLAN with the same name.

Impact:
Unable to create the new VLAN.

Workaround:
Try again in another 10 minutes.

1350365 : Performing licensing changes directly on a BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
BIG-IP Next Central Manager will become out of sync with a managed BIG-IP Next instance if you perform licensing actions directly to the BIG-IP Next instance.

Conditions:
Add a BIG-IP Next instance to BIG-IP Next Central Manager. Perform licensing actions directly on the BIG-IP Next instance.

Impact:
BIG-IP Next Central Manager is no longer synchronized with its managed instance.

1348365-1 : Endpoint Health shows as good for invalid endpoint when after DSSM POD goes down/auto restarted

Component: BIG-IP Next

Symptoms:
In any point in time if DSSM PODS becomes unreachable from TMM for more than 30s or goes down/auto-restarted and if any of the endpoint/pool-member configured is invalid/DOWN then the Health status of that endpoint is reported as GOOD instead of CRITCAL. It continues to report as CRITICAL unless the TMM POD also restarted.

Conditions:
DSSM POD goes down/restarted or becomes unreachable from TMM for more than 30s.

Impact:
Incorrect health status is shown for invalid/unreachable endpoint/pool member

Workaround:
If at all DSSM POD goes DOWN/auto-restarted, then in the worst case work around could be restarting the TMM POD can resolve this issue.

1347901-1 : Cannot edit a deployed application service to add or remove Virtual Servers and Pools

Component: BIG-IP Next

Symptoms:
The edit option is not available for an application service that has been deployed to a managed BIG-IP Next instance.

Conditions:
This limitation applies only to application services that have been successfully deployed to at least one BIG-IP Next instance.

Impact:
You cannot add or remove Virtual Servers or Pools.

Workaround:
When you want to add or remove virtual servers or pools, un-deploy the application from the associated BIG-IP Next instances and modify the application configuration as required then re-deploy the application to all of the BIG-IP Next instances it was previously deployed to.

Before un-deploying or deleting an old application, go to the deployments, validate, and extract the AS3 declaration from each. Save these AS3 declarations, they will be useful if you must recreate those locations later.

1346905 : Application Location and Source details missing in the application panel from the security policy grid

Component: BIG-IP Next

Symptoms:
When clicking on the application counter in the WAF Policies list, a panel is opened with a list of the applications referencing the selected policy. The columns Source and Location are blank.

Conditions:
1. Create a WAF policy and attach to one or more application services.

2. Deploy application services with attached WAF policies.

3. Click the application counter from the WAF Policies list.

Impact:
The application service's location (BIG-IP Next instance) and source (name of template used) is not visible.

Workaround:
You can view the information about application service directly from the Applications workspace.

Go to the Applications workspace, and select the application service from My Application Services list. From the Application Service Topology, select the eye icon next to the application service tile to view the source and location details.

1342185-1 : iRules are not supported for WAF policies

Component: BIG-IP Next

Symptoms:
iRules are not supported for WAF policies.

Conditions:
Attempting to create an iRule for a WAF policy.

Impact:
You can configure an iRule for a WAF policy, but BIG-IP Next Central Manager ignores the iRule.

Workaround:
None

1335661-1 : Abbreviated IPv6 destination address attached to a virtual server is not converted to AS3 format

Component: BIG-IP Next

Symptoms:
Service class in AS3 output does not have 'virtualAddresses' property, e.g.:

      "Common_virtual_test": {
        "snat": "none",
        "class": "Service_TCP",
        "profileTCP": {
          "use": "/tenant017b16b41f5c7/application_9_SMtD/tcp_default_v14"
        },
        "persistenceMethods": []
      }

Impact:
Virtual server is misconfigured, no listener on a specific IP address is created.

1329853-1 : Identical listeners can be deployed to the same BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
Currently, the identical listeners check is only implemented in the same application service, but identical listeners are not supported on a single BIG-IP Next instance, even when they are pointing to two different application services.

If two different application services have the same listeners defined they can be saved as a draft or unsuccessfully deployed.

Conditions:
Deploy two different application services using the same listeners.

Impact:
Although you can save two application services with same listeners and deploy to an instance, the deployment will fail.

Workaround:
Assign different listeners for different application services to avoid failed deployment. If any two existing applications has same listeners defined, you can change the data by adding unique listeners and re-deploy.

1329653-1 : Unexpected virtual server behavior due to removal of objects unsupported by BIG-IP Next

Component: BIG-IP Next

Impact:
Default values of virtual server's objects may change, impacting virtual server's behavior.

1328789-1 : Errors are returned after backing up BIG-IP Next Central Manager

Component: BIG-IP Next

Symptoms:
After creating a BIG-IP Next Central Manager backup, a 500 error is seen on the F5 Application Service Templates (FAST) and/or iRules screens.

Conditions:
1. Import one or more deployed instances to BIG-IP Next Central Manager.

2. Immediately after instance import, perform a backup on BIG-IP Next Central Manager.

3. Deploy one or more HTTP application services and pass traffic.

4. Perform another backup for BIG-IP Next Central Manager.

5. Go to the F5 Application Service Templates (FAST) and/or iRules screens.

Impact:
A 500 error appears when opening the F5 Application Service Templates (FAST) and/or iRules screens.

Workaround:
Refresh the screen that present a 500 error to view information as expected.

1328709-1 : The coredns pod continuously logs warnings

Component: BIG-IP Next

Conditions:
BIG-IP Next Central Manager VM has been created and assigned an IP address.

Impact:
There is no operational impact.

Workaround:
Not Applicable

1326385 : Floating self-IP address for a BIG-IP Next HA instance

Component: BIG-IP Next

Symptoms:
Traffic does not pass to a newly-created BIG-IP Next HA instance.

Conditions:
When you do not use the existing floating self IP address when creating a BIG-IP Next HA instance and instead specifying the existing floating self-IP in the "Active Node IP Address" or "Standby Node IP Address" fields.

Impact:
Creation of the BIG-IP Next HA instance appears successful, but traffic does not flow.

Workaround:
Always assign the existing floating self IP as the "Floating IP Address".

1325769 : VLANs with a blank tag cannot be used to create a BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
Creation of a BIG-IP Next HA instance fails.

Conditions:
1. From BIG-IP Next Central Manager, navigate to Infrastructure > My Instances > Start adding instances > Create a new instance
2. When you reach the Networking page add VLANs but leave the tags blank.
5. Continue creating the instance then Deploy.

Impact:
Creation fails with an error saying the tag must be an integer.

Workaround:
Instead of leaving the tag blank, use the number 0 to represent an untagged VLAN.

1325713-1 : Monthly backup cannot be scheduled for the days 29, 30, or 31

Component: BIG-IP Next

Symptoms:
You cannot schedule a monthly backup on the last 3 days of the month (29, 30, or 31) because some months do not contain these days (for example, February).

Conditions:
Creating a monthly backup schedule from BIG-IP Next Central Manager that contains the days 29, 30, or 31.

Impact:
If you select these days for your schedule, BIG-IP Next Central Manager returns a 500 error.

1325369 : Saved JSON Web Token licenses do not appear after upgrade

Component: BIG-IP Next

Symptoms:
After upgrading BIG-IP Next Central Manager using the backup and restore feature, saved JWT licenses do not appear.

Conditions:
Upgrading BIG-IP Next Central Managing using the backup and restore feature.

Impact:
Saved JWT license tokens are missing.

Workaround:
Re-add the JWT licenses to BIG-IP Next Central Manager.

1325297 : Metrics are missing for application services with names longer than 24 characters

Component: BIG-IP Next

Symptoms:
When viewing data metrics for an application service with a name longer than 24 characters, no data is displayed in the charts.

Conditions:
1. Create an application service with a name that uses more than 24 characters.

2. Deploy the application service and collect traffic data.

3. View the application service's data metrics.

Impact:
No data metrics are displayed in the application service's charts.

Workaround:
When you create an application service, do not use more than 24 characters for the application service name.

1324713-1 : Migration highlights and marks "net address-list" as unsupported, but addresses are converted to AS3 format

Component: BIG-IP Next

Symptoms:
Objects of a type: "net address-list" are incorrectly marked as unsupported, while virtual servers in AS3 output contain the property "virtualAddresses".

Workaround:
Verify that all addresses from 'net address-list' object are configured as "virtualAddresses" property value list in the AS3 output.

1324545-1 : L3 validation fails after a BIG-IP Next HA instance fails over

Component: BIG-IP Next

Symptoms:
After a BIG-IP Next HA instance fails over to the standby node, L3 network validation fails with the following error:

Validating L3 networks failed due to VLAN duplication.

Conditions:
BIG-IP Next HA instance fails over to the standby node.

Impact:
You cannot send a new config due to a configuration error.

1321417-1 : Cannot use WAF modules on VELOS on deploying tenant with 10 CPUs

Component: BIG-IP Next

Symptoms:
Cannot use WAF functionality on a BIG-IP Next tenant installed on VELOS when the number of CPUs assigned to tenant is not one of these values: 4, 8, 12, 18, 22.

Conditions:
Install a BIGIP-Next tenant on VELOS with an unsupported CPU core count. Supported CPU values are [4, 8, 12, 18, 22].

Impact:
Cannot configure WAF policies for a BIG-IP Next tenant.

Workaround:
Install a BIG-IP Next tenant with CPUs of the following values: [4, 8, 12, 18, 22 ]

1306997 : Deselecting the Tagged Interface when creating a BIG-IP Next HA instance on VELOS causes an error

Component: BIG-IP Next

Symptoms:
If you deselect the Tagged Interface for the Data Plan VLAN when creating a BIG-IP Next HA instance on VELOS, you get an error.

Conditions:
Configure a BIG-IP Next HA instance on VELOS and deselect the Tagged Interface for the Data Plane VLAN.

Impact:
Submitting this invalid task will result in an error.

Workaround:
Always select the Tagged Interface when creating a BIG-IP Next HA instance on VELOS.

1306317-1 : Telemetry services with invalid hostnames are not rejected by the API

Component: BIG-IP Next

Symptoms:
Add services with invalid hostnames, the API response is 202, but it should be 400 Bad Request.

Conditions:
Add services with bad hostnames, for example "host name" or ".10.10.10".

Impact:
BIG-IP Next did not successfully set up the logging destination, so the customer will not see their logs getting streamed to the third-party destination.

The services are not added in the otel config but will show up in the BIG-IP Next config. The service creation failed messages can be found in the debug log.

1306229 : Updating a self-IP address on a BIG-IP Next instance that was created from BIG-IP Next Central Manager does not work

Component: BIG-IP Next

Symptoms:
If you create a BIG-IP Next instance from BIG-IP Next Central Manager and then later update the instance's self-IP address, the update does not return an error, but the self-IP address is not updated as expected.

Conditions:
1. Create an instance from BIG-IP Next Central Manager with VLANs.
2. Edit the BIG-IP Next instance with a new self-IP Address.
3. Deploy the edit request.

Impact:
The self-IP address is not updated.

Workaround:
Create a new instance with the updated self-IP address and delete the old instance.

1305761 : While configuring a BIG-IP Next HA instance, the "Next" button is enabled while the instance is still checking node state

Component: BIG-IP Next

Symptoms:
When creating a BIG-IP Next HA instance, you're not prevented from advancing through the process by clicking the Next button even when the standby node's health has not yet been verified. If the standby node has important data, such as running apps, you may not see a warning and may overwrite that data unintentionally.

Conditions:
Creating a BIG-IP Next HA instance from BIG-IP Next Central Manager.

Impact:
You're allowed to navigate past this step without seeing warning messages if the secondary node has critical data, including apps.

Workaround:
Wait for the check to complete.

1305757 : Configuring a BIG-IP Next HA instance from BIG-IP Next Central Manager returns an error

Component: BIG-IP Next

Symptoms:
While configuring a BIG-IP Next HA instance, the VLANs page might display green check marks indicating a valid configuration even though self-IP addresses have not yet been entered.

Conditions:
Attempting to configure a BIG-IP Next HA instance.

Impact:
An error is returned.

Workaround:
Enter self-IP addresses when configuring a BIG-IP Next HA instance.

1294565 : After upgrading, login api may return 401 with correct credentials

Component: BIG-IP Next

Symptoms:
After upgrading a BIG-IP Next HA instance from version 0.12.0 to version 0.13.0, you might get 401 authentication error.

Conditions:
Upgrading BIG-IP Next HA instance from version 0.12.0 to 0.13.0.

Impact:
Traffic is not passed.

Workaround:
N/A

1294393 : Sorting and filtering create instance tasks on the My Instances page

Component: BIG-IP Next

Symptoms:
Unable to filter or sort create instance tasks on the My Instances page.

Conditions:
Navigate to Infrastructure > Instances screen. Create instance tasks that were performed in the last 15 minutes display.

Impact:
Running/failed create instance tasks from the last 15 minutes always appear at the bottom of the My Instances page.

1294137 : BIG-IP Next HA instance creation fails

Component: BIG-IP Next

Symptoms:
BIG-IP Next HA instance creation fails if you select more than one floating IP address for a Traffic VLAN.

Conditions:
Selecting more than one floating IP address for a Traffic VLAN when creating a BIG-IP Next HA instance.

Impact:
BIG-IP Next HA creation fails.

Workaround:
Select only one floating IP address for a Traffic VLAN when creating a BIG-IP Next HA instance.

1294081-1 : AS3 applications configured with HTTP2 and TLS do not function

Component: BIG-IP Next

Symptoms:
AS3 incorrectly configures the application object (/api/v1/applications) with the TLS setting enabled. This setting causes a TMM validation error and the HTTP2 application is not functional.

Conditions:
Application object (/api/v1/applications) properties:
- serverSide.http2.enforceTLSRequirements is set to "true"
- missing "serverSide.tls" property

Impact:
You cannot use AS3 to setup an HTTP2 application with TLS enabled.

1293901 : If pool member/endpoint name is omitted, app creation/edit screen might crash

Component: BIG-IP Next

Symptoms:
When creating apps that include Endpoints (pool members), users must enter a name for each pool member even though the field is not marked as required. If there is more than one pool member and at least one pool member does not have a name, the page crashes and shows a white screen until the user navigates away or refreshes the page.

Conditions:
There is more than one pool member in the app and at least one pool member does not have a name.

Impact:
Users are unable to safely create pool members with no name.

Workaround:
Add a name to every pool member.

1293209-1 : After backing up and restoring a BIG-IP Next HA instance, traffic stops passing

Component: BIG-IP Next

Symptoms:
Traffic stops passing after restoring from a BIG-IP Next HA instance backup.

Conditions:
Create a backup for a BIG-IP Next HA instance and restore from that backup.

Impact:
Traffic fails because the client cannot reach the virtual servers.

Workaround:
Force a failover after the restore to set the proper HA states. Traffic will pass now because the client is able to reach the virtual server.

1291473 : Creating a BIG-IP Next HA instance with instances that have deployed applications

Component: BIG-IP Next

Symptoms:
If you create a BIG-IP Next HA instance from existing BIG-IP Next instances with deployed applications, BIG-IP Next Central Manager removes the applications from the standby BIG-IP Next instance with or without a warning message. In addition, BIG-IP Next Central Manager might not display previously configured VLANs for selection.

Conditions:
Create a BIG-IP Next HA instance with existing instances that have deployed applications.

Impact:
BIG-IP Next Central Manager deletes the applications to the standby BIG-IP Next instance in the BIG-IP Next HA configuration and does not display previously configured VLANs for selection.

Workaround:
To work around this, click "Previous" during the workflow to create a BIG-IP Next HA instance to return to the previous step, then press "Next" again. The VLANs display properly, allowing you to select them.

1290929-1 : API deployment fails for HTTPS Virtual Server migration if clientssl profile name = certificate name

Component: BIG-IP Next

Symptoms:
When migrating from BIG-IP to BIG-IP Next, if the name of a certificate is the same as the clientssl profile name (without .crt extension), then the certificate object is not created after conversion in the migration process.

API deployment errors could be observed in the logs:
Deployment failed with the exception: declaration is invalid: ['/<tenant_name>/<application_name>/<virtual_server_name>/serverTLS: must contain path pointing to a reference that exists']

Conditions:
Migrate a BIG-IP UCS to BIG-IP Next Central Manager. The UCS configuration contains a certificate with the same name as the clientssl profile.

Impact:
The certificate will not be converted in the UCS conversion process, and the certificate will not have a successful migration to BIG-IP Next.

1286181-1 : Add a service with Transport Layer Security (TLS), but one or more of the certs is missing or invalid

Component: BIG-IP Next

Symptoms:
Successfully add a new service to the BIG-IP Next configuration, but no logs are created.

Conditions:
Add a service that includes TLS, but the certificate, private key, or root certificate authority is missing or invalid.

Impact:
Users might be confused with the newly added service, because it appears to have been added to the BIG-IP Next configuration. But the service is not added to the otel config and no otel telemetry service is created. Therefore no logs are exported.

1286173-1 : Telemetry services that do not exist appear to have been deleted using an API call

Component: BIG-IP Next

Symptoms:
Attempt to delete a service UUID that does not exist. BIG-IP Next returns "SUCCEEDED" even though the delete task fails.

Conditions:
Delete a service that does not exist in the BIG-IP Next configuration. (for example DELETE https://{{SERVER}}/api/v1/services/00000000-0000-0000-0000-000000000000)

Impact:
The services are not deleted but no error is returned.

1284665-1 : When adding a new BIG-IP Next instance, the error message from an unsuccessful addition attempt is not cleared

Component: BIG-IP Next

Symptoms:
If you use an incorrect username for BIG-IP Next Central Manager and try to add a new BIG-IP Next instance, an error is returned.

If you fix BIG-IP Next Central Manager user name, you can successfully add an instance but the error still displays.

Conditions:
Add a new BIG-IP Next instance when there is an error from the previous instance discovery process.

Impact:
BIG-IP Next Central Manager displays an error that could cause confusion.

Workaround:
When the alert for the error shows up while adding a BIG-IP Next instance, dismiss the error alert.

1280713 : VELOS high availability (HA) cluster goes into active/active after upgrade★

Component: BIG-IP Next

Symptoms:
VELOS high availability (HA) cluster goes into active/active after upgrade and can put the nodes/tenants can be in an unhealthy state.

Conditions:
After First Upgrade: Always
After Second Upgrade: Not Always

Impact:
As the two nodes are in active/active, a failover cannot be performed and both nodes might try to behave as primary.

Workaround:
Take the BIG-IP Next instances out of the HA configuration, upgrade each standalone BIG-IP Next instance, and recreate the BIG-IP Next HA instance on VELOS.

1271477 : BIG-IP Next instance on VELOS reports unhealthy status if upgrade fails★

Component: BIG-IP Next

Symptoms:
If the operation fails when upgrading from BIG-IP Next software version 0.10.0 to 0.11.0 or 0.12.0, the VELOS tenant is marked as unhealthy.

Conditions:
-- BIG-IP Next instance is running software version 0.10.0.
-- You upgrade to software version 0.11.0 or 0.12.0.
-- The upgrade operation fails.

Impact:
The BIG-IP Next VELOS tenant is reported as unhealthy.

Workaround:
You can work around this issue by retrying BIG-IP Next tenant upgrade to version 0.11.0 or 0.12.0 using these steps:

1. Initiate upgrade from version 0.10.0 to 0.11.0 or 0.12.0.

2. SSH into the active member of the high availability (HA) configuration.

3. If upgrade is successful (i.e., version 0.11.0 or 0.12.0 is marked 'deployed' in helm history), nothing needs to be done:
   watch "helm history <tenant_name> -n <partition_number>"

4. If upgrade fails for some reason, the operation automatically triggers rollback to version 0.10.0 (i.e., the last release is marked 'pending rollback' in helm history). At this point, perform the following procedure:
   4.1. Stop the FCDN service on the tenant:
        oc scale deployment <tenant_name>-f5-fcdn-sync -n <partition_number> --replicas=0

   4.2. SSH into the partition's blade.

   4.3. Check whether the FCDN backup is available:
        ls /mnt/disks/<partition_number>/f5-upgrade-hooks/backup/f5-fcdn-config.tar

   4.4 If f5-fcdn-config.tar is not available, the upgrade failed due to a different reason.
        Important: This workaround is intended for use only with this specific failure. It is not applicable to any other type of failure, so you should stop here if the .tar is not available.

   4.5. If f5-fcdn-config.tar is available, back up existing FCDN config files and clear them:
        cd /mnt/disks/<partition_number>/f5-fcdn-config
        tar -cf ../f5-fcdn-config.tar *
        rm -rf *

   4.6. Restore the FCDN config backup:
        tar -xf /mnt/disks/<partition_number>/f5-upgrade-hooks/backup/f5-fcdn-config.tar -C /mnt/disks/<partition_number>/f5-fcdn-config

   4.7. Restart the FCDN service:
        oc scale deployment <tenant_name>-f5-fcdn-sync -n <partition_number> --replicas=1

   4.8. Wait for FCDN to come up:
oc get pods -n <partition_number> | grep <tenant_name>-f5-fcdn-sync

6. Monitor rollback progress:
   watch "helm history <tenant_name> -n <partition_number>"

7. Once rollback is completed (i.e., the last release is marked 'deployed' in helm history), the system should be back up and running BIG-IP Next software version 0.10.0.

1268361 : API GET /upgrade/systems/{system_id}/stats/{type} is VE specific only★

Component: BIG-IP Next

Symptoms:
The upgrade statistics API is not available for BIG-IP Next instances on VELOS; invoking this API results in an error.

Conditions:
Attempting to get upgrade statistics for VELOS BIG-IP Next tenants.

Impact:
You cannot get upgrade stats like you can for BIG-IP Next VE.

Workaround:
For BIG-IP Next instances on VELOS, use the VELOS tenant APIs to receive upgrade status.

1267981 : BIG-IP Next pool monitors use management network as fallback

Component: BIG-IP Next

Symptoms:
Monitor traffic goes across the management network.

Conditions:
When no data-plane route is found, the pool monitor will use the management network.

Impact:
F5 strongly discourages you to configure a health monitor to send probes using the management network because the management network is not intended for production traffic. F5 recommends that the pool members/nodes reside on a network that is reachable through TMM interfaces so health monitor probes are sent through TMM interfaces.

Workaround:
Ensure a data-plane route is configured before configuring the application.

1251181 : VLAN names longer than 15 characters can cause issues with troubleshooting

Component: BIG-IP Next

Symptoms:
If the VLAN name is longer than 15 characters, traffic originating from the debug-sidecar will not work correctly and can cause issues with troubleshooting.

Conditions:
The user creates an L1 network with a VLAN that has a name longer than 15 characters.

Impact:
Traffic that originates from the debug sidecar will not work correctly.
For example, if an internal VLAN is configured with a long name, the name in the output from 'ip addr' and 'ip route' on the debug sidecar will show a truncated name. Additionally, if a ping is attempted to a destination that is connected using this VLAN, the ping packets will be dropped and ping will fail.

Workaround:
Use VLAN names less than 16 characters long.

1235105 : Endpoint grid is shown only for applications that use the HTTPS-Load-Balancing-Service template

Component: BIG-IP Next

Symptoms:
When you open the application properties screen and select the Endpoints (Pool Members) tab, the Endpoints grid does not appear.
Note that the grid appears correctly when you open the application properties screen for an application that uses the HTTPS-Load-Balancing-Service template.

Conditions:
Create an application on BIG-IP Next Central Manager using any template other than HTTPS-Load-Balancing-Service.

Impact:
The endpoints grid is not shown under "Endpoints (Pool Members)" section for the application's details.

1235089 : Selected signatures for cookies are not added to overriden signature section

Component: BIG-IP Next

Symptoms:
When creating a cookie with overridden signatures from BIG-IP Next Central Manager, the signatures are not included in the overridden signatures list when the cookie is created.

Conditions:
Create a WAF policy cookie with an override signature list from BIG-IP Next Central Manager.

Impact:
The overridden signature list for the cookie are not included.

Workaround:
1) From BIG-IP Next Central Manager, create a cookie without the signature override. After the cookie is created, edit the cookie to add signatures.

2) Manually create a cookie with signature overrides.

1234093 : BIG-IP Next Central Manager iRules do not support double quote characters

Component: BIG-IP Next

Symptoms:
Deploying an iRule using a BIG-IP Next Central Manager FAST Application template fails.

Conditions:
iRule scripts that contain double quote characters cannot be deployed to a BIG-IP Next instance using BIG-IP Next Central Manager. For example:

when HTTP_REQUEST {

    if { [HTTP::uri] eq "/test"} {
        HTTP::header insert X-Forwarded-For [IP::remote_addr]
    }
}

Impact:
iRules that use double quote characters cannot be deployed to a BIG-IP Next instance.

1232993-1 : Forced reboot during BIG-IP Next upgrade can cause instability★

Component: BIG-IP Next

Symptoms:
A forced reboot of a BIG-IP Next instance while an upgrade is in progress can make the instance unstable.

Conditions:
An upgrade is in progress and you manually reboot the BIG-IP Next instance.

Impact:
Manually rebooting a BIG-IP Next instance during an upgrade can instability and might result in configuration loss.

Do not manually reboot BIG-IP Next while an upgrade is in progress. Only automatic reboots triggered by the upgrade process itself are allowed.

Workaround:
Add and configure another BIG-IP Next instance with the newer version.

1231089 : Multiple applications can be configured with duplicate values for virtualAddresses and virtualPort

Component: BIG-IP Next

Symptoms:
It is possible to configure multiple applications that share the same IP address and port numbers.

Conditions:
You create two or more applications that share the same IP:port pairing.

Impact:
Unclear. Possible disruption of traffic.

Workaround:
Configure applications with unique IP:port pairings.

1230993 : 'Mandatory request body is missing' violation in staging but request is unexpectedly blocked

Component: BIG-IP Next

Symptoms:
Request is blocked on a staged URL for the violation 'Mandatory request body is missing'.

Conditions:
- 'Mandatory request body is missing' violation is set for blocking
- The URL is in staging
- 'Mandatory request body is missing' is enabled on the URL

Impact:
Requests are blocked unexpectedly. The expected behavior is for the requests to pass with staging violation.

Workaround:
None

1227605 : Item count on the BIG-IP Next Central Manager My Apps and Instances pages shows -1 items

Component: BIG-IP Next

Symptoms:
The item count on the lower corner of the BIG-IP Next Central Manager My Apps and Instances pages displays as -1.

Conditions:
When viewing items on the My Apps and Instance pages.

Impact:
You cannot determine the number of items on these screens using that metric.

1220077 : Failover for a BIG-IP Next HA instance between upgrades can time out★

Component: BIG-IP Next

Symptoms:
When you upgrade the standby node in a BIG-IP Next HA instance then upgrade the previously active node, failover times out.

Conditions:
Upgrading a BIG-IP Next HA instance.

Impact:
This can cause confusion.

Workaround:
Monitor the /health endpoint to find the nodes that have switched to the high availability (HA) state and proceed with the second upgrade.

1216525-1 : BIG-IP Next HA instance on VELOS health status fluctuates

Component: BIG-IP Next

Symptoms:
The health status for BIG-IP Next HA on VELOS fluctuates. For example:

healthy -> unknown -> unhealthy -> healthy

Conditions:
BIG-IP Next HA instance on VELOS.

Impact:
This fluctuation can cause confusion.

1209649-1 : Load More' button reloads data already on the page for FAST Apps on BIG-IP Next Central Manager

Component: BIG-IP Next

Symptoms:
When you click the Load More button from the BIG-IP Next Central Manager FAST Apps page, it reloads the last page of data repeatedly.

Conditions:
Click the 'Load More' button on the BIG-IP Next Central Manager FAST Apps page after data is loaded.

Impact:
The last page is again added to the table, even though that data is already present. This occurs for each subsequent press of 'Load More'.

Workaround:
None

1195281-1 : Endpoint is down when sendString contains double escaped characters

Component: BIG-IP Next

Symptoms:
Endpoints (pool members) are down if HTTP monitor's "sendString" includes double escaped characters.

Conditions:
Configure HTTP monitor in Next native API with a sendString that has double escaped characters.
Example:
"sendString": "GET / HTTP/1.1＼＼r＼＼nHost:demo.local＼＼r＼＼nConnection: Close＼＼r＼＼n＼＼r＼＼n"

Impact:
Monitor marks Endpoints (Pool members) down.
Endpoint returns "400 Bad request" for monitor probe.

1189933-1 : BIG-IP Next Central displays a BIG-IP Next Instance as 'IsHealthy': true even if traffic isn't passing

Component: BIG-IP Next

Symptoms:
BIG-IP Next Central Manager displays a BIG-IP Next instance as 'IsHealthy' when it is not.

Conditions:
This happens if the BIG-IP Next instance's internal network configuration is missing. The configuration requires VLANs/proper network configuration needs to pass traffic. Even though the configuration is invalid, the status is reported as healthy.

Impact:
This status can cause confusion.

Workaround:
Correctly configure the BIG-IP Next instance's internal network so it can pass traffic properly.

1172933 : Stack name must be unique in an application regardless of types

Component: BIG-IP Next

Symptoms:
Multiple stacks can be included in an application. The name should only need to be unique for a specific type in that application. However, if the name is not unique in that application (regardless of the type), it triggers application errors.

Conditions:
Send PUT request to the /applications endpoint to create an application with two stacks of same name but different types:

{
        "name": "App_1",
        "description": "web server for f5-2",
        "domainName": "www.f5-2.com",
        "stacks":[
            {
                "stackType": "HttpRevProxy",
                "name": "st1"
            },
            {
                "stackType": "HttpSimpleProxy",
                "name": "st1"
            }
        ]
}

Impact:
The request is rejected.

1162253 : Monitors in an application cannot be removed from stacks and traffic stops running

Component: BIG-IP Next

Symptoms:
Monitors in an application cannot be removed from stacks and traffic stops running.

Conditions:
1. Create an application (with or without monitors).
2. Test to see if traffic is passing. It should pass for TCP monitors, but if you add http2 monitor traffic, traffic will not pass.
3. Try to update the stacks by removing the monitors.
4. Traffic stops, and the stacks also do not get updated.

Impact:
Traffic stops, and stacks also do not get updated

1162213-1 : Incorrect state when upgrading a BIG-IP Next HA instance★

Component: BIG-IP Next

Symptoms:
While upgrading a BIG-IP Next HA instance, when the configuration is partially upgraded, the state remains STANDALONE/NOT_READY instead of ACTIVE/STANDBY.

Conditions:
When only one of the nodes in a BIG-IP Next HA instance is upgraded.

Impact:
The /health endpoint reports an incorrect subsystem HA state for the data-store subsystem.

Workaround:
You can safely ignore the HA state during an upgrade and proceed with failover after a successful upgrade of the standby node.

1142217-1 : Access Policies that have both signature required and encryption configured fail to validate and returns an error

Component: BIG-IP Next

Symptoms:
Access Policies that have both signature required and encryption configured fail to validate with the given error registered to APMD.

Conditions:
Both signature and encryption is configured.

Impact:
Validation fails.

Workaround:
You cannot use both a signature and encryption for an Access Policy. Configure the policy to only require a signature.

1137869 : Attempting to create an application from BIG-IP Next Central Manager sometimes fails

Component: BIG-IP Next

Symptoms:
When attempting to create an application using FAST templates from BIG-IP Next Central Manager, it might fail with the following message:

max retries, please try again later

Conditions:
This issue occurs intermittently.

Impact:
Unable to create an application.

Workaround:
Try to create the application again. Application creation should succeed.

1134225 : AS3 declarations with a SNAT configuration do not get removed from the underlying configuration as expected

Component: BIG-IP Next

Symptoms:
AS3-configured L4-serversides object contains a SNAT property when it should not, given that SNAT was previously configured in the declaration and then subsequently removed.

Conditions:
SNAT configuration was specified in the AS3 declaration and then subsequently removed.

Impact:
A SNAT cannot be removed once it has been added.

Workaround:
Remove the L4-serversides object, either by removing the relevant configuration from the AS3 declaration or by using DELETE /api/v1/L4-serversides, and then re-POST the AS3 declaration without the SNAT.

1123381 : Standby node in a BIG-IP Next HA instance loses it's license when HA is disassembled

Component: BIG-IP Next

Symptoms:
When you disassemble a BIG-IP Next HA instance, the previous standby node loses its license.

Conditions:
After creating a BIG-IP Next HA instance, disassemble.

Impact:
Standby node loses its License.

Workaround:
Reapply the license to the previous standby node and recreate the BIG-IP Next HA instance again.

1122689-3 : Cannot modify DNS configuration for a BIG-IP Next VE instance through API

Component: BIG-IP Next

Symptoms:
Making updates to BIG-IP Next Virtual Edition (VE) DNS configuration through onboarding or the API does not update the DNS configuration as expected.

Conditions:
Making updates to a BIG-IP Next DNS configuration through the API.

Impact:
The BIG-IP Next instance continues to use the DNS servers supplied by DHCP on the interface by default.

Workaround:
Prior to updating the BIG-IP Next DNS configuration through the API, issue the following commands.

$ rm -f /etc/resolv.conf; touch /etc/resolv.conf

This removes all DNS configurations. DNS can then be managed through the BIG-IP Next instance's API, and the DNS provided by DHCP is ignored.

1120457-1 : Data interfaces for BIG-IP Next VE are not visible on the host after the interface configuration is sent to TMM

Component: BIG-IP Next

Symptoms:
Data interfaces for BIG-IP Next Virtual Edition (VE) are not visible on the host when running any tool that returns a list of interfaces. Data interfaces are not visible on the host after the interface configuration is sent to TMM.

Conditions:
L1-network configuration is sent to TMM using the REST API that specifies the interface details.

Impact:
The physical interfaces can be seen only from inside the TMM Pod and not on the host, which makes debugging network issues difficult.

Workaround:
To perform debug actions, into the debug sidecar Pod, use the following command:

kubectl exec -it deploy/f5-fsm-tmm -c f5-fsm-debug-sidecar -- bash

1120417 : Machine ID on the BIG-IP Next properties pages shows an error

Component: BIG-IP Next

Symptoms:
This occurs because the validation for machineID is invalid. This causes issues in the user interface of the BIG-IP Next instance, preventing you from updating other information on the Systems properties page.

Conditions:
BIG-IP Next is onboarded, and you visit the Systems properties page on the local BIG-IP Next instance.

Impact:
/system 'machineID' enforces validation but it cannot be updated

Workaround:
None

1117817 : Interface assignments are unpredictable when more than 4 interfaces are configured

Component: BIG-IP Next

Symptoms:
After booting BIG-IP Next Virtual Edition (VE) in a VMware EXSi environment using five or more interfaces, TMM does not order the interfaces in the same order that they were added in EXSi.

Conditions:
Configure BIG-IP Next VE in a VMware ESXi environment with five or more assigned interfaces.

Impact:
The traffic-passing tmm interfaces might not be connected to the VMware interfaces in the order that they were expected.

Workaround:
If you do not need more than four network adapters, remove the extra network adapters in VMware.

If you need more than four network adapters, log into the VM console and manually edit /etc/mbip/conf/ethmap to order the MAC addresses according to the network adapter ordering in VMware using the following procedure.

To obtain the network adapter ordering supplied by VMware, you can run the following command:

$ vmtoolsd --cmd "info-get guestinfo.ovfEnv" | grep "ve:Adapter" | awk -F '"' '{print $2}'
00:50:56:9d:36:50
00:50:56:9d:20:ba
00:50:56:9d:44:05
00:50:56:9d:bc:24
00:50:56:9d:e6:b8

Compare the interface ordering with the contents of /etc/mbip/conf/ethmap:

$ cat /etc/mbip/conf/ethmap
00:50:56:9d:36:50
00:50:56:9d:e6:b8 <=== incorrect order, it should have been the last interface
00:50:56:9d:20:ba
00:50:56:9d:44:05
00:50:56:9d:bc:24

In /etc/mbip/conf/ethmap, the first interface listed is the management (mgmt) interface in BIG-IP Next. The tmm will label subsequent interfaces as 1.1, 1.2, etc. Therefore the interface numbering would work this way:

00:50:56:9d:36:50 (mgmt)
00:50:56:9d:e6:b8 (1.1)
00:50:56:9d:20:ba (1.2)
00:50:56:9d:44:05 (1.3)
00:50:56:9d:bc:24 (1.4)

Since this ordering does not match the network interface order in VMware, you can fix it by editing /etc/mbip/conf/ethmap.

Using sudo to make the change to the file, change the interface ordering in /etc/mbip/conf/ethmap manually using a text editor. Or you can avoid using a text editor by using the following three commands:
sudo -i
vmtoolsd --cmd "info-get guestinfo.ovfEnv" | grep "ve:Adapter" | awk -F '"' '{print $2}' > /etc/mbip/conf/ethmap
exit

Confirm that the interface ordering in /etc/mbip/conf/ethmap is the same as what VMware reports
$ cat /etc/mbip/conf/ethmap
00:50:56:9d:36:50
00:50:56:9d:20:ba
00:50:56:9d:44:05
00:50:56:9d:bc:24
00:50:56:9d:e6:b8

$ vmtoolsd --cmd "info-get guestinfo.ovfEnv" | grep "ve:Adapter" | awk -F '"' '{print $2}'
00:50:56:9d:36:50
00:50:56:9d:20:ba
00:50:56:9d:44:05
00:50:56:9d:bc:24
00:50:56:9d:e6:b8

Note: If the vmtoolsd command does not work for some reason, you can go to vCenter and manually look at the MAC addresses of the interfaces and the order that they are in, and then ensure that /etc/mbip/conf/ethmap has the same ordering.

After editing the file, reboot BIG-IP Next. If L1-networking was already configured, you will need to reset and re-configure BIG-IP Next.

1117805 : Unable to determine the TMM interface for MAC addresses on BIG-IP Next VE from the API

Component: BIG-IP Next

Symptoms:
You are unable to use the API to determine the MAC addresses for TMM interfaces on BIG-IP Next Virtual Edition (VE).

Conditions:
From the API, you attempt to confirm the TMM interfaces (for example, 1.1 or 1.2) for your BIG-IP Next instance are in the same order as they are configured on the VMware ESXi environment.

Impact:
It is not possible to use the API to confirm the order of the TMM interface.

Workaround:
If you need to confirm the interface ordering, view the /etc/mbip/conf/ethmap file.

# cat /etc/mbip/conf/ethmap
00:50:56:ba:cc:18
00:50:56:ba:d8:b8
00:50:56:ba:ca:ce

The first interface listed is always the management (mgmt) interface. The tmm will label subsequent interfaces as 1.1, 1.2, etc. Therefore:

00:50:56:ba:cc:18 (mgmt)
00:50:56:ba:d8:b8 (1.1)
00:50:56:ba:ca:ce (1.2)

1117765 : BIG-IP Next Central Manager displays empty network interface metrics for a BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
If network interface data is unavailable or incomplete (for example, in the event of a network error) for a managed BIG-IP Next instance, the Throughput In/Out graph might appear empty or display "No Data" when viewing the Network Interface for the BIG-IP Next instance's properties.

Conditions:
From BIG-IP Next Central Manager, select a managed BIG-IP Next instance. Click Network Interface. The page displays "No Data".

This occurs when some error prevents the retrieval of the metrics data.

Impact:
There is no functional impact; this is a cosmetic issue.

Workaround:
None

1114841-2 : Creating a BIG-IP Next HA instance from BIG-IP Next Central Manager fails

Component: BIG-IP Next

Symptoms:
If the task for creating a BIG-IP Next HA instance from BIG-IP Next Central Manager fails, the node specified as standby might display in an unknown state and might be unreachable or might not be discovered by BIG-IP Next Central Manager.

Conditions:
1. Add two BIG-IP Next standalone instances.
2. Create a BIG-IP Next HA instance using one as the active node and the other as a standby node.

Impact:
The standby node in the BIG-IP Next HA instance might be unreachable or not discoverable by BIG-IP Next Central Manager.

Workaround:
Reconfigure the standby node or recreate the BIG-IP Next HA instance.

1113593 : BIG-IP Next Central Manager cannot deploy an application to an unhealthy BIG-IP Next instance

Component: BIG-IP Next

Symptoms:
Attempting to deploy an application to an unhealthy BIG-IP Next instance fails with the following message:

invalid character 'h' after object key:value pair

Conditions:
From BIG-IP Next Central Manager, create an application, select a BIG-IP Next instance in an unhealthy state, and click the Test Deployment button.

Impact:
Application deployment fails.

Workaround:
None

1113045 : BIG-IP Next Central Manager displays No Data for mgmt network interface metrics

Component: BIG-IP Next

Symptoms:
When viewing the network interface stats for a managed BIG-IP Next instance from BIG-IP Next Central Manager, the interface selection drop-down includes an interface named 'mgmt'. Selecting this will show 'No Data' for all graphs.

Conditions:
Selecting the interface dropdown menu item 'mgmt' to view the network interface stats for a managed BIG-IP Next instance

Impact:
No functional impact. This interface can be ignored.

Workaround:
None

1112285 : Cannot update management IP address on BIG-IP Next HA instances

Component: BIG-IP Next

Symptoms:
Changing the management IP address of a BIG-IP Next high availability (HA) instance fails.

For a standalone BIG-IP Next instance, although the REST endpoints can be accessed using the new management IP address, the default system's object is not updated with the new management IP address.

Conditions:
1) Update the management IP address of a BIG-IP Next HA instance.
2) Reboot the BIG-IP Next HA instance.

Impact:
The new management IP address change is not preserved. You cannot change the management IP addresses on a BIG-IP Next HA instance.

Workaround:
None

1110805 : Setup needs to be finished on the host OS before BIG-IP Next can function properly.

Component: BIG-IP Next

Symptoms:
High availability (HA) state of the TMM container is in NOT-READY on both active and standby nodes.

There may also be errors about missing interfaces:

01010007:3: Config error: interface not found: 1.1

Conditions:
The network device(s) are not set up on the host OS.

Impact:
Cannot pass traffic on BIG-IP Next.

Workaround:
Make sure the network is properly set up on the host OS before you install BIG-IP Next.

1109933-1 : Unexpected behavior when multiple routes with identical route configuration and different names are created

Component: BIG-IP Next

Symptoms:
If you create multiple routes with identical route configurations but with different names, these are treated as a single entry in TMM. As a result, deletion of one of the routes using the external API results in a mismatch between the external API database and the TMM route table.

Conditions:
-- Create two static routes with different names but an identical route configuration.
-- List the routes using the external API so that you see two routes in the list.
-- Delete either route.

Impact:
-- The list queried using the external API now shows one remaining route.
-- In TMM, both routes with identical route configuration are treated as a single route entry.
-- This gets deleted when one of the route is deleted.
-- The external API lists a route entry which internally does not exist in TMM.

Workaround:
Use the same name when creating multiple routes with identical route configurations.

1109633 : Creating a BIG-IP Next HA instance on VE from BIG-IP Next Central Manager

Component: BIG-IP Next

Symptoms:
When creating a BIG-IP Next HA instance on VE, BIG-IP Next Central Manager might return alerts that make it appear the BIG-IP Next HA creation failed.

Conditions:
This can happen when there is latency with the network and the "Yes, Add HA Node" button is clicked more than once.

Impact:
This could cause confusion as it might appear the BIG-IP Next HA creation failed.

Workaround:
Click the "Yes, Add HA Node" button only once.

1107757-1 : Large numbers of AS3/API requests can trigger job timeout errors.

Component: BIG-IP Next

Symptoms:
When sending a large number of requests using AS3 or the API over a short period of time, TIMEOUT errors occur, leading to job failure.

Conditions:
When repeated (100+) job calls are performed using AS3.

Impact:
The ICB module will temporarily lose its connection to the database. This will self correct given time.

Workaround:
Increase the period of time when AS3/API requests are performed.

1107533-1 : Upgrading a BIG-IP Next instance endpoint does not accept file names★

Component: BIG-IP Next

Symptoms:
When upgrading BIG-IP Next software, you must use the UUID of the file that is returned by file upload API (step 1 of the upgrade process), instead of the actual name of file uploaded.

Conditions:
Upgrading a BIG-IP Next instance using the PUT PUT /upgrade endpoint.

Impact:
Do not use the actual file name. Use the name returned by the upload file's API.

Workaround:
In the PUT /upgrade API, for the field 'fileName' use the name returned by upload file's API.

1106573 : If an application deployment fails due to BIG-IP Next instability, the policies referenced in the application cannot be deleted from BIG-IP Next Central Manager

Component: BIG-IP Next

Symptoms:
If the BIG-IP Next Central Manager application deployment fails due to the instability of a BIG-IP Next instance, the failure is not properly communicated to the dependent features, so you can't delete the policies (for example, WAF, Access, and so forth) that are referenced in the application template from BIG-IP Next Central Manager.

Conditions:
An application deployment fails because the target BIG-IP Next instance is unstable or unhealthy.

Impact:
The policies (for example, WAF, Access, and so forth) that are referenced in the application template cannot be deleted from BIG-IP Next Central Manager when an application deployment fails.

1106477 : Cannot control the order of the fields generated from a BIG-IP Next Central Manager application template

Component: BIG-IP Next

Symptoms:
For application templates containing additional policy definitions (for example: WAFPolicyName, ClonedWAFPolicyName), the auto-generated fields on the BIG-IP Next Central Manager application management page are not ordered as expected.

Conditions:
When an application template contains additional policy definitions.

Impact:
The auto-generated form is not ordered properly.

Workaround:
N/A

1104625 : The BIG-IP Next VE tmstat table does include stats for the management interface

Component: BIG-IP Next

Symptoms:
On a BIG-IP Next Virtual Edition (VE), the API call to api/v1/systems/<sys-id>/interfaces returns the interface name "mgmt". But when executed, the API query api/v1/metrics/systems/<sys-id> does not have the mgmt stats in response.

Conditions:
-- BIG-IP Next has the mgmt interface configured.
-- API GET query to api/v1/metrics/systems/<sys-id>

Impact:
The management interface is in the list of interfaces but statistics are not available.

Workaround:
None

1104397 : When creating a new application from BIG-IP Next Central Manager, the form might show the deployment status of an application created previously in the same session

Component: BIG-IP Next

Symptoms:
When creating multiple applications in the same session, the form might show the deployment status of an application that was created previously in the same session.

Conditions:
Attempt to deploy multiple applications in the same session.

Impact:
Until you attempt to deploy the application, the displayed status will be incorrect.

Workaround:
Refresh the BIG-IP Next Central Manager browser to update the status.

1104393 : Testing an application deployment from BIG-IP Next Central Manager and copying to clipboard

Component: BIG-IP Next

Symptoms:
When testing an application deployment from BIG-IP Next Central Manager and clicking the button to copy content to the clipboard, the content is not consistently copied.

Conditions:
When testing an application deployment from BIG-IP Next Central Manager.

Impact:
The content isn't copied to the clipboard.

Workaround:
Manually select and copy the JSON text instead of using the clipboard button.

1090405 : Error messages in logs: pem block and tls failed to find PEM data

Component: BIG-IP Next

Symptoms:
When viewing logs, multiple error messages similar to the following might display:

pem block of Certificate Authority was empty
error loading Certificate: tls: failed to find any PEM data in certificate input

Conditions:
Viewing logs.

Impact:
These are benign messages that have no impact on BIG-IP Next functionality.

Workaround:
None

1090205 : Floating IP address for a BIG-IP Next HA instance is unavailable during an active node reboot

Component: BIG-IP Next

Symptoms:
When rebooting the active node in a BIG-IP Next HA instance, the floating IP address is unreachable until the active node has completed the reboot (about 2 to 4 minutes).

Conditions:
After creating a BIG-IP Next HA instance and rebooting the active node through the API.

Impact:
The floating IP address for the active node is unavailable while it's rebooting.

During this, traffic passes and rules, and other policies operate on the newly active node as expected. Only the BIG-IP Next HA instance's management IP address is unavailable.

Using the BIG-IP Next HA instance's management IP address does not return a response during the reboot operation. The management IP address becomes available once the newly active node back in a healthy state.

Workaround:
Although there is no workaround to prevent this issue, the new active node fully functions as active within seconds after failover and traffic is passed as expected.

APIs are accessible using the newly active node's management IP address.

You can use the BIG-IP Next floating IP address again after rebooting the active node.

1089201 : BIG-IP Next HA instance in an HA configuration fails when control plane IP address is configured incorrectly

Component: BIG-IP Next

Symptoms:
When creating a BIG-IP Next HA instance with the incorrect control plane IP address, it fails with a message similar to the following and you cannot revise the control plane IP address.

Job status: FAILED

Error message: Unable to start https server on peer node (w.x.y.z).

State of second node in the health check response from first node: UNREACHABLE

State of second node in the health check response from second node: STANDALONE

Conditions:
Creating a BIG-IP Next HA next configuration with an incorrect control plane IP address.

Impact:
BIG-IP Next HA instance configuration fails.

Workaround:
Delete the existing BIG-IP Next HA instance and recreate using the correct control plane IP address.

1087937 : API endpoints do not support page query

Component: BIG-IP Next

Symptoms:
The 'page' query is not supported.

Conditions:
This issue is seen when the API is called directly. There is no impact on the functionality if BIG-IP Next Central Manager or AS3 is used.

Impact:
Pagination of results does not function correctly.

Workaround:
Remove 'limit' parameter. This causes all objects to be returned in the response.

1087881 : Network API endpoints reject Content-Type application/hal+json

Component: BIG-IP Next

Symptoms:
The Network API endpoints respond to HTTP PUT requests containing the header 'Content-Type: application/hal+json' with an HTTP 415 'Unsupported Media Type' error.

Conditions:
Send an HTTP PUT request with the header "Content-Type: application/hal+json' to any of the following endpoints:
/L1-networks
/L2-networks
/L2-forwards
/L3-networks
/L3-forwards
/L4-clientsides
/L4-serversides

Impact:
A 415 'Unsupported Media Type" response occurs and changes are not made.

Workaround:
Send an HTTP PUT request with the header 'Content-Type: application/json' and a request body of type application/json.

1086221-1 : Content-Type response header does not match documented in BIG-IP Next OpenAPI spec

Component: BIG-IP Next

Symptoms:
The value of the Content-Type response header does not match those documented in the OpenAPI spec for BIG-IP Next:

The defined content-types for responses to GET /metrics/systems/{systemId} are:
application/json and application/hal+json

Conditions:
Requesting Content-Type response header with the command GET /metrics/systems/{systemId}.

Impact:
Response does not contain the expected application/json and application/hal+json type. Instead, it contains 'Content-Type: text/plain'.

Workaround:
None

1083205 : Default network is the only supported network

Component: BIG-IP Next

Symptoms:
The default network created is the only supported network object under /L1-Networks. Deleting this default network, or creating additional L1-Networks, might operate partially, but that configuration is not supported.

Conditions:
A new L1-Network is created, or the 'Default Network' is deleted from the OpenAPI.

Impact:
Traffic could unexpectedly stop.

Workaround:
Do not use L1-Network objects other than the default network.

Note: If traffic unexpectedly stops through use of custom networks, deleting any VLANs whose vlan-tag is repeated across other existing L1-Networks might restore functionality, but this is not guaranteed.

1082417 : Application status displays as deployed before it has been created

Component: BIG-IP Next

Symptoms:
Before an application has been created, its status incorrectly displays as "Completed deployment successfully".

Conditions:
Click the '+ Create' button to create a new Application; then scroll down to the Status field.

Impact:
The information is incorrect and confusing.

Workaround:
None

1079873 : Text in first column of a BIG-IP Next Central Manager grid might overlap with text in subsequent columns

Component: BIG-IP Next

Symptoms:
Text in first column of a BIG-IP Next Central Manager grid overlaps with text in subsequent columns if the item in the first column (for example, an object's name) is very long.

Conditions:
Text in the BIG-IP Next Central Manager's first column (for example, an object's name) is very long. This can also occur if the browser window is very small.

Impact:
Text in the first column of a grid overlaps with text in subsequent columns, making it difficult to read.

Workaround:
Expand the size of your browser window. This will only help to a certain extent.

1078013-1 : BIG-IP Next HA instance fails when VLANs exist or invalid VLANs are submitted

Component: BIG-IP Next

Symptoms:
If you create a BIG-IP Next HA instance with an invalid VLAN, it might appear as if it were successfully created even though it is not correctly configured at the platform level.

Conditions:
This happens when a configuration is submitted to /services/{id}/cluster to initiate an HA configuration, and that configuration contains a VLAN that is either not assigned to the tenant, or assigned but in use by the dataplane.

Impact:
BIG-IP Next HA instance configuration fails. The tenant does not operate as expected.

Workaround:
Perform a factory reset on any node entering this state, as various issues arise from a node incorrectly behaving as if it were part of a pair. At worst, the 'paired' peer device may also be affected.

Ensure the VLAN being submitted in the HA request payload is assigned to the tenant by the VELOS admin, and that the VLAN is not already configured for use by the dataplane (i.e., there are no references to that VLAN by name or ID in other OpenAPI objects).

1060829 : Unable to delete template from BIG-IP Next Central Manager if it was used for the application deployment

Component: BIG-IP Next

Symptoms:
Deleting a template from the template screen of BIG-IP Next Central Manager fails if the template was previously used for an application deployment.

Conditions:
Attempting to delete a template from BIG-IP Next Central Manager that was previously used for an application deployment.

Impact:
You cannot delete the template.

Workaround:
From the API, use the following procedures to remove the template parameters.
1. Get the ID of the template that failed to be removed
Send a GET request to API https://BIGIP-NEXT-CM-IP/api/as3-workflow/v1/templates?filter=name eq 'template-name'

2. Find the template parameters item that's referring to the template.
Send a GET request to API https://BIGIP-NEXT-CM-IP/api/as3-workflow/v1/parameters?filter=templateID eq 'template ID'

3. Remove the template parameters
Send a DELETE request to API https://BIGIP-NEXT-CM-IP/api/as3-workflow/v1/parameters/<parameters ID>

4. The template can be removed now either through the API call or the BIG-IP NEXT Central Manager user interface.

1058837 : Incorrect item count following application deletion and subsequent deletions fail

Component: BIG-IP Next

Symptoms:
BIG-IP Next Central Manager displays an incorrect selected item count after a delete operation, after which you cannot delete additional items.

Conditions:
This occurs in the following scenario:
-- Create several applications.
-- Click the checkbox next to one in the application services list and delete it.
-- Attempt to delete another one.

Impact:
The number of items selected is incorrect, reflecting a higher number than you actually have selected. When in this state, you cannot delete additional items.

Workaround:
Navigate to a different page and return, or refresh the page.

1057493 : 'HTTP::header insert' command does not work under ASM iRule events

Component: BIG-IP Next

Symptoms:
The iRule command 'HTTP::header insert' does not add the new header to the request sent to the server.

Conditions:
Under iRule events ASM_REQUEST_DONE and ASM_REQUEST_VIOLATION

Impact:
'HTTP::header insert' command cannot be used in the ASM_REQUEST_DONE and ASM_REQUEST_VIOLATION iRule events.

Workaround:
Insert headers in another event like ASM_REQUEST_BLOCKING

1053009-1 : Transaction in progress message and dropped connections using Files API to upload a cert/key

Component: BIG-IP Next

Symptoms:
Using Files API to upload a cert/key pair that references the key/cert pair in an application results in a log message followed by dropped HTTPS connections:

tmm1[7]: 01260000:2: Profile 56f16812-264c-11ec-9d63-02420a03010b: transaction in progress, profile not reloaded.

Conditions:
Use Files API to upload a cert/key pair that references an application.

Impact:
Application does not work. Connections are dropped.

Workaround:
Reconfigure the application with the certificate and key as an inline blob rather than referencing the cert/key uploaded using Files API.

★ This issue may cause the configuration to fail to load or may significantly impact system performance after upgrade

*********************** NOTICE ***********************

For additional support resources and technical documentation, see:

The F5 Networks Technical Support website: http://www.f5.com/support/
The MyF5 website: https://my.f5.com/manage/s/
The F5 DevCentral website: http://devcentral.f5.com/

******************************************************

Previous Next