Applies To:

Show Versions Show Versions

Supplemental Document: Log Messages Reference

Original Publication Date: 03/31/2017



Log Messages List



ID Number Description
00020000 Resuming log processing at this invocation; held %d messages.
01010001 %s starting
01010004 Memory allocation failed: %s
01010007 "Config error: %s"
01010011 Persistence cookie hash failed
01010013 database size increased by %d bytes, %d total
01010019 Caught signal %d, exiting
01010020 MCP Connection %s, exiting
01010028 No members available for pool %s
01010029 Clock advanced by %u ticks
01010038 Syncookie counter %d exceeded vip threshold %u for virtual = %A:%d
01010044 "%s feature %s licensed"
01010045 Bandwidth utilization is %d Mbps, exceeded %d%% of Licensed %d Mbps
01010201 Inet port exhaustion on %*A to %*A%c%d (proto %d)
01010213 L3 Address LB method deprecated; using 'Least Connections' for pool %s
01010221 Pool %s now has available members
01010225 Failure to query dns-express db (%s)
01010231 DNSSEC: Did not add RRSIGs to response RR set (owner: %s)
01010235 Inet port find called for pg %d with invalid cmp state %x
01010239 LSN error: %s
01010240 Syncookie HW mode activated, server = %A:%d, HSB modId = %d
01010241 Syncookie HW mode exited, server = %A:%d, HSB modId = %d from %s
01010250 Pool member %A:%u exceeded configured rate limit.
01010251 Virtual %s exceeded configured rate limit.
01020037 The requested %s (%s) already exists
01020066 The requested %s (%s) already exists in partition %s
01060110 Lost connection to mcpd with error %d, will reinit connection.
01060111 Open SSL error - %s
01060136 Received links up - monitoring starts.
01070007 Received shutdown signal %d
01070069 Subscription not found in mcpd for subscriber Id %s.
01070147 Snatpool %s must reference at least one translation address.
01070151 Rule [%s] error: %s
01070261 Can't create a home directory for username %s (%s)
01070265 The %s (%s) cannot be deleted because it is in use by a %s (%s)
01070277 The requested %s (%s) was not found
01070301 Pool (%s) is referenced by one or more virtual servers
01070320 Snatpool %s is still referenced by a virtual server.
01070340 %s (%s) is referenced by one or more rules
01070354 Self IP %s / %s: This network is defined on two vlans (%s and %s)
01070356 %s feature not licensed
01070392 Self IP %s / %s: This IP shares a network with %s (%s / %s).
01070394 %s in rule (%s) requires an associated %s profile on the virtual server (%s)
01070404 Add a new Publication for publisherID %s and filterType %p
01070406 Removed publication with publisher id %s
01070407 Removed information for Publication %s and filterType %p
01070408 Deleting abandoned subscriber connection for %s
01070410 Removed subscription with subscriber id %s
01070413 Updated existing subscriber %s with new filter class %llx
01070417 AUDIT - user %s - transaction #%u-%u - object %u - %s
01070418 connection %p (user %s) was closed with active requests
01070419 Platform initialization phase triggered
01070421 Base configuration initialization phase triggered.
01070424 Full configuration initialization phase triggered.
01070427 Initialization complete. The MCP is up and running
01070465 DB changed: %s, configsync needed
01070466 Received end of platform data
01070596 An unexpected failure has occurred, %s, exiting...
01070604 Cannot delete IP %s because it would leave a route unreachable.
01070608 License is not operational (expired or digital signature does not match contents)
01070622 The monitor %s has a wildcard destination service and cannot be associated with a node that has a zero service
01070638 "Pool %s member %s:%u monitor status %s."
01070639 Pool %s member %s:%u session status %s.
01070640 Node %s address %s monitor status %s.
0107070e Software version not covered by service agreement. Reactivate license before continuing.
01070727 "Pool %s member %s:%u monitor status up."
01070728 Node %saddress %s monitor status up.
01070730 Configuration restored from binary image
01070734 Configuration error: %s
01070736 Couldn't write to the user/role/partition file, %s (%d)
01070737 Couldn't rename the user/role/partition file from %s to %s (%d)
01070807 Monitor %s instance %s:%u has been %s.
01070823 Read Access Denied: %s
01070827 User login disallowed: %s
01070921 Virtual Server '%s' on partition '%s' %s by user '%s'.
01070927 Request failed, data provider (%s) disconnected from mcpd
01070978 The vlan (%s) for the specified self IP (%s) must be one of the vlans in the associated route domain (%s).
01070979 The specified vlan (%s) for route domain (%s) is in use by a self IP.
01071027 Master key OpenSSL error: %s
01071029 %s
0107102d Cannot load master key file. Updating to a new master key.
01071038 %s
01071047 Removing %d %s local objects from slot %d
01071070 Failed to %s file %s with error %d
01071246 "Unable to reload the dns cache\n"
01071392 Background command '%s' failed. %s
010713b1 Cannot delete IP (%s) because it is used by the system state-mirroring (%s) setting.
010713c1 Initial management network proposals triggered (%s)
010713c2 No new proposal values detected
01071412 Cannot delete IP (%s) because it is used by the system config-sync setting.
0107142f Can't connect to CMI peer %s, %s
01071430 Cannot create CMI listener socket on address %s, port %d, %s
01071431 Attempting to connect to CMI peer %s port %d
01071432 CMI peer connection established to %s port %d after %d retries
01071436 CMI listener established at %s port %d
0107143a CMI reconnect timer: %s
0107143c Connection to CMI peer %s has been removed
01071451 Received CMI hello from %s
01071470 Disconnecting from CMI device %s, the device is not in a trust domain
0107147f Could not read certificate file (%s)
01071488 Remote transaction for device group %s to commit id %llu %llu %s %llu failed with error %s
010714a0 Sync of device group %s to commit id %llu %llu %s %llu from device %s complete
01071539 Mcpd is starting. The BIG-IP version is %s
0107157D %s: %s
01071587 Commit ID message ignored, %s
0107167d Data publisher not found or not implemented when processing request %s.
01071681 SNMP_TRAP: Virtual %s has become available
01071682 SNMP_TRAP: Virtual %s has become unavailable
0107172d Policy '%s' can't be applied to virtual server '%s' because it has no rules
01071912 %s in rule (%s) requires an associated %s profile on the %s (%s).
01071913 %s in rule (%s) under %s event at %s (%s) does not satisfy cmd/event/profile requirement
010719fd No IPv%s self IP exists on VLAN (%s) for static route (%s)
010c0009 Lost connection to mcpd - reestablishing
010c0018 Standby
010c0022 Opening %s for failover monitoring
010c002b Traffic group %s received a targeted failover command for %s.
010c002c Traffic group %s received a targeted failover command from cluster mate for %s.
010c002d Traffic group %s going standby via targeted failover command.
010c003b Bind fails on %s addr %s port %d error %s
010c003c Connect fails on %s addr %s port %d error %s
010c003e Offline
010c0044 Command: %s
010c0048 Bcm56xxd and lacpd connected - links up
010c0049 Tmm ready - links up.
010c0050 Sod requests links down
010c0052 Standby for traffic group %s
010c0054 Offline for traffic group %s.
010c0056 Deactivating traffic group %s
010c0057 Activating traffic group %s
010c005a Dropping a failover packet that is too small (%u)
010c005b Dropping a packet that is not a failover packet.
010c005e Waiting for mcpd to reach phase base, current phase is %s
010c005f Mcpd has reached phase base, current phase is %s
010c0063 Waiting for Mcpd without a response. Try again...
010c006a Configuration CRC values disagree amongst peers. Suggest configsync peers.
010c006b Configuration CRC values agree amongst peers
010c006c proc stat: [0] %s
010c006d %s.
010c006e All devices in traffic group %s %s have a HA group
010c0077 Listening for unicast failover packets on address %s port %d.
010c007e Not receiving status updates from peer device %s (Disconnected).
010c0083 No failover status messages received for %s seconds, from device %s (%s).
010c0084 Failover status message received after %s second gap, from device %s (%s).
010d0005 Chassis fan %d: status (%d) is bad
010d0006 Chassis power supply %d has experienced an issue. Status is as follows: %s
010d0009 %s: voltage (%d) is too high
010d0010 %s: fan speed (%d) is too low
010d0017 %s: milli-voltage (%d) is too low
010e0001 Cannot communicate with MCPD server
010e0002 Established new connection to MCPD server
010e0004 MCPD query response exceeding %d seconds
01100002 alertd is going down
01100017 Email action is failed for toaddress %s
01100042 Failed with MCPD at: %s (%s)
01100043 logcheck Notice: %s %d
01100049 logcheck Info: %s %d
01110001 Error running %s
01140029 HA %s %s fails action is %s
01140030 HA %s %s is now responding
01140043 Ha feature %s reboot requested
01140044 HA reports tmm ready
01140045 HA reports tmm NOT ready
01140100 Overdog daemon startup
01140101 Overdog daemon shutdown
01140102 Overdog daemon requests reboot
01140103 Watchdog touch enabled with %d seconds
01140104 Watchdog touch disabled
01140106 Overdog daemon calling bigstart restart
01150216 Notice from %s: %s
01160004 LACPD reporting error conditions
01160009 LACPD reporting a link being added to aggregation
01160010 LACPD reporting a link being removed from aggregation
01160011 LACPD reporting a churn condition
01160012 LACPD reporting a churn condition
01160016 LACP reporting an internal condition as informational message
01160024 %s
01180010 [license processing][error]: %s
011b0203 Error '%s' opening file %s
011b020b Error '%s' scanning buffer '%s' from file '%s'
011b0309 %s %s %s
011b032e Graph '%s' is not supported, possibly because it is not licensed, or a license has expired
011b0600 Error '%s' during rrd_update for rrd file '%s'
011b0826 Cluster collection start error.Exitting
011b0900 TMSTAT error %s: %s
011b090c tmstat_query_rollup on table %s called
011b090e getTMValueUNKeyed start
011b0999 %s: %s
011d0002 No diskmonitor entries in database
011d0004 Disk partition %s has only %d free
011e0001 Limiting %s from %d to %d packets/sec for traffic-group %s
011e0002 %s: Aggressive mode %s %s (%llx) (%s %s). (%u/%u %s)
011e0003 Aggressive mode sweeper: %s (%llx) (%s %s) %d Connections killed
011f0001 %s: Bad chunk state %d
011f0005 HTTP header (%d) exceeded maximum allowed size of %d
011f0007 %s - Invalid action:0x%x %s (%C) %s (%C)
011f0008 %s - Invalid state transition to %s
011f0011 HTTP header count exceeded maximum allowed count of %d
01200009 Packet rejected remote IP %*A port %d local IP %*A port %d proto %s: Connection limit exceeded.
01200012 Warning, connections equals limit %K, proto %s, VS %s: Connection limit reached
01220001 TCL error: %s
01220002 Rule %s: %s
01220007 No pending rule event found for %K
01220009 Pending rule %s aborted for %K
01230002 Interface %d.%d: link is down
01230140 RST sent from %A:%d to %A:%d, %s
01260000 Profile %s: %s
01260006 Peer cert verify error: %s (depth %d; cert %s)
01260008 SSL transaction (TPS) rate limit reached
01260009 Connection error: %s:%d: %s (%d)
01260010 FIPS acceleration device failure: %s
01260012 Self-initiated renegotiation attempted while renegotiation disabled: %s
01260013 SSL Handshake failed for <PROTOCOL> <SRC> -> <DST>
01260014 Cipher %x:%x negotiated is not configured in profile %s
01260014 Cipher %x:%x negotiated is not configured in profile %s
01260015 Certificate supplied by server (subject CN: %s) was not configured on virtual: %s
01260017 Connection attempt to insecure SSL server (see RFC5746) aborted: %A:%d
01260018 Connection attempt to insecure SSL server (see RFC5746): %A:%d
01260025 Cipher %x:%x negotiated is not supported by Proxy SSL configured in virtual server %s
01280045 SAMPLE: stpd - Debug: Connected to BCM56XXD4 = 1
01290003 HALMSG reporting error conditions
012a0002 "LIBHAL reporting critical conditions"
012a0003 LIBHAL reporting error conditions
012a0004 LIBHAL reporting warning conditions
012a0005 LIBHAL reporting normal but significant condition
012a0006 LIBHAL reporting informational
012a0007 LIBHAL reporting debug-level messages
012a0013 Blade %d hardware sensor critical alarm: %s
012a0016 Blade %d hardware sensor notice: %s
012a0017 Chassis power module %d turned on
012c0004 Lost connection with MCP: %d ... Exiting
012c0010 BCM56XXD driver error
012c0011 BCM56XXD SDK error
012c0012 BCM56XXD info
012c0013 BCM56XXD starting
012c0014 SAMPLE: bcm56xxd - Exiting...
012c0015 Link: %s is %s
012c0016 BCM56XXD SDK info
012d0007 Lost connection with MCP: %08x
012e0029 The configuration was successfully loaded.
01340002 HA Connection with peer %la:%d for traffic-group %s lost
01340003 Cluster error: %s
01340004 HA Connection detected dissimilar peer: local npgs %u, remote npgs %u, local npus %u, remote npus %u, local pg %u, remote pg %u, local pu %u, remote pu %u. Connection will be aborted.
01380002 Certificate '%s' in file %s will expire on %s
013b0004 %s
013b0008 %s
013c0004 %s
013d0006 cand done
01420001 %s
01420002 SAMPLE: tmsh - AUDIT - pid=13324 user=root query_partitions=all update_partition=Common module=(tmos)# status=[Command OK] cmd_data=list ltm virtual idnshare3-139
01420003 "%s"
01420006 %s
01420007 Certificate '%s' in file %s expired on %s
01420008 Certificate '%s' in file %s will expire on %s
01420010 %s
01460005 SAMPLE: promptstatusd - mcpd.running(1) held, wait for mcpd
01460006 SAMPLE: promptstatusd - semaphore tmm.running(1) held
01460007 SAMPLE: promptstatusd - semaphore tmm.running(1) released
01470000 iSession: Connection error: %s:%u: %s:%d
01480002 %s
01480024 Can't bind the flow, waiting for config response on channel %s
01490510 %s: Initializing Access with max global concurrent access session limit: %d
01490523 {{Access Profile, %s}{Partition, %s}{Session ID, %s}{Max Concurrent Sessions, %d}} "#0:#1:#2: Initializing Access with max global concurrent connectivity session limit: #3"
01490526 %s: Initializing Access with max global concurrent connectivity session limit: %d
01490541 Access using device name: %s and device ID: %.*s.
01490555 %s: Initializing Access with max global concurrent url filtering session limit: %d
014c0001 DIAMETER: %s error: %lE
014f0001 %s
014f0002 %s
014f0004 %s
014f000e Becoming primary cluster member
01530007 %s started ===============================
0153002c An instance of zxfrd (pid: %d) is already running! Exiting
01531003 Failed to sign zone transfer query for zone %s using TSIG key %s
0153100c Failed on receive of %d bytes for transfer of zone %s (%s)
0153100e Transfer of zone %s failed with rcode (%s)
01531010 Transfer of zone %s failed b/c there are no records
01531015 Failed to retrieve next RR in %s for zone %s
01531018 Failed to transfer zone %s from %s, will attempt %s
0153101b Ignoring NOTIFY for zone %s due IXFR in progress
0153101c Handling NOTIFY for zone %s
0153101f %s Transfer of zone %s from %s succeeded
01531023 Scheduling zone transfer in %ds for %s from %s
01531025 Serials equal (%d); transfer for zone %s complete
0153102a Failed connect callback to %s for transfer of zone %s
01531105 Zone %s expired. Zone will be unavailable until the next successful zone transfer
01531300 Cluster status changing from %s to %s
0153e0f7 Lost connection to mcpd
01570004 %s
015a0000 SAMPLE: devmgmtd - Initial trust configuration created
015c0004 %s
015c0009 IP Reputation has no license currently
01670003 Inbound entry %A,%d,%A,%A found
01670009 Inbound connection :%A,%d is active
01670010 Inbound entry:%A%%%d:%d, ds-lite remote:%A local:%A timeout:%d for key:%A%%%d:%d proto:%d added. ha mirrored: %s
01670019 "DNAT configuration: %s"
01670020 DNAT connection: %s
01670021 [%u.%u] LSN Pool %s has no usable translation address for DNAT
01690000 SAMPLE: evrouted - shutdown cleanly
016e0002 Execution of action '%.*s' failed, error %E
01700000 PPTP CALL-REQUEST id;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d
01700001 PPTP CALL-START id;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d
01700002 PPTP CALL-END id;%d reason;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d
01700005 Error creating PPTP-GRE local flows, error %E.
018e0002 %s
018e0005 Exiting, received shutdown signal

 

Log Messages Details

00020000 : Resuming log processing at this invocation; held %d messages.

Location:
/var/log/ltm

Conditions:
The following messages are not the actual log messages.

        00020000:6: Re-enabling general logging; held %d messages
        00020000:6: Cumulative log rate exceeded! Throttling all non-debug logs.

You should locate the unthrottled versions, which will look like one of the following:

        00020000:6: Developer error: unrecognised logging variable '$vname'!
        00020000:6: Developer error: unrecognised logging domain in '$prodsub'!

It would also help to have the name of the process that logged the message.

These messages occur when a feature tries to log, read, or write a control flag for a logging product or subset that does not exist (the initial four digits of a log number). It is also possible that these logs are being generated by code that is attempting to map command line options, GUI elements, db variables, etc., to log control variables.

Impact:
If these messages are coming from a feature, that feature is not successfully logging. If these messages are coming from some kind of bridge between command line options, GUI elements, db variables, or log control variables, then the knob or control does not work.

Recommended Action:
If these messages are the result of a miscoded feature, then the feature has never been able to send logs, and there is no work-around for the problem.

If these messages are the result of a miscoded control knob (command line option, GUI element, db variable, etc.), then that control knob will not work, but the associated logs can still be controlled via Common Logging Framework objects (Publishers, Destinations, and Filters).

In either case, please file a bug.


01010001 : %s starting

Location:
/var/log/ltm

Conditions:
Example:
01010001:5: pgo_use x86_64 padc TMM Version 13.0.0.0.0.1622 starting

The message is emitted at 'notice' priority, and is an announcement that the given TMM instance has started. It is always emitted, and provides the target, architecture, and build version for the TMM executable.

Impact:
The appearance of this message indicates system health. Its presence is useful for locating the point in the logs where TMM instances start.

Recommended Action:
None.


01010004 : Memory allocation failed: %s

Location:
/var/log/ltm

Conditions:
This error occurs when there is not enough free memory left in the system to allocate the required amount for a software module.

Impact:
The impact could range from some of the functionality being briefly delayed until more memory becomes available to a significantly more damaging issue, such as the system failing to allocate memory for new connections, causing the system to become unusable.

Recommended Action:
If possible, provision more memory to TMM.
Use 'top -a' or 'ps v | sort -k 8 -g -r | head' to look for processes occupying excessively large amounts of memory. Consider restarting said process(es), saving the core(s), and filing a bug.


01010007 : "Config error: %s"

Location:
/var/log/ltm

Conditions:
The following configuration error messages point to a failure in setting up internal services necessary for the Network Access feature in APM to work.
- Config error: Access forwarding virtual create failed.
- Config error: Access HTTP forwarding virtual create failed.

The following configuration error message points to a failure in setting up internal services necessary for the Portal Access feature in APM to work.
- Config error: Access portal virtual create failed.

Impact:
Network Access feature in APM will not work.
- Config error: Access forwarding virtual create failed.
- Config error: Access HTTP forwarding virtual create failed.

Portal Access feature in APM will not work.
- Config error: Access portal virtual create failed.

Recommended Action:
This issue might be a result of invalid configuration. Please reload configuration using 'tmsh load sys config'. The output of config reload should be without error.


01010011 : Persistence cookie hash failed

Location:
/var/log/ltm

Conditions:
This error can occur when, for a given persistence profile, a cookie hash entry (in the profile's persistence table) is either invalid or becomes stale, compared to the expected HTTP cookie header in the server side response from a pool member requiring persisted connections. The length of the HTTP cookie header probably exceeds the offset of the cookie hash specified in the persistence profile.

Impact:
This error indicates an invalid cookie hash persistence entry and, as a result, connections might not be persisted for the expected pool or pool members. Instead the default load-balancing method is applied.

Recommended Action:
Either of the following actions can help to solve the problem:
1. Correct the cookie hash entry in the persistence profile, by changing the cookie hash offset or length, to accommodate the HTTP cookie in the server side response for the correct parsing of the cookie hash.
2. Change the HTTP cookie header in the server side response, on the pool member requiring persistent connections, to accommodate the expected cookie hash in the related persistence profile.


01010013 : database size increased by %d bytes, %d total

Location:
/var/log/ltm

Conditions:
This message is an informative message that is logged when the BIG-IP configuration database needs to be extended. It does not necessarily reflect an error.

Impact:
None.

Recommended Action:
None.


01010019 : Caught signal %d, exiting

Location:
/var/log/ltm

Conditions:
Example:
01010019:5: Caught signal 2, exiting

The message is emitted at 'notice' priority, and is an announcement that the TMM has received either a SIGINT (2) or a SIGKILL (15) signal. The most common way to send TMM one of these signals is with the 'kill' command from the BIG-IP device's root shell.

The 'kill' command requires the process identifier ("pid") for the targeted executable. To find the list of pids for TMM, from the root shell, enter the following command:

cat /var/run/tmm.*.pid | sort -un

On a running BIG-IP system, one or two pids will be displayed. Choose either pid, substituting the number into the command "kill -INT ____". For example:

[root@bigip:Active:Standalone] log # cat /var/run/tmm.*.pid | sort -un
20050
[root@bigip:Active:Standalone] log # kill -INT 20050
[root@bigip:Active:Standalone] log # Jan 26 16:12:14 bigip emerg logger: Re-starting tmm
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm1
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm2
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm3
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm4
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm5
Jan 26 16:12:14 bigip emerg logger: Re-starting tmm6
Jan 26 16:12:15 bigip emerg logger: Re-starting tmm7
# grep 01010019 /var/log/ltm
Jan 26 16:12:13 bigip notice tmm[20050]: 01010019:5: Caught signal 2, exiting

Impact:
When a TMM process instance receives a SIGINT or SIGKILL signal, all TMM instances are restarted immediately. No core file is produced. On systems where multiple TMM processes are running, tmm.start will detect the termination of any of its child TMM process instances and display the following message:

notice tmm.start: /etc/bigstart/scripts/tmm.start caught SIGCHILD, sending SIGTERM to all remaining tmms

This assures that if any TMM process is terminated for any reason, all TMM processes are restarted.

Recommended Action:
It is abnormal for SIGINT or SIGKILL to be sent to a process. If this message is seen in the logs, it indicates that a TMM process received the indicated signal. F5 Networks is not aware of any way this can occur, other than through the action of a root user at the bash shell prompt. Blocking access to the root ("Advanced") shell, or selecting Appliance Mode in the BIG-IP license should eliminate the possibility of seeing this message.


01010020 : MCP Connection %s, exiting

Location:
/var/log/ltm

Conditions:
MCP connection is closed, aborted, or expired after tmm saw any data coming from mcp. It might happen due to any connectivity problems between tmm and mcp or mcp being down.

Impact:
It is a critical error for TMM. It restarts. Attempts to reconnect will be made after that.

Recommended Action:
Verify that mcpd is up, and consider restarting it. Inspect /var/log/ltm to find mcpd messages pointing to the reason of failure.


01010028 : No members available for pool %s

Location:
/var/log/ltm

Conditions:
The probable cause for this message is external to the BIG-IP system: the pool members (servers) are all either down or unreachable. Additionally, this message could also be caused by a hardware or software issue on the BIG-IP itself.

Impact:
Services that require access to members of the given pool log errors and cease to function.

Recommended Action:
Find and correct the server access problem following typical server connectivity debugging processes.


01010029 : Clock advanced by %u ticks

Location:
/var/log/ltm

Conditions:
This message will be logged if the tmm clock is modified by more than 100 ticks at once after tmm is ready. This could indicate a situation where the TMM might be preempted or has a lagging clock, or an NTP message was received with a large difference in time.

Impact:
The tmm common ticks which affects flow timeouts, TCP timestamps etc will be abruptly incremented.

Recommended Action:
After ensuring that the time/NTP server is correctly set on the blade(s) and chassis, reboot the BIG-IP once to ensure that the tmms are correctly synchronized to the NTP time.


01010038 : Syncookie counter %d exceeded vip threshold %u for virtual = %A:%d

Location:
/var/log/ltm

Conditions:
A virtual server is under high load such that the outstanding SYN cookie threshold is reached. The threshold is configured with the default-vs-syn-challenge-threshold LTM global-settings connection property.

Impact:
While the per-virtual server SYN cookie threshold is reached, SYN cookies will not be issued on the virtual server. Connections will be established without SYN cookies.

Recommended Action:
Investigate whether the traffic load is normal or excessive. The SYN cookie threshold might be reached due to a normal spike in traffic or an attack.


01010044 : "%s feature %s licensed"

Location:
/var/log/ltm

Conditions:
This message does not necessarily denote a problem. It displays the license status of BIG-IP device's component.
When status for component X is "licensed", this log displays the message:
Component X is licensed.
When the component is not licensed, the message is:
Component X is NOT licensed.

Impact:
If the message is "Component X is licensed", there is no impact. It is an informative message.
If the message is "Component X is not licensed", then you cannot use the mentioned component/feature.

Recommended Action:
If you want to use a component that is not currently licensed, you need to activate the license.


01010045 : Bandwidth utilization is %d Mbps, exceeded %d%% of Licensed %d Mbps

Location:
/var/log/ltm

Conditions:
This message appears when the system is using more bandwidth that it was licensed to use.

Impact:
The system will not perform at its full potential with a limited license.

Recommended Action:
A license with better bandwidth utilization would stop this message from appearing.


01010201 : Inet port exhaustion on %*A to %*A%c%d (proto %d)

Location:
/var/log/ltm

Conditions:
This error appears on a system when an unused ephemeral port cannot be found by using the ephemeral port search criteria. Variables specify the lost IP address and port connection due to this condition. The search criteria defaults to 16 random attempts, with 16 linear attempts. A single IP address can choose from about 64k ports, so not finding a port indicates that the system is using over 60k ports. The exact number of ports in use is unknown, because the algorithm discovers open ephemeral ports through a methodology, instead of counting ports. The results of the algorithm are approximately 64k ports.

Impact:
When this error occurs, the port-find functionality fails and the connection is lost.

Recommended Action:
There is no workaround for this error. The algorithm stops when this error is written to /var/log/ltm. To mitigate this condition, a warning message is available in BIG-IP version 12.0, indicating that the port-find functionality is heavily loaded (statistically 80% to 90% of the 64k ports in use). You can use an SNMP trap to alert this message, and inform the client to add more virtual IP's the system, relieving the heavily loaded connections.


01010213 : L3 Address LB method deprecated; using 'Least Connections' for pool %s

Location:
/var/log/ltm

Conditions:
A virtual server is configured with L3 Address load balancing method.

Impact:
The Least Connections load balancing method will be used instead of the deprecated L3 ADDR load balancing method.

Recommended Action:
Set the virtual server load balancing method to Least Connections. or other desired load balancing method.


01010221 : Pool %s now has available members

Location:
/var/log/ltm

Conditions:
A pool with no available members now has available members. The pool may have had no available members due to administrative action, monitors, connection limits, or other constraints on pool member selection.

Impact:
This indicates that traffic is now load-balanced to the available member as desired.

Recommended Action:
None.


01010225 : Failure to query dns-express db (%s)

Location:
/var/log/ltm

Conditions:
This log messages covers a variety of errors that indicate a query to the DNS Express database was not successful. The possible reasons include the database not being readable and malformed queries.

Impact:
Generally, a query in this situation will continue to be processed according to the DNS Profile configuration. An AXFR request to the BIG-IP will result in either a SERVFAIL or FORMERR response to the requesting client.

Recommended Action:
This message should be used in conjunction with other log messages to determine impact to the system.


01010231 : DNSSEC: Did not add RRSIGs to response RR set (owner: %s)

Location:
/var/log/ltm

Conditions:
Tmm has detected that it should have signed a dns response with a dnssec key but didn't add a resource record signature.

Impact:
The current dns response will be dropped.

Recommended Action:
The message indicates a problem signing a resource record using a dnssec key. Other log messages might indicate why a particular key failed to sign the resource record, and should be investigated to verify that the information associated with the dnssec keys is correct.


01010235 : Inet port find called for pg %d with invalid cmp state %x

Location:
It can happen when current TMM's CMP state is invalid or the target TMM is down.

Conditions:
This error message appears when a TMM runs port find for a target TMM that is not active based on current CMP state. A TMM in BIGIP is identified as {PG, PU}. PG refers to slot index and PU refers to TMM index on the slot. This error message complains the PG of the target TMM is down based on current CMP state.

Impact:
It might cause flow connections to fail.

Recommended Action:
No workaround. Reboot if the problem persists.


01010239 : LSN error: %s

Location:
LTM log

Conditions:
An LSN pool is configured, but the CGNAT module is not licensed and provisioned.

Impact:
The CGNAT configuration is ignored by TMM until the CGNAT module is licensed and provisioned. No other negative impacts.

Recommended Action:
License and provision the CGNAT module.


01010240 : Syncookie HW mode activated, server = %A:%d, HSB modId = %d

Location:
/var/log/ltm

Conditions:
This message indicates that the BIG-IP device has detected a syncookie DOS attack and activated hardware syncookie protection mode on the HSB.

Impact:
This is an information message regarding hardware syncookie protection state on the BIG-IP device. it does not indicate any operation error. Refer to https://support.f5.com/csp/article/K14813 for more information on detecting and mitigating DoS/DDoS attacks.

Recommended Action:
None.


01010241 : Syncookie HW mode exited, server = %A:%d, HSB modId = %d from %s

Location:
/var/log/ltm

Conditions:
When HSB exits hardware syncookie protection mode on the BIG-IP device. It indicates that the BIG-IP device detects that the syncookie DOS attack has stopped.

Impact:
This is an information message regrading hardware syncookie protection state on the BIG-IP device. It is not an error message. Refer to https://support.f5.com/csp/article/K14813 for more information on detecting and mitigating DoS/DDoS attacks.

Recommended Action:
None.


01010250 : Pool member %A:%u exceeded configured rate limit.

Location:
/var/log/ltm

Conditions:
If this message appears, the configured number of allowed new connections per second for pool member has been exceeded.

Impact:
New connections for pool member are created faster than allowed in configuration. The BIG-IP device prevented an excessive number of connection requests to this pool member. Connections still might have been established after a retry to the other pool member.
This might indicate that the pool member is a target for more connections than it was configured to handle. If all pool members report this problem at the same time, the virtual server might be experiencing a high-demand traffic event or be under Denial of Service (DoS) attack.

Recommended Action:
Rate limit can be changed as described in Manual: Setting Connection Limits (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-2-1/30.html).


01010251 : Virtual %s exceeded configured rate limit.

Location:
/var/log/ltm

Conditions:
If this message appears, the configured number of allowed new connections per second for virtual server has been exceeded.

Impact:
New connections for virtual server are created faster than allowed in configuration. Thus, the BIG-IP device prevented an excessive number of connection requests. This might indicate that virtual server is during high-demand traffic event or under Denial of Service (DoS) attack.

Recommended Action:
Rate limit can be changed as described in Manual: Setting Connection Limits (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-2-1/30.html).


01020037 : The requested %s (%s) already exists

Location:
/var/log/ltm

Conditions:
A client is attempting to create a non-partitioned object that already exists in the database. The primary key for the object must be unique.

Impact:
The client's transaction will fail.

Recommended Action:
Change the value used for the object's primary key, and resubmit the transaction.


01020066 : The requested %s (%s) already exists in partition %s

Location:
/var/log/ltm

Also, UI interfaces when a transaction fails.

Conditions:
This error message occurs when attempting to create something that already exists. This can happen in a variety of ways.

(1) Simple user error. Attempt to create an object that shares the same name or identifier. For example, creating two pools with the name 'poolA'. A less obvious one is uniqueness constraints, for example ltm node's address must be unique across all partitions.

(2) Reconfigure an iApp. iApp reconfigure tends to perform delete followed by create. Ordering internally matters for logical dependencies, and can come into conflict with referential integrity constraints.

(3) If a transaction contains multiple actions over a single object. For example, if you deleted an HTTP monitor `m1` followed by creating an HTTPS monitor, naming it `m1`, then attempted to sync. Other ways of creating such transactions can be done by using tmsh transactions functionality or merge loading of configuration.

Impact:
This can cause a validation error, sync to fail, or iApp deployment to fail.

Recommended Action:
(1) If a transaction contains multiple actions over a single object, separate them into two transactions. For example, if you deleted an HTTP monitor `m1` followed by creating an HTTPS monitor, naming it `m1`, and then attempted to sync.

(2) If it is an iApp, please open a support ticket.


01060110 : Lost connection to mcpd with error %d, will reinit connection.

Location:
/var/log/ltm

Conditions:
Example:
Lost connection to mcpd with error <some-error>, will reinit connection.

This message is logged when 'bigd' fails to successfully read a message from 'mcpd'. The 'bigd' process will then shut down and restart to attempt re-connection to 'mcpd'.

The 'mcpd' process might have halted due to system error, or manual administrator intervention. Under normal system behavior, if the 'mcpd' process has crashed, it will automatically be restarted and the 'bigd' process will successfully re-connect. This error-message might indicate the loss of communication with the 'mcpd' process while it is restarting.

Impact:
The 'bigd' process exists to report to the 'mcpd' process resource health (resulting from probe-responses or lack thereof for monitored resources). This message indicates 'bigd' has lost connection to 'mcpd', and thus must re-establish that connection.

Recommended Action:
No user intervention is required, as 'bigd' will attempt to re-establish its connection with 'mcpd'. Confirm the 'mcpd' process is successfully running, and is not halted due to manual administrator intervention or load-failure of an improper configuration.


01060111 : Open SSL error - %s

Location:
/var/log/ltm

Conditions:
SSL/TLS warning or error in communications.

Impact:
The impact will be encountered by the daemon that is logging the error, usually bigd. If bigd is the daemon logging the error, it means that a monitor is failing the SSL/TLS connection in the way described in the log text. The monitor will mark the pool members down for all pools it is associated with.

Recommended Action:
Determine which monitor is generating the errors by isolating the pool members that are failing. For more information on determining which pool member is failing, see SOL13768: Identifying which pool members are failing an SSL/TLS handshake.

Once you have identified the affected https monitor, first see SOL12531: Troubleshooting health monitors.

Check the monitor's cipher list to ensure that the cipher list is compatible with the pool members that it is connecting to. Do not put TLSv1_0 in the cipher list. Test your cipher list by running 'openssl ciphers <cipherlist>' at the command line using the cipher list from the monitor. For more information, see SOL16526: Configuring the SSL cipher strength for a custom HTTPS health monitor.

If you have a custom monitor connecting to a server running an old version of openssl, read SOL17183: The HTTPS monitor may incorrectly mark pool members down due to SSL SessionTicket Extension.


01060136 : Received links up - monitoring starts.

Location:
/var/log/ltm

Conditions:
Example (v11.6.0, and earlier):
Received links up - monitoring starts.

Example (v11.6.1, and later):
(_set_db_variable): adaptive tmstat logging enabled: true

This message is logged in v11.6.0, and earlier, when the 'bigd' process receives a "links-up" message indicating that monitoring can proceed, at which point 'bigd' begins monitoring (sending probes and processing responses).

This is an indication of proper behavior. When 'bigd' starts, it waits for an initial "links-up" message to indicate gateways are configured. Otherwise, sending monitor-probes might cause false gateway failsafe failovers to occur, and generate false monitor failures. After receiving the "links-up" message, any gateway failsafe failovers or monitor failures are genuine.

Starting in v11.6.1, this message is removed. However, a similar message is inserted to note status-changes, as follows:

Example:
"(_set_db_variable): adaptive tmstat logging enabled: true"

Impact:
This message is not an error, but a notification that 'bigd' began its logging (sending probes and processing responses).

Recommended Action:
None.


01070007 : Received shutdown signal %d

Location:
/var/log/ltm

Conditions:
Mcpd logs this notice as a result of receiving a SIGTERM (15), SIGINT (2), or SIGHUP (1) signal.

SIGTERM is sent on behalf of `bigstart restart mcpd` when issued on the command line by the user.

Impact:
Mcpd will restart, which subsequently causes multiple daemons to restart as well.

Recommended Action:
Do not use `bigstart restart mcpd`.


01070069 : Subscription not found in mcpd for subscriber Id %s.

Location:
/var/log/ltm

Conditions:
The system process named in the message is attempting to unmark itself as a subscriber, but has specified a subscriber name that it had not previously used.

This message occurs during system shutdown or restart.

Impact:
No user impact. This message implies that there is a defect in TMOS, but a comparatively minor one. There is no risk of system instability or dropped traffic.

Recommended Action:
None.


01070147 : Snatpool %s must reference at least one translation address.

Location:
/var/log/ltm

Conditions:
Example:
Snatpool my_pool must reference at least one translation address.

A SNAT pool is configured, and set as active; but has no SNAT pool members.

Impact:
The configuration failed to load, and the SNAT pool is unavailable.

Recommended Action:
User should set the empty SNAT pool to inactive, or add pool members. Alternatively, user could configure SNAT without pools, such as for 'standard' (explicitly specifying the translation address) or 'automap' (allowing the system to auto-assign from the BIG-IP device's existing self-IP addresses), or 'intelligent' (SNAT mapping implemented within an iRule).

After configuration repair, the configuration can be reloaded and the SNAT pool should be available (no reboot is required).


01070151 : Rule [%s] error: %s

Location:
/var/log/ltm or GUI.

Conditions:
This is a general TCL parsing error message caused when validating iRules.
The TCL error itself is present in the log message and includes information about the offending code, which quickly allows resolution in most cases.

The message can be triggered whenever an iRule is updated:
- either using the GUI by clicking update;
- saving the edited iRule when using the tmsh commend (for example, edit ltm rule <x>)

Errors will appear in the GUI or the ltm log file and examples include:
Rule [<rule_name>] error: <rule_name>:1: error: [parse error: missing close-brace][{ set port [TCP::local_port] if { $p == 443) log local0.info]
Rule [<rule_name>] error: <rule_name>:1: error: [command is not valid in the current scope][set sp [class match -value [string tolower [IP::local_addr]] equals dg_test ]]
Rule [<rule_name>] error: <rule_name>:2: error: [unexpected extra argument "="][TCP::local_port = 443]
Rule [<rule_name>] error: <rule_name>:9: error: [missing a script after "else"][]
Rule [<rule_name>] error: <rule_name>:3: error: ["invalid argument local0"][log local0 "MATCH OK"]
Rule [<rule_name>] error: <rule_name>:8: error: [invalid keyword "{ log local0. "in CLIENT_ACCEPTED" if { $cond }" must be: priority timing][when CLIENT_ACCEPTED { { log local0. "in CLIENT_ACCEPTED" if { $cond }" ]

Impact:
Updating of the iRule will not be performed and corresponding logic changes will not be applied to any associated virtual servers.
The iRule code needs to be corrected prior to successful update.

Recommended Action:
Inspect the error message and locate the error in the iRule code.
Once located, correct the error. The correction depends on the contents of the error generated.

For simple syntax errors like 'missing brace' or 'unexpected extra argument', inspect the code around the designated error line indicated in the log message and ensure braces ('{') are paired, and commands used (for example, [TCP::local_port]) have the correct number of arguments.

For errors that involve use of the wrong commands, ensure that the commands are valid to use in the current setting (for example, PEM commands require PEM to be licensed).

Some errors might be caused due to incorrectly referenced configuration objects. A common case is referring to a Data Group that is not yet configured when the iRule is updated. In these cases, ensure that the dependent configuration objects exist and that the references in the iRules are using the correct names.


01070261 : Can't create a home directory for username %s (%s)

Location:
LTM log.

Conditions:
The reason for the failure is described in the parenthesized portion of the message.

Impact:
The user is created, but the user cannot log in.

Recommended Action:
No general workaround. The error described in the message is required to determine this information.


01070265 : The %s (%s) cannot be deleted because it is in use by a %s (%s)

Location:
/var/log/ltm

Conditions:
Mcpd will log this when a client is attempting to delete a configuration that is currently being used by another configuration object.

Impact:
The transaction will fail and rollback; mcpd will be in the state it was in just prior to attempting the transaction.

Recommended Action:
Remove or reconfigure the object that is referencing the configuration object that you want to delete.


01070277 : The requested %s (%s) was not found

Location:
In tmsh or the GUI, as the response to a request to create or modify configuration.

Conditions:
The user referred to a configuration object that does not exist.

Impact:
The requested change failed validation and no change to the configuration occurred.

Recommended Action:
Correct the spelling of the object name or choose a different object.


01070301 : Pool (%s) is referenced by one or more virtual servers

Location:
/var/log/ltm

Conditions:
This message is logged when a user-initiated attempt is made (such as through xui or tmsh) to delete a pool that is currently referenced by one or more virtual servers. Deleting a pool that is still referenced by a virtual server is not permitted, as it would result in a (dangling) foreign key reference from the virtual server to the now-deleted pool.

Note that this message is removed in v11.5.0 (and thus is reported only in v11.4.1 and earlier). In v11.5.0 and later, validation of foreign keys from a virtual server to a pool is performed differently, thereby removing this message from the codebase.

Impact:
No action is taken, and the pool is not deleted (the pool is unchanged). This message merely logs the rejection of the user-initiated attempt to delete a pool.

Recommended Action:
User should first remove the pool references by any virtual server, and then delete the pool. When the pool is not referenced by any virtual server, the pool delete operation will successfully complete and this error message will not be logged.


01070320 : Snatpool %s is still referenced by a virtual server.

Location:
/var/log/ltm

Conditions:
User-initiated action (such as through tmsh or xui) attempted to delete a SNAT pool that is still being referenced by a virtual server or SNAT.

Impact:
No action occurred, and the attempt to delete the SNAT pool failed (the SNAT pool is unaffected).

Recommended Action:
User should first remove the SNAT pool from being referenced by the virtual server or SNAT object. A subsequent attempt to delete the SNAT pool will then succeed.


01070340 : %s (%s) is referenced by one or more rules

Location:
/var/log/ltm

Conditions:
One common problem is, an object is to be deleted, but it is still referenced actively, because there are multiple references to one object.

Impact:
Because of this error, the user action will fail. For example, if there are multiple references to an object and user attempts to delete it, the system does not delete it.

Recommended Action:
User needs to search for the object indicated in the message across the iRules, and remove the object dependency before deleting the object.


01070354 : Self IP %s / %s: This network is defined on two vlans (%s and %s)

Location:
/var/log/ltm, console, and GUI.

Conditions:
The self IP being created is on a network that is in a different VLAN than the one specified during self IP creation.

Impact:
MCPD will prevent the self IP address from being created until the conflict is resolved.

Recommended Action:
Create the self IP in the current VLAN.


01070356 : %s feature not licensed

Location:
/var/log/ltm
The contents of /var/log/ltm may be viewed in the GUI under System > Logs > Local Traffic. These messages are of the form "<FEATURE_NAME> feature not licensed." The <FEATURE_NAME> list of items regularly increases with each release.

Conditions:
These messages occur whenever mcpd queries the license for a feature flag that is not in the license. This message typically occurs during configuration validation.

Impact:
There is no single consistent BIG-IP action, or easily counted set of actions, associated with these messages. In general, however, the feature named in the message does not function, and the BIG-IP system might not achieve the Active operational state.

Recommended Action:
Upgrade the license to support the requested features. Downgrade the BIGIP software to a version that does not require the unlicensed features, or modify the configuration to remove objects that depend on the unlicensed features. The probable cause for these messages is using a configuration file from a more feature-rich license, or the release of BIG-IP software with a less feature-rich license or software image.


01070392 : Self IP %s / %s: This IP shares a network with %s (%s / %s).

Location:
/var/log/ltm, console, and GUI.

Conditions:
The self IP being created conflicts with the admin address of the BIG-IP device.

Impact:
MCPD will prevent the self IP address from being created with the conflicting address.

Recommended Action:
Either create the self IP with a different address, or correct the conflicting admin address of the BIG-IP device.


01070394 : %s in rule (%s) requires an associated %s profile on the virtual server (%s)

Location:
/var/log/ltm

Conditions:
A configuration load contains a rule associated with a virtual server, but the required profile was not found on that virtual server. The intended profile might be present in the virtual server, but was misspelled in the rule, or the required profile was not associated with the virtual server.

Note that this message is used only on v11.6.1, and earlier.

Impact:
The configuration failed to load, and the rule is not in effect.

Recommended Action:
User should change the rule to reference a profile present on the virtual server. Confirm that the identified profile in the rule is properly spelled, and that the profile is associated with the virtual server. The configuration might then be reloaded (a reboot is not required).


01070404 : Add a new Publication for publisherID %s and filterType %p

Location:
/var/log/ltm

Conditions:
A system process has started up and connected to mcpd. This process is registering as a publisher, meaning that mcpd acts as a proxy for certain user commands that require obtaining data from this process. For example, when the user runs the command 'show sys connection', this will be forwarded to TMM instances, and their responses will be forwarded back to the user's shell.

Impact:
This message does not indicate a problem with the system.

Recommended Action:
None.


01070406 : Removed publication with publisher id %s

Location:
/var/log/ltm

Conditions:
A system process is removing itself as a publisher. See error catalog item 620989 for a description of the publishing mechanism.

Impact:
This message does not indicate a problem with the system. The most common case it would be seen is a shutdown or reboot of the system. If the publishing process is exiting unexpectedly, it will generate its own log messages.

Recommended Action:
None.


01070407 : Removed information for Publication %s and filterType %p

Location:
/var/log/ltm

Conditions:
A system process is removing itself as a publisher, but only for certain types of messages. It remains a publisher for other types of messages. See error catalog item 620989 for a description of the publishing mechanism.

Impact:
This message does not indicate a problem with the system.

Recommended Action:
None.


01070408 : Deleting abandoned subscriber connection for %s

Location:
/var/log/ltm

Conditions:
A system service has restarted and subscribed to mcpd objects without cleaning up after itself in its previous instantiation.

Impact:
This indicates a problem that is resolving itself. mcpd is not impacted, although whatever caused the other process to restart might be a concern. That failure would log its own error messages.

Recommended Action:
None.


01070410 : Removed subscription with subscriber id %s

Location:
/var/log/ltm

Conditions:
A system process is ending its subscription to mcpd objects. This is the mechanism by which this process is informed about updates to the configuration.

This is a clean unsubscription, so the system is likely shutting down or restarting.

Impact:
This message does not indicate an error.

Recommended Action:
None.


01070413 : Updated existing subscriber %s with new filter class %llx

Location:
/var/log/ltm

Conditions:
A system process is changing the set of configuration objects about which it is concerned. This is the mechanism by which this process is informed about updates to the configuration.

Impact:
This message does not indicate an error.

Recommended Action:
None.


01070417 : AUDIT - user %s - transaction #%u-%u - object %u - %s

Location:
/var/log/audit

Conditions:
Auditing changes made to configuration in mcpd.

Impact:
Not an error.

Recommended Action:
None.


01070418 : connection %p (user %s) was closed with active requests

Location:
/var/log/ltm

Conditions:
Two possible conditions:

* A system service is connected to mcpd and has started a transaction, but not written anything to it for five minutes, indicating that it likely is no longer using it.

* A connection was closed while mcpd had not yet finished responding to it.

Impact:
This message might indicate a minor TMOS bug, but one that is likely to quickly resolve with no impact.

Recommended Action:
None.


01070419 : Platform initialization phase triggered

Location:
/var/log/ltm

Conditions:
mcpd logs this message as a result of entering the first of four initialization phases.

Impact:
This is the expected behavior of a healthy mcpd on startup.

Recommended Action:
None.


01070421 : Base configuration initialization phase triggered.

Location:
/var/log/ltm

Conditions:
mcpd is starting up from configuration files, as opposed to being restored from a binary file. The binary file either did not exist prior to mcpd starting or it may have been corrupted.

Base configuration initialization phase is #2 of 4 total initialization phases.

Impact:
Restoring from configuration files on startup is part of normal operation, and as a result, mcpd should become fully operational (contingent upon successful completion).

Recommended Action:
None.


01070424 : Full configuration initialization phase triggered.

Location:
/var/log/ltm

Conditions:
mcpd is starting up from configuration files, as opposed to being restored from a binary file. The binary file might not have existed prior to mcpd starting, or it might have been corrupted.

Impact:
Restoring from configuration files on startup is part of normal operation; as a result, mcpd should become operational.

Recommended Action:
None.


01070427 : Initialization complete. The MCP is up and running

Location:
/var/log/ltm

Conditions:
mcpd successfully completed initialization, which means all configuration loaded and reached a running phase.

Impact:
mcpd function as designed

Recommended Action:
None.


01070465 : DB changed: %s, configsync needed

Location:
/var/log/ltm

Conditions:
If a BIG-IP device is in an HA pair, config sync autodetect is enabled, and a db variable is modified.

More specifically, if the following db variables are set:
  1. failover.isredundant value true
  2. configsync.autodetect value enabled

Impact:
No impact. This is information only.

Recommended Action:
Disable config sync autodetect or ignore.


01070466 : Received end of platform data

Location:
/var/log/ltm

Conditions:
Mcpd logs this message in response to receiving the end_platform_id request from chmand. This is a normal part of the boot process, and is the result of chmand publishing platform info to an initialized mcpd. This message can be seen every time mcpd starts up.

Impact:
Mcpd can now perform actions that require the platform object, such as install the VCMP n-stage validator. This is expected behavior.

Recommended Action:
None.


01070596 : An unexpected failure has occurred, %s, exiting...

Location:
/var/log/ltm

Conditions:
mcpd has reached an unrecoverable error.

Impact:
mcpd will restart, along with most other system services. Traffic will be lost.

Recommended Action:
Often this will resolve itself after one restart. If not, removing the binary database (rm -vf /var/db/mcp*) is another common cause for some instances of this error.


01070604 : Cannot delete IP %s because it would leave a route unreachable.

Location:
/var/log/ltm

Conditions:
When removing a self-ip, and the address is the only way in which a static route can be reached, the deletion would strand the route.

Impact:
The condition prevents a static route from being removed.

Recommended Action:
Remove any static route that utilizes the self-ip, and try the deletion again.


01070608 : License is not operational (expired or digital signature does not match contents)

Location:
/var/log/ltm

Conditions:
*) This message is logged when the license was not reactivated before an upgrade, and the license's check service date is older than the release date of the install.

*) This message is logged when the license has been modified, or the digital signature does not match the contents.

Impact:
The BIG-IP system is not licensed.

Recommended Action:
If a support contract is current, reactivate the license. Reactivation can be performed from the GUI on a running boot location, or by using tmsh (tmsh install sys license).


01070622 : The monitor %s has a wildcard destination service and cannot be associated with a node that has a zero service

Location:
Associating a pool member with a zero port with a monitor that requires a port generates error message in question.

Conditions:
Pool member with zero port; associated monitor that requires a port (for example TCP or HTTP).

Impact:
Monitors that require a destination port cannot be associated with pool members where the port is unspecified or zero.

Recommended Action:
Assure that the pool member has a non-zero specified port.


01070638 : "Pool %s member %s:%u monitor status %s."

Location:
/var/log/ltm

Conditions:
Example:
Pool my_pool member 10.10.0.5:80 monitor status forced down.

This message is logged when a status change is detected for the pool member, resulting in the pool member being in a status other than 'up'. Possible status values are: 'unchecked', 'node down', 'down', 'forced down', 'up and awaiting man resume', 'iRule down', 'inband down', 'FQDN down'. Note that the 'up' status is not listed, because this message is not reported when the pool member status is 'up'.

The pool member status is dependent upon the virtual server configuration, and the configuration and health status results for associated monitors.

Impact:
This message might not itself indicate an error, because it merely reports the detected pool member status change. For example, user-initiated action (such as through the xui or tmsh) might explicitly change the pool member status (such as to 'forced down' for maintenance). However, an unexpected 'down' status might indicate a configuration or resource availability issue.

Note also that the parent pool status might be unchanged as a result of this pool member status change, as long as the threshold is not exceeded for the number of available pool members required for the parent pool to be available.

Recommended Action:
If an unexpected 'down' status is reported, verify the pool member configuration, the configuration of associated pool member monitors, and the resource availability to ensure pool member availability.


01070639 : Pool %s member %s:%u session status %s.

Location:
/var/log/ltm

Conditions:
Example:
Pool my_pool member my_member:80 session status forced disabled.

This message is logged when "session-status" is changed, such as from user action to "enable" or "disable". Possible status includes: 'enabled', 'node disabled', 'disabled', and 'forced disabled'.

Impact:
This message is a log-notification only when the pool member session status changes.

Recommended Action:
This is not an error, but a notification of a pool member status change that records the resulting status.


01070640 : Node %s address %s monitor status %s.

Location:
/var/log/ltm

Conditions:
Example:
Node my_node address 10.10.0.1 monitor status forced down.

This message is logged when a status change is detected for the node, resulting in the node being in a status other-than 'up'. Possible status values are: 'unchecked', 'node down', 'down', 'forced down', 'up and awaiting man resume', 'iRule down', 'inband down', 'FQDN down'. Note that the 'up' status is not listed, because this message is not reported when the node status is 'up'.

The node status is dependent upon node configuration and heath results for associated node monitors.

Impact:
This message might not itself indicate an error, as it merely reports the detected node status change. For example, user-initiated action (such as through the xui or tmsh) might explicitly change the node status (such as to 'forced down' for maintenance). However, an unexpected 'down' status might indicate a configuration or resource availability issue.

Recommended Action:
This message might not itself indicate an error, but a notification of a node status change due to monitor results, or user-initiated action. If an unexpected 'down' status is reported, verify the node configuration, the configuration of associated node monitors, and the resource availability to ensure node availability.


0107070e : Software version not covered by service agreement. Reactivate license before continuing.

Location:
/var/log/ltm
The contents of /var/log/ltm can be viewed in the GUI under System->Logs->Local Traffic.

Conditions:
The BIG-IP software version used was released after the Service Check Date specified in the license.

Impact:
The BIG-IP system is not usable in this state. You must either upgrade the license, to one for the installed software version, or revert to a BIG-IP software version that the current license supports.

Recommended Action:
You must either upgrade the license, to one for the installed software version, or revert to a BIG-IP software version that the current license supports.


01070727 : "Pool %s member %s:%u monitor status up."

Location:
/var/log/ltm

Conditions:
Example:
Pool my_pool member 10.10.0.5:80 monitor status up.

This message is logged when a status change is detected for the pool member, resulting in the pool member being marked 'up'. The pool member status is dependent upon virtual server configuration, and the configuration and health results from associated monitors.

Impact:
This message is not an error, but merely reports the detected 'up' pool member status. This message is expected upon system start, where properly configured pool members transition to an 'up' status.

Recommended Action:
None.


01070728 : Node %saddress %s monitor status up.

Location:
/var/log/ltm

Conditions:
Example:
Node my_node address 10.10.0.1 monitor status up.

This message is logged when a status change is detected for the node, resulting in the node being marked 'up'. The node status is dependent upon node configuration and health results for associated node monitors.

Impact:
This message is not an error, but merely reports the detected 'up' node status. This message is expected upon system start, where properly configured nodes transition to an 'up' status.

Recommended Action:
None.


01070730 : Configuration restored from binary image

Location:
/var/log/ltm

Conditions:
Mcpd loaded the configuration from a binary image format on disk.

Impact:
The binary image is considered to be saved in a valid state, so restoring from the binary means that the BIG-IP system does not run validation and business logic, as it typically would when processing configuration (/config/*.conf) files.

Recommended Action:
Loading from binary is typically a desirable behavior as it's faster than processing configuration files; however, if one wanted to run business logic and validation, you could remove the binary file and restart mcpd, for example,

rm -f /var/db/mcpdb.*
bigstart restart mcpd


01070734 : Configuration error: %s

Location:
/var/log/ltm

This error appears in the GUI, as a result of a configuration update.

Conditions:
This error is a validation exception, usually occurring when a user attempts to update the configuration.

The most common ways for user error include:

1) Invalid naming.
No keywords, empty names, special characters, etc.

2) Invalid value for an attribute.
Can be value ranges, NULL constraints, and other defined domains.

3) Dependency required.
Let X and Y be two different classes. When an X is configured, a related Y must be configured.

4) Invalid reference to another object.
Can be a permissions problem, a NULL constraint, or the object referenced doesn't exist.
Let X and Y be two different classes. X must configure an X.a. When X.a references Y, Y must exist and X must be allowed to refer to Y.

5) Logical constraints of attributes.
Let X be a class. When X.a is configured, X.b must not be configured.

Impact:
A transaction can fail upon encountering this exception.

Recommended Action:
Check the configuration update and correct the issue.


01070736 : Couldn't write to the user/role/partition file, %s (%d)

Location:
/var/log/ltm, and in tmsh

Conditions:
There is some error writing the user role partition file, which indicates a disk error. The error message includes errno from the failed operation, which might give more specific information about the cause.

Impact:
The transaction containing changes to the user role partition file is rolled back. If the error persists, changes to user roles and partition access will be impossible.

Recommended Action:
Examine the errno in the error message to determine more information about the root cause, and resolve that.


01070737 : Couldn't rename the user/role/partition file from %s to %s (%d)

Location:
/var/log/ltm, and in tmsh

Conditions:
There is an error that is renaming the user role partition file, which probably indicates a disk error. The error message includes errno from the failed operation, which might give more specific information about the cause.

Impact:
Renaming this file occurs for three reasons:

* Making a backup of the old file before writing a new version
* Moving a temporary file used for writing into the permanent location
* Restoring from backup when a transaction is rolled back

In the first two cases, an error will cause the rollback of the transaction. If the error persists, changes to user role partition access will be impossible.

In the third case, the transaction is already being rolled back due to some other error. An error here can leave the user role partition file in an inconsistent state, which might cause errors with logins or with user access levels.

The three cases can be distinguished by the filenames mentioned in the error message. The user role partition file is called something like /config/bigip/auth/userrolepartitions and the backup is called something like /config/bigip/auth/userrolepartitions.backup. The temporary file has a similar name appended with a unique string. Therefore, in the third case, the error message would be something like the following:

Couldn't rename the user/role/partition file from /config/bigip/auth/userrolepartitions.backup to /config/bigip/auth/userrolepartitions (28).

Recommended Action:
Examine the errno in the error message to determine more information about the root cause, and resolve that.

If the error is a failure to restore from backup when rolling back a transaction, manually rename the backup file as a user with advanced shell access: 'mv /config/bigip/auth/userrolepartitions.backup /config/bigip/auth/userrolepartitions'


01070807 : Monitor %s instance %s:%u has been %s.

Location:
/var/log/ltm

Conditions:
Examples:
Monitor my_http instance 10.10.0.2:80 has been enabled.
Monitor my_http instance 10.10.0.2:80 has been disabled.

This message is logged when the user changes the monitor instance status to either 'enabled' or 'disabled', such as through tmsh or the xui. A 'disabled' monitor sends no health-check probes, and thus does not contribute to an indication of the resource's health. Disabling a monitor does not otherwise impact availability of the monitored resource.

Impact:
This message is log-notification only when the monitor instance status is changed between 'enabled' and 'disabled'.

Recommended Action:
This is not an error, but a notification of monitor instance status change that records the resulting status.


01070823 : Read Access Denied: %s

Location:
/var/log/ltm, shown in tmsh

Conditions:
A user attempts to query objects or stats in a partition to which the user does not have read access, or attempts to query non-partitioned objects but does not have non-partitioned read access.

Impact:
User is not able to read the desired objects or stats.

Recommended Action:
If the user needs read access to the objects or stats, then the user must be given a role on the appropriate partition with read access.


01070827 : User login disallowed: %s

Location:
/var/log/ltm

Conditions:
Attempt to log in as a user with no partition access specified.

Impact:
Unable to log in as user with no partition access specified. Such a user has no access.

Recommended Action:
Specify partition-access for every user account that needs access to the BIG-IP device.


01070921 : Virtual Server '%s' on partition '%s' %s by user '%s'.

Location:
/var/log/ltm

Conditions:
A user (with sufficient permissions) has enabled or disabled a virtual server.

Impact:
The virtual server is either enabled or disabled as requested; the network service(s) provided by the virtual server were either made available or made unavailable.

Recommended Action:
This is a user requested action, not an issue with the product.


01070927 : Request failed, data provider (%s) disconnected from mcpd

Location:
/var/log/ltm

Conditions:
The system process named in the message is attempting to unmark itself as a publisher, but has specified a publisher name that it had not previously used. See error catalog item 620989 for a description of the publishing mechanism.

This message occurs during system shutdown or restart.

Impact:
No user impact. This message implies that there is a defect in TMOS, but a comparatively minor one. There is no risk of system instability or dropped traffic.

Recommended Action:
None.


01070978 : The vlan (%s) for the specified self IP (%s) must be one of the vlans in the associated route domain (%s).

Location:
/var/log/ltm, console, and GUI.

Conditions:
When the self IP VLAN is not one of the VLANs in the route-domain, where the route domain is extracted based on the self IP address format.

Impact:
MCPD will prevent the self IP address from being created with the designated VLAN.

Recommended Action:
Verify that the route domain, as specified in the self IP address has the right VLANs as its members.


01070979 : The specified vlan (%s) for route domain (%s) is in use by a self IP.

Location:
/var/log/ltm

Conditions:
When attempting to remove a VLAN that still has a SelfIp association.

Impact:
VLAN is prevented from removal until the SelfIp in question is moved or removed.

Recommended Action:
Move the SelfIp(s) associated with the VLAN to other VLANs.


01071027 : Master key OpenSSL error: %s

Location:
/var/log/ltm

Conditions:
These logs indicate that there is a problem with the BIG-IP device's secure vault feature, device group mutual authentication, or OpenSSL processing of those features. They come in two types.

These logs indicate a problem with openssl processing itself, such as an out-of-memory condition.
Master key OpenSSL error: Unit Key Generation fails!
Master key OpenSSL error: Key decrypt update
Master key OpenSSL error: Key decrypt final
Master key OpenSSL error: Master decrypt update
Master key OpenSSL error: Master decrypt final
Master key OpenSSL error: RSA public encrypt error
Master key OpenSSL error: b64_decode BIO_read error
Master key OpenSSL error: Cannot find proper algorithm
Master key OpenSSL error: Cannot create new X509 certificate
Master key OpenSSL error: Setting certificate version to SSL v3"
Master key OpenSSL error: Cannot allocate a pub_key type
Master key OpenSSL error: Cannot create new ASN1 type.
Master key OpenSSL error: Key size mismatch with PKCS1 padding size
Master key OpenSSL error: Cannot convert signature to data stream
Master key OpenSSL error: Error signing certificate
Master key OpenSSL error: Loading unit key: Error converting data blob to key.
Master key OpenSSL error: AES256 Symmetric Unit Key Generation fails!

These logs pertain to a corrupt master key, unit key, device group certs/keys, or HA certs/keys failures.
Master key OpenSSL error: Cannot open key store
Master key OpenSSL error: Cannot open key store RSA
Master key OpenSSL error: Cannot load %s (/.unit[1,2].key, /unit[1,2].crt, /master.[1,2], /master, /.unitkey, /temp, /master.recovery, /var/www/unitkeys/unit.crt)
Master key OpenSSL error: Cannot read master key
Master key OpenSSL error: Key encrypt
Master key OpenSSL error: Master encrypt
Master key OpenSSL error: Cannot save master key for peer.
Master key OpenSSL error: Symmetric Unit Key encrypt
Master key OpenSSL error: Symmmetric Unit Key decrypt
Master key OpenSSL error: Cannot open unit certificate file.
Master key OpenSSL error: Cannot read unit certificate file.
Master key OpenSSL error: Cannot write unit cert
Master key OpenSSL error: (/.unit[1,2].key, /unit[1,2].crt, /master.[1,2], /master, /.unitkey, /temp, /master.recovery, /var/www/unitkeys/unit.crt)
Master key OpenSSL error: Peer Certificate file

Impact:
Loading or syncing configurations with encrypted attributes will fail.

Recommended Action:
Reset the device trust group or the HA group. Or, reload a backup UCS file as described in K9420.
https://support.f5.com/csp/#/article/K9420


01071029 : %s

Location:
/var/log/ltm

Conditions:
1. These log messages pertain to the unit key and possible issues it may encounter.
Unit key SHA1 function failed.
Unit key hash does not match! Possible key corruption or tampering. Retry ...
Unit key read failed! Retry ...
Unit key read failed! back off to platform phase...
SecureVault encountered issue with reading Unit key from SEEPROM. Try rebooting the system...
Removing corrupt key header.
Cannot open unit key store
Unit key write to hal failed.
Unit key write verify failed.
Cannot load unit key
No Unit Key Found
Failed to encrypt the unit key
Loading unit key: Error converting data blob to key.

2. These log messages relate to the unit keys encryption of the master key:
Save Master Key aborted -- cannot load unit key.
Failed to encrypt the master key
save_master_key(master): Not ready to save yet -- no master key
save_master_key(master): Not ready to save yet -- no unit key
Couldn't retrieve the old master key.
Master Key not present.
Failed to encrypt the Master key

3. These log messages relate to attempts to change the master key.
Invalid master key
Attempted to rekey with a blank master key
Save Master Key aborted -- cannot determine unit id!
Cannot determine failover unit ID

4. This message is a general error.
b64_decode BIO_read error

5. This log message relates to the custom password db variable for encrypted attributes.
Custom Key not present. Please set the security.custompassword db variable.

Impact:
Possible issues using the secure vault feature.

Recommended Action:
1 and 2. Attempt to reboot the system. If the problem is not resolved, contact F5 support.
3. Attempt to change the key with a valid key.
4. None.
5. Set the security.custompassword db variable.


0107102d : Cannot load master key file. Updating to a new master key.

Location:
/var/log/ltm

Conditions:
The master key file does not exist or has been corrupted.

Impact:
Previous configurations with encrypted attributes using the old master key will be unloadable.

Recommended Action:
Upload a backup ucs file.
https://support.f5.com/csp/#/article/K9420


01071038 : %s

Location:
/var/log/ltm

Conditions:
1. The following log entries occur during changes to the master key or aspects of the changing process.
Loading keys from the file.
Unit key read from the hardware.
Attempting Master Key migration to new unit key.
Master Key updated by user <user>
Unit key hash on write: <hash value>
Reloading the RSA unit to support config roll forward.
Read the unit key file if exists.
Loading master key from database object!

2. The following log entries relate to loading the unit key from the hardware, if these are different, there is an issue with the hardware.
Unit key hash from key header: <hash value>
Unit key hash computed from read key: <hash value>

3. The following log entries indicate that the master key is missing or corrupted:
Unable to load master key from database. Configuration object was null.
Unable to load master key from database. Empty master key attribute.
Unable to load master key from database. Master key decode fails.
Secondaries couldn't load master key from the file.
Secondaries couldn't load master key from the database.

Impact:
1. No impact.
2. Attempt rebooting the BIG-IP.
3. Recreate the master key

Recommended Action:
None.


01071047 : Removing %d %s local objects from slot %d

Location:
/var/log/ltm

Conditions:
mcpd logs this message in response to removing configuration objects associated with a chassis slot. This can happen as the result of a cluster member being disabled or going down. Interfaces and trunk working members, for example, which are associated with the cluster member are then removed.

Impact:
This is expected behavior. The removed configuration objects will be unavailable for a given slot until the blade has been restored.

Recommended Action:
None.


01071070 : Failed to %s file %s with error %d

Location:
/var/log/ltm

Conditions:
Mcpd logs this message in response to two events:
1. Failing to change permissions to read-only for file BigDB.dat
2. Failing to open file BigDB.dat

Both issues will be accompanied by an errno number. The first corresponds to the return value of chmod. The second corresponds to an error produced while attempting to construct an ofstream.

Impact:
The impact of failing to change permissions to read-only is that BigDB.dat can still be written to. This may be inconsequential, but it could also lead to unexpected behavior.

If mcpd fails to open BigDB.dat, it will throw an exception and core.

Recommended Action:
Unknown at this time. The workaround depends on what errno is given with the failure.


01071246 : "Unable to reload the dns cache\n"

Location:
/var/log/ltm

Conditions:
This message can appear when dnscached failed to reload configuration files. Most likely that happens during the BIG-IP device startup, when dnscached is not started yet, but the command to reload configuration already executed.

Impact:
dnscached might have an invalid configuration or is not configured.

Recommended Action:
When the BIG-IP device is fully started, you can restart dnscached to reload the configuration:
tmsh modify sys db dns.cache value disable
tmsh modify sys db dns.cache value enable

To verify current status of dnscached, please use command:
tmsh list sys db dns.cache


01071392 : Background command '%s' failed. %s

Location:
/var/log/ltm

Conditions:
Many components use this to execute a command. If the command fails, this message is logged for the command.

Impact:
Many components use this to execute a command. Actual impact depends on the command.

Recommended Action:
Many components use this to execute a command. A workaround might not be needed, or depends on the command.

Debug information might be obtained by setting mcpd's log level to info.


010713b1 : Cannot delete IP (%s) because it is used by the system state-mirroring (%s) setting.

Location:
/var/log/ltm, console, and GUI.

Conditions:
When trying to delete a self IP, but self IP is referenced in mirroring settings.

Impact:
Prevent the self IP from being deleted, until the mirroring setting no longer references the self IP.

Recommended Action:
Remove the self IP from the mirroring setting before trying to delete the self IP again.


010713c1 : Initial management network proposals triggered (%s)

Location:
/var/log/ltm

Conditions:
Mcpd is initializing the hypervisor admin network settings. This generally happens upon system startup, re-licensing, or when the system status goes from down to up.

Impact:
There is no expected immediate impact of this message. The message merely indicates that mcpd has begun performing an operation and that there are no expected side effects until that operation is complete.

Recommended Action:
None.


010713c2 : No new proposal values detected

Location:
/var/log/ltm

Conditions:
Mcpd processed a message to update the settings for the admin network parameters or cluster floating interface (address, gateway address, or hostname), however, the message contained no new or changed information.

Impact:
No changes will be made to the admin network parameters or cluster floating interface.

Recommended Action:
If a change to the admin network parameters or cluster floating interface was intended, verify that the correctly changed information has been provided through the chosen configuration method.


01071412 : Cannot delete IP (%s) because it is used by the system config-sync setting.

Location:
/var/log/ltm, console, and GUI.

Conditions:
When trying to delete a self IP, but self IP is referenced in config sync settings.

Impact:
Prevent the self IP from being deleted, until the config sync settings no longer reference the self IP.

Recommended Action:
Remove the self IP from the config sync setting before trying to delete the self IP again.


0107142f : Can't connect to CMI peer %s, %s

Location:
/var/log/ltm reports "Can't connect to CMI peer %s, %s"

tmsh show cm sync-status shows the connection state

tmsh prompt will show whether devices are connected. States include 'connected' or 'disconnected'.

Conditions:
Internal Conditions:
- socket failures, for example, create, setting socket options, failure to connect or poll on file descriptor.
- TMM on the local side has not yet established a listener (or failed to bind the socket)

External Conditions:
- The other device isn't ready, for example, the TMM on the other side hasn't been initialized to receive connections.
- General network failures (e.g. switch failure, cable failure, power outage, etc.)

Impact:
This generally is not a BIG-IP system error; it indicates external network failures. The BIG-IP will attempt to reconnect to peers till there's a successful connection.

Recommended Action:
This error is usually seen as a result of external network problems, but can be a symptom of internal problems such as mcpd running out of memory, the kernel running out of file descriptors, or mcpd restarting. This error is usually seen as a result of external network problems, but can be a symptom of internal problems such as mcpd running out of memory, the kernel running out of file descriptors, or mcpd restarting.

To check file descriptors: sysctl fs.file-nr

If mcpd runs out of memory or restarts, it should be logged in /var/log/ltm.

The config-sync connection uses port 6699, which is then routed and tunneled through tmm which establishes an ssl connection on port 4353 to the peer.

To check if the config sync listener exists and whether there are peer connections over the config-sync connection:
    lsof -i | grep 6699

This should produce something like the following:
mcpd 6594 root 20u IPv6 1004016 TCP 10.20.0.1:6699 (LISTEN)
mcpd 6594 root 106u IPv6 1004433 TCP 10.20.0.1:6699->10.20.0.2:49485 (ESTABLISHED)
mcpd 6594 root 108u IPv6 1004454 TCP 10.20.0.1:40654->10.20.0.2:6699 (ESTABLISHED)

This indicates that the local BIG-IP has successfully created a listener, and is listening for peer connections, and that there are two connections for each peer device (one in each direction). This might help you determine which connection failed to connect.

To inspect the unencrypted CMI traffic on the BIG-IP:
    tcpdump -nn -l -i <config sync vlan>:h port 6699
To check file descriptors: sysctl fs.file-nr

If mcpd runs out of memory or restarts, it should be logged in /var/log/ltm.

The config-sync connection uses port 6699, which is then routed and tunneled through tmm which establishes an ssl connection on port 4353 to the peer.

To check if the config sync listener exists and whether there are peer connections over the config-sync connection:
    lsof -i | grep 6699

This should product something like the following:
mcpd 6594 root 20u IPv6 1004016 TCP 10.20.0.1:6699 (LISTEN)
mcpd 6594 root 106u IPv6 1004433 TCP 10.20.0.1:6699->10.20.0.2:49485 (ESTABLISHED)
mcpd 6594 root 108u IPv6 1004454 TCP 10.20.0.1:40654->10.20.0.2:6699 (ESTABLISHED)

This indicates that the local BIG-IP has successfully created a listener and is listening for peer connections and that there are two connections for each peer device (one in each direction). This may help you determine which connection failed to connect.

To inspect the unencrypted CMI traffic on the BIG-IP:
    tcpdump -nn -l -i <config sync vlan>:h port 6699


01071430 : Cannot create CMI listener socket on address %s, port %d, %s

Location:
This will show in /var/log/ltm, and the CMI section of the prompt status will stay Disconnected.

Conditions:
Unable to create and bind the TCP connection used for listening to incoming CMI connections. The message will include strerror(3) output describing the problem.

Impact:
CMI will remain disconnected.

Recommended Action:
If the error string contains 'Cannot assign requested address', then ensure that a route exists to the remote device's configsync-ip.


01071431 : Attempting to connect to CMI peer %s port %d

Location:
/var/log/ltm

Conditions:
mcpd is starting up and attempting to set up a CMI connection to another device in the trust domain.

Impact:
This is not an error message. Other later messages will indicate whether this succeeded or failed.

Recommended Action:
None.


01071432 : CMI peer connection established to %s port %d after %d retries

Location:
/var/log/ltm

Conditions:
This device has successfully created a CMI connection to another device in the trust domain. This happens on mcpd startup or after a previous disconnection.

Impact:
This is not an error message. Configuration synchronization is now possible with the named device.

Recommended Action:
None.


01071436 : CMI listener established at %s port %d

Location:
/var/log/ltm

Conditions:
mcpd is initializing and successfully created a listener that can accept incoming CMI connections.

Impact:
This is not an error message. This part of the system is healthy. mcpd can now accept incoming CMI connections.

Recommended Action:
None.


0107143a : CMI reconnect timer: %s

Location:
This message appears in /var/log/ltm, but only when mcpd debug logging is enabled.

Conditions:
There are two possible versions of this message.

The following message occurs when the device loses its CMI connection to at least one other device, and is starting up a timer to try reconnecting every five seconds:
CMI reconnect timer: enabled because at least one device is disconnected

Once the condition is cleared, the following message occurs to indicate that the reconnect timer is canceled:
CMI reconnect timer: disabled because all peers are connecting or connected

Impact:
mcpd is unable to make a CMI connection to at least one other device. The prompt status will also show as Disconnected.

Recommended Action:
Investigate why the connection is failing. The other device might either be unreachable or having an error of its own. Run 'show cm sync-status' to see exactly which device is disconnected.


0107143c : Connection to CMI peer %s has been removed

Location:
/var/log/ltm

Conditions:
The CMI connection to another device has disconnected, either due to a problem with the other device or with the link itself.

Impact:
Synchable configuration will not be sent to the device in question until the connectivity problem is resolved.

Recommended Action:
If this is unexpected, inspect the log on the other process to determine what may be going wrong.


01071451 : Received CMI hello from %s

Location:
/var/log/ltm

Conditions:
Another device has established a CMI connection to this device.

Impact:
This is not an error message. CMI configuration sync will now be possible between the two devices.

Recommended Action:
None.


01071470 : Disconnecting from CMI device %s, the device is not in a trust domain

Location:
/var/log/ltm

Conditions:
This error occurs when another device attempts to create a CMI connection (that is, the mcpd for the additional device is starting up), and the device name it announces is unrecognized. This issue can occur if the device was removed from CMI while it was offline. Alternately, this error can occur if another device attempts to create a CMI connection, and there is no self device. During normal operation, this error is impossible.

Impact:
The BIG-IP system refuses to accept the connection. Sync will not occur, usually the expected behavior, because this message occurs if CMI was deconfigured on one device but the other devices were not informed.

Recommended Action:
Log on to the device attempting to connect, and remove it from its trust domain. Log on to any other devices in the trust domain and remove the device object. If desired, re-add the device to the trust domain.


0107147f : Could not read certificate file (%s)

Location:
This error message is displayed on the user interface, such as XUI or TMSH.

Conditions:
If you have scripts (such as iRule, CLI, APL or App Template scripts) and want to sign them for read-only protection, as part of the signing process, and the provided certificate cannot be read by BIG-IP system, this error message is displayed.

Impact:
When this message appears, verify that the certificate is correct and available before applying the signature.

Recommended Action:
When this message appears, verify that the certificate is correct and available before applying the signature.


01071488 : Remote transaction for device group %s to commit id %llu %llu %s %llu failed with error %s

Location:
/var/log/ltm

Conditions:
This message occurs when this device sends a Config Sync to another device, and validation fails remotely on that device. This message includes another log message that provides more information.

This message indicates a legitimate misconfiguration, and provides an action to take that is related to the synchronized objects.

One common example applies to a floating self IP. The self IP object is required to name a VLAN on which it listens. A VLAN of the same name must exist on the other device, as well.

Impact:
The remote device aborted the Config Sync transaction, and did not acquire any of its changes.

Recommended Action:
This message can include a more specific error, which you can reference in the error catalog for resolution.


010714a0 : Sync of device group %s to commit id %llu %llu %s %llu from device %s complete

Location:
/var/log/ltm

Conditions:
The mcpd log level is set to 'notice' or 'debug', a device is in a trust domain with at least one other peer, and the peer synced a device group.

Impact:
The local device has updated the last sync information of the peer for a particular device group.

Recommended Action:
Set the db variable log.mcpd.level to 'notice' or any other more restrictive level.


01071539 : Mcpd is starting. The BIG-IP version is %s

Location:
/var/log/ltm

Conditions:
mcpd is starting. This happens as a normal result of restarting the daemon or simply first time boot.

Impact:
This is normal and expected behavior. Mcpd should begin to progress through initialization phases.

Recommended Action:
None.


0107157D : %s: %s

Location:
/var/log/ltm

Conditions:
Examples:
0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status passed

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - src (/config/filestore/files_d/Common_d/epsec_package_d/:...iso) dst (/shared/apm/images/...iso)

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version X.X.X

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Removing obj name: epsec-1.0.0-446.0.iso, create time 1485282975

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Deleting object epsec-1.0.0-446.0.iso, create time 1485282975

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Remaining most recent obj name: epsec-1.0.0-446.0.iso, create time: 1485282975

0107157D:5: mcpd: update_version: EPSEC::Removing invalid package (epsec-1.0.0-446.0.iso) found during config load.

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)

0107157D:5: mcpd: copy_file: Failed in file copy, creating destination directory errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - created destination directory (/shared/apm/images)

0107157D:5: mcpd: copy_file: Failed in file copy errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).

0107157D:5: mcpd: delete_file: Failed to delete file errno=(ENOENT) file=(/shared/apm/images/...).

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::creat_dir. Path (/shared/apm/images) exists and is not a directory

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. stat error: errno(ENOENT) strerror(File Not Found) for dirpath(/config/filestore/...)

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. Failed to create dir (/shared/apm/images) : errno(ENOSPC) strerror(No space left on device)

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-393.0

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Updating status with new version 1.0.0-393.0

0107157D:5: mcpd: mark_objects_for_delete: EPSEC::EPSEC Software Status for this device (bigip.f5.com) is a built-in object and cannot be deleted!

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status start

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status done

Below are the conditions for each of the log messages-

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status passed
Condition - This message indicates the epsec installation was completed and the epsec software version was correctly loaded in MCP.

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - src (/config/filestore/files_d/Common_d/epsec_package_d/:...iso) dst (/shared/apm/images/...iso)
Condition - This message indicates that during epsec package installation, the package is being copied from the config filestore to the standard location (/shared/apm/images) in the disk where all the epsec packages are stored.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-427.0
Condition - This message indicates that a new version of the epsec package has been updated after the latest package installation.

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Condition - This message indicates that during epsec package installation, the package is being copied from the config filestore to the standard location (/shared/apm/images) in the disk where all the epsec packages are stored.

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Condition - This message indicates the version and oesis-version of the new package which was installed.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Removing obj name: epsec-1.0.0-446.0.iso, create time 1485282975
Condition - This message indicates that an epsec package is being deleted.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Deleting object epsec-1.0.0-446.0.iso, create time 1485282975
Condition - This message indicates that old epsec packages are being deleted.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Remaining most recent obj name: epsec-1.0.0-446.0.iso, create time: 1485282975
Condition - This message indicates the package which was most recently installed.

0107157D:5: mcpd: update_version: EPSEC::Removing invalid package (epsec-1.0.0-446.0.iso) found during config load.
Condition - This message indicates that on a config load an invalid epsec package was detected and it will be removed from the config. And invalid epsec package could be due to a package from a very old configuration or has invalid version information in it.

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Condition - This message indicates the version to which the epsec package is being upgraded to.

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Condition - This message is a debug log which prints and internal file copy operation.

0107157D:5: mcpd: copy_file: Failed in file copy, creating destination directory errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Condition - This message indicates that the epsec package could not be copied into the destination directory. This can happen during installation or upload of a new package.

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - created destination directory (/shared/apm/images)
Condition - This message is a debug log which prints the destination directory path.

0107157D:5: mcpd: copy_file: Failed in file copy errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Condition - This message indicates that the epsec package could not be copied into the destination directory. This can happen during installation or upload of a new package.

0107157D:5: mcpd: delete_file: Failed to delete file errno=(ENOENT) file=(/shared/apm/images/...).
Condition - This message indicates that rollback of a previous file copy operation failed. This can happen if the transaction which is invoked for the epsec package installation fails.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::creat_dir. Path (/shared/apm/images) exists and is not a directory
Condition - This message indicates that the path to which the epsec package is to be copied is not a directory.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. stat error: errno(ENOENT) strerror(File Not Found) for dirpath(/config/filestore/...)
Condition - This message is a debug log to indicate that the directory path is not present and needs to be created.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. Failed to create dir (/shared/apm/images) : errno(ENOSPC) strerror(No space left on device)
Condition - This message indicates that the directory could not be created during epsec package installation.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-393.0
Condition - This message is a debug log which indicates the version of the new epsec package being installed.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Updating status with new version 1.0.0-393.0
Condition - This message is a debug log which indicates the version of the new epsec package being installed.

0107157D:5: mcpd: mark_objects_for_delete: EPSEC::EPSEC Software Status for this device (bigip.f5.com) is a built-in object and cannot be deleted!
Condition - This message indicates that an attempt was made to delete a system epsec package which cannot be deleted.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status start
Condition - This message indicates that the epsec software version is being loaded from the installed epsec package.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status done
Condition - This message indicates that the epsec software version was successfully loaded from the installed epsec package.

Impact:
Below are the Impacts for each of the log messages-

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status passed
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - src (/config/filestore/files_d/Common_d/epsec_package_d/:...iso) dst (/shared/apm/images/...iso)
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-427.0
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Removing obj name: epsec-1.0.0-446.0.iso, create time 1485282975
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Deleting object epsec-1.0.0-446.0.iso, create time 1485282975
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Remaining most recent obj name: epsec-1.0.0-446.0.iso, create time: 1485282975
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: update_version: EPSEC::Removing invalid package (epsec-1.0.0-446.0.iso) found during config load.
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Impact - This is just a notice with no impact on the system

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: copy_file: Failed in file copy, creating destination directory errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Impact - This message indicates that the new epsec package will not be installed on the system as an internal file copy operation failed.

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - created destination directory (/shared/apm/images)
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: copy_file: Failed in file copy errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Impact - This message indicates that the new epsec package will not be installed on the system as an internal file copy operation failed.

0107157D:5: mcpd: delete_file: Failed to delete file errno=(ENOENT) file=(/shared/apm/images/...).
Impact - This message indicates that the installation of epsec package failed and as part of the rollback the cleanup of the copied package failed. This will cause unnecessary disk space to be utilized by the package.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::creat_dir. Path (/shared/apm/images) exists and is not a directory
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. stat error: errno(ENOENT) strerror(File Not Found) for dirpath(/config/filestore/...)
Impact - This message is a debug log to indicate that the directory path is not present and needs to be created. It will be subsequently created, so this has no functional impact on the administrative action.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. Failed to create dir (/shared/apm/images) : errno(ENOSPC) strerror(No space left on device)
Impact - This message indicates that the internal epsec package directory could not be created and so the installation of the epsec package will fail.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-393.0
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Updating status with new version 1.0.0-393.0
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: mark_objects_for_delete: EPSEC::EPSEC Software Status for this device (bigip.f5.com) is a built-in object and cannot be deleted!
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status start
Impact - This is just a notice with no impact on the system.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status done
Impact - This is just a notice with no impact on the system.

Recommended Action:
Below are the Workarounds for each of the log messages-

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status passed
Workaround - None.

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - src (/config/filestore/files_d/Common_d/epsec_package_d/:...iso) dst (/shared/apm/images/...iso)
Workaround - None.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-427.0
Workaround - None.

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Workaround - None.

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Workaround - None.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Removing obj name: epsec-1.0.0-446.0.iso, create time 1485282975
Workaround - None.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Deleting object epsec-1.0.0-446.0.iso, create time 1485282975
Workaround - None.

0107157D:5: mcpd: delete_obsolete_objects: EPSEC::Remaining most recent obj name: epsec-1.0.0-446.0.iso, create time: 1485282975
Workaround - None.

0107157D:5: mcpd: update_version: EPSEC::Removing invalid package (epsec-1.0.0-446.0.iso) found during config load.
Workaround - None.

0107157D:5: mcpd: update_version: EPSEC::In update_version - Version (1.0.0-393.0) OESIS Version (3.6.9993.2)
Workaround - None.

0107157D:5: mcpd: copy_file: EPSEC in EspecFileObjMgr::copy_file - src (/config/filestore/...) dst (/shared/apm/images/...)
Workaround - None..

0107157D:5: mcpd: copy_file: Failed in file copy, creating destination directory errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Workaround - One possible cause of this error could be lack of disk space and so one can delete existing epsec package or other files from the disk and attempt installation of the epsec package again. In other cases, there is no recommended workaround.

0107157D:5: mcpd: copy_file: EPSEC::In copy_file - created destination directory (/shared/apm/images)
Workaround - None.

0107157D:5: mcpd: copy_file: Failed in file copy errno=(ENOSPC) src=(/config/filestore/...) dst=(/shared/apm/images/...).
Workaround - One possible cause of this error could be lack of disk space and so one can delete existing epsec package or other files from the disk and attempt installation of the epsec package again. In other cases, there is no recommended workaround.


0107157D:5: mcpd: delete_file: Failed to delete file errno=(ENOENT) file=(/shared/apm/images/...).
Workaround - Not known.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::creat_dir. Path (/shared/apm/images) exists and is not a directory
Workaround - None.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. stat error: errno(ENOENT) strerror(File Not Found) for dirpath(/config/filestore/...)
Workaround - None.

0107157D:5: mcpd: create_dir: EpsecFileObjectMgr::create_dir. Failed to create dir (/shared/apm/images) : errno(ENOSPC) strerror(No space left on device)
Workaround - One can try to manually create the specified directory path and then attempt the installation operation again.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Creating new status with version 1.0.0-393.0
Workaround - None.

0107157D:5: mcpd: create_or_update_status_obj: EPSEC::Updating status with new version 1.0.0-393.0
Workaround - None.

0107157D:5: mcpd: mark_objects_for_delete: EPSEC::EPSEC Software Status for this device (bigip.f5.com) is a built-in object and cannot be deleted!
Workaround - None.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status start
Workaround - None.

0107157D:5: mcpd: init_system_epsec_software_status: EPSEC:: loading of Epsec software status done
Workaround - None.


01071587 : Commit ID message ignored, %s

Location:
/var/log/ltm

Conditions:
This message occurs when a device receives a commit ID update (that is, a config change) from a peer, but the commit ID is missing the originator field.

Impact:
No known negative impact.

Recommended Action:
To examine the commit IDs from a peer, you can run tmsh run /cm sniff-updates.


0107167d : Data publisher not found or not implemented when processing request %s.

Location:
/var/log/ltm

Conditions:
Possible causes of this error include:
- Statsd daemon might not be running yet.
- Mcpd received a bad request.
- A stats publisher is not available to handle the request.

Impact:
Impact can potentially include:
- No stats available.
- Certain requests are not be processed by Mcpd.

Recommended Action:
(1) Ensure that statsd daemon is running. `bigstart status statsd merged`
(2) Ensure that the publishing daemon is running. For example, if the error is logged when you run `tmsh show net arp`, determine whether the TMM is up by running `bigstart status tmm`.

If any of the daemons are down, run `bigstart start <daemon>`.

If all daemons are running, then neither of the two cited daemons is the cause. Instead, the cause might be an internal issue related to a malformed request, in which case you should file a support ticket.


01071681 : SNMP_TRAP: Virtual %s has become available

Location:
/var/log/ltm

Conditions:
This message is logged when the virtual server becomes "available", transitioning from some other status. Note that this indicates the virtual server is now "status-green", transitioning from some other status such as "unchecked-blue" or "unavailable-red".

Impact:
This message is log-notification only when the virtual server status is changed to be available (status "green"). This is not an error, as this virtual server is established as correctly configured to receive new client connections.

Recommended Action:
This is not an error, but a notification of a virtual server status change that has now become available.


01071682 : SNMP_TRAP: Virtual %s has become unavailable

Location:
/var/log/ltm

Conditions:
Example:
SNMP_TRAP: Virtual my_server has become unavailable

This message is logged when the virtual server becomes "unavailable", transitioning from some other status. Note that this indicates the virtual server is now "status-red", transitioning from some other status such as "available-green" or "unchecked-blue".

Impact:
This message is log-notification only when the virtual server status is changed to be unavailable (status "red"). Because the virtual server is unavailable, no new client connections will be established to this virtual server.

Recommended Action:
This is a notification of a virtual server status change for a virtual server has now become unavailable. The unavailable-status (i.e., "red") might be an indication of an error, such as when the required number of pool members are unavailable due to configuration error or one-or-more pool member failures.


0107172d : Policy '%s' can't be applied to virtual server '%s' because it has no rules

Location:
The error message is visible in the web user interface, TMSH/CLI console, and the LTM log (/var/log/ltm).

Conditions:
The error message is triggered by the attempt of a user driven action to create or modify an LTM policy without specifying policy rules.

Impact:
Directing the user to create or modify an LTM policy within the required validation conditions, in this case by specifying policy rules for the LTM policy.

Recommended Action:
The user action should follow the correct steps while creating or modifying an LTM policy, by adding at least a validation rule to the LTM policy.


01071912 : %s in rule (%s) requires an associated %s profile on the %s (%s).

Location:
/var/log/ltm

Conditions:
A an iRule script was added to a virtual that referred to a configuration object (like pool, snat pool, transport-congig, etc). When this iRule script was added to a virtual or transport-config, the validation logic identified that the referred object would not be present unless the named profile existed on the virtual or transport-config.

Impact:
There should be no impact. The validation logic checks the configuration to insure the script will run properly.

Recommended Action:
Remove the reference to the named object and add the script to the virtual or transport-config.


01071913 : %s in rule (%s) under %s event at %s (%s) does not satisfy cmd/event/profile requirement

Location:
/var/log/ltm and GUI

Conditions:
This is an error that is issued when MCPD is validating iRule proc with the current configuration and detecting an incompatibility.

This scenario is most likely involving the user creating a library of reusable iRule procs that are meant to be called from multiple event based iRules, and then combining one or more iRules with these procs by associating them with the virtual server in order to achieve the desired behavior. The user then decides to remove a profile deemed unnecessary from the virtual.

However, the combination of virtual server, the iRule event that leads to calling the proc and the commands executed in the iRule proc itself, might lead to incompatible combination.

For example, an iRule proc might attempt to return an application specific combination of HTTP headers:

# user creates virtual
ltm virtual vs_http {
   destination any:80
   profiles {
     http {}
     tcp {}
   }
   ...
}
   

# user creates rule in ltm rule /Common/rl_app_http
proc get_app_headers { } {
 return "[HTTP::header app_1]-[HTTP::header app_2]"
}

this code may then be called from an iRule event in
# in ltm rule /Common/rl_http_req
when HTTP_REQUEST {
 set app_h [call rl_app_http::get_app_headers]
}


# user then decides to remove http profile from the virtual server
... (tmos)# mod ltm virtual vs_http profiles delete { http } <ENTER>

# Error is issued by validation code

Impact:
Saving the modified configuration will not be possible.
The virtual server configuration or iRules need to be corrected before saving the
configuration will be possible.

Recommended Action:
Users need to ensure that the correct combination of iRule commands and events is associated with the virtual server by performing one of the steps below:
1. Associate the right profile(s) with the virtual server
2. Use only applicable commands in iRule procs
3. Ensure the combination of events in iRules and commands is still valid when modifying
   virtual server configuration


010719fd : No IPv%s self IP exists on VLAN (%s) for static route (%s)

Location:
/var/log/ltm

Conditions:
The last IPv4 or IPv6 self IP was deleted from a VLAN, which will leave a static route without an IP on the egress VLAN.

Impact:
The self IP cannot be deleted until the static route is deleted or its nexthop is changed to use a different VLAN.

Recommended Action:
Before deleting the last IPv4 or IPv6 self IP from a VLAN, delete static routes for that protocol that use the VLAN.


010c0009 : Lost connection to mcpd - reestablishing

Location:
/var/log/ltm. Neither the Console nor the GUI provides it.

Conditions:
When SOD loses its connection to MCPD for whatever reason, this message is logged.

Impact:
SOD won't have communication with MCPD. Any device status/configuration updates wouldn't be possible until the communication is re-established.

Recommended Action:
If the connection is not re-established automatically, try restarting all services with bigstart restart.


010c0018 : Standby

Location:
/var/log/ltm. The GUI provides other prompts that indicate a device is in Standby mode; and the Console provides a prompt with Standby State in it.

Conditions:
A device goes to standby by user manual intervention, or when some other device is the active one in the failover group.

Impact:
If it is due to a user intervention, all failover objects in the device will be serviced by the next active device in the failover group, for example, traffic groups.

Recommended Action:
None.


010c0022 : Opening %s for failover monitoring

Location:
/var/log/ltm.

Conditions:
This log is informational and indicates that SOD has opened the failover serial port. This occurs on the startup of SOD. The use of the serial port for failover status is determined by the configuration of the BIG-IP.

Example:
Nov 11 07:35:13 lead info sod[6502]: 010c0022:6: Opening /dev/tty01 for failover monitoring.

Impact:
None.

Recommended Action:
None.


010c002b : Traffic group %s received a targeted failover command for %s.

Location:
/var/log/ltm

Conditions:
This log entry appears when the active device has received and is processing a targeted-failover command that is issued by an administrator for a specified traffic group.

Impact:
This is an informational log entry that indicates that the administrator has issued a failover for a specific traffic group on the active device.

Recommended Action:
None.


010c002c : Traffic group %s received a targeted failover command from cluster mate for %s.

Location:
/var/log/ltm

Conditions:
This log message appears when a blade in a cluster has received and is processing a targeted-failover command from one of the other blades in the cluster for a specified traffic group.

Impact:
This is an informational log message that indicates that the administrator has issued a failover for a specific traffic group in a cluster and this blade is processing that command.

Recommended Action:
None.


010c002d : Traffic group %s going standby via targeted failover command.

Location:
/var/log/ltm

Conditions:
This log message appears when a specified traffic group is going from active to standby, caused by a targeted-failover command that is issued by an administrator for a specified traffic group.

Impact:
This is an informational log message that indicates that the administrator has issued a targeted failover command to change a specific traffic group from an active to standby. device.

Recommended Action:
None.


010c003b : Bind fails on %s addr %s port %d error %s

Location:
/var/log/ltm

Conditions:
An invalid address has been configured as a unicast address on the device.

Impact:
The invalid unicast address cannot be used to send or receive network failover data.

Recommended Action:
Change the unicast address to be a valid management IP or self-IP.


010c003c : Connect fails on %s addr %s port %d error %s

Location:
/var/log/ltm

Conditions:
The code paths in question can only be executed if secure network failover is enabled. This error can occur if no route exists to the remote unicast address ("Network is Unreachable").

Impact:
Network failover communication to the remote unicast address does not work.

Recommended Action:
Repair the network partition.


010c003e : Offline

Location:
/var/log/ltm

If this offline state was requested by the user, the GUI provides other status fields that indicate a device is in Forced Offline mode, and the Console provides a prompt with ForcedOffline State in it.

Conditions:
It is a transitional state that is logged when the device comes up or when SOD restarts.
It will also occur when the user forces a device to stay offline.
The device encounters networking problems.

Impact:
Device won't be online. Network connectivity for services won't be available.

Recommended Action:
Bring the device back online if the offline state was a consequence of a user action.
Restart sod daemon. If that doesn't work, restart all services.


010c0044 : Command: %s

Location:
The message appears only in /var/log/ltm. It does not appear on the console or on the GUI screen.

Conditions:
This is a log entry that displays a failover command, executed by means of the GUI, tmsh, or iControl. The following examples show some of the possible logs, but not all.

The following log corresponds to making a traffic group go to standby from the GUI.
010c0044:5: Command: go standby /Common/TG2 /Common/BIGIP-2.localdomain GUI.

The following log corresponds to making a traffic group go to standby from tmsh.
010c0044:5: Command: go standby /Common/TG2 /Common/BIGIP-1.localdomain tmsh.

The following when making the BIGIP go ForcedOffline mode via tmsh
010c0044:5: Command: go offline all tmsh.

The following when making the BIGIP come back online from ForcedOffline mode via GUI
010c0044:5: Command: release offline all GUI.

The following log comes when making the BIGIP go offline from iControl
010c0044:5: Command: go offline all iControl.

Impact:
None. This is a notification that a system failover command was executed.

Recommended Action:
None.


010c0048 : Bcm56xxd and lacpd connected - links up

Location:
/var/log/ltm

Conditions:
This message is information, and is logged by SOD when the links to Bcm56xxd and lacpd are up. This is part of the normal startup process for SOD.

Example:
Nov 11 07:36:15 lead notice sod[6502]: 010c0048:5: Bcm56xxd and lacpd connected - links up.

Impact:
None

Recommended Action:
None.


010c0049 : Tmm ready - links up.

Location:
/var/log/ltm

Conditions:
This is a message from SOD to indicate that the TMM has reached the running state, and can handle passing and receiving traffic on the self-IPs often used for failover addresses.

This message is seen on initial startup, as well as if SOD or the TMM is restarted.

Impact:
None.

Recommended Action:
None.


010c0050 : Sod requests links down

Location:
/var/log/ltm

Conditions:
This is an information message that is logged during the shutdown of the SOD daemon. It indicates that the links to Bcm56xxd and lacpd have been marked down.

Example:
Nov 11 07:29:03 lead notice sod[6214]: 010c0050:5: Sod requests links down.

Impact:
None.

Recommended Action:
None.


010c0052 : Standby for traffic group %s

Location:
This log only appears in /var/log/ltm. It does not appear on the Console or the GUI.

Conditions:
When a traffic group transitions to the standby state, this log message is logged by the system.

For example when a device is released from the forced offline state; the sequence of logs includes the following:

Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0044:5: Command: release offline all GUI.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0054:5: Offline for traffic group TG2.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0054:5: Offline for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c003e:5: Offline
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c006d:5: Leaving Offline for Standby for dbvar is redundant.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0052:5: Standby for traffic group TG2.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0052:5: Standby for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0018:5: Standby
Oct 11 13:30:04 BIGIP-2 info sod[28395]: 010c0096:6: Next active for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 info sod[28395]: 010c0096:6: Next active for traffic group TG2.

Impact:
None. This is a notification of what is happening with the traffic-group in the device.

Recommended Action:
None.


010c0054 : Offline for traffic group %s.

Location:
/var/log/ltm. Neither the Console nor the GUI show it.

Conditions:
When a traffic-group is about to become active or standby, it starts with the transitional state of offline, which 0is when the log appears. For example the following sequence of logs appear when the device is booting up:

Oct 11 13:00:46 BIGIP-2 notice sod[5403]: 010c0057:5: Activating traffic group TG2.
Oct 11 13:00:46 BIGIP-2 notice sod[5403]: 010c0054:5: Offline for traffic group TG2.
Oct 11 13:00:46 BIGIP-2 notice sod[5403]: 010c0057:5: Activating traffic group traffic-group-1.
Oct 11 13:00:46 BIGIP-2 notice sod[5403]: 010c0054:5: Offline for traffic group traffic-group-1.

This could also be a result of initial configuration or releasing a device from a forced offline state. A common log sequence will look like this:

Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0044:5: Command: release offline all GUI.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0054:5: Offline for traffic group TG2.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0054:5: Offline for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c003e:5: Offline
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c006d:5: Leaving Offline for Standby for dbvar is redundant.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0052:5: Standby for traffic group TG2.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0052:5: Standby for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 notice sod[28395]: 010c0018:5: Standby
Oct 11 13:30:04 BIGIP-2 info sod[28395]: 010c0096:6: Next active for traffic group traffic-group-1.
Oct 11 13:30:04 BIGIP-2 info sod[28395]: 010c0096:6: Next active for traffic group TG2.

Impact:
None. This is a notification of what is happening with the traffic-group in the device.

Recommended Action:
None.


010c0056 : Deactivating traffic group %s

Location:
/var/log/ltm. Neither the Console nor the GUI provide it.

Conditions:
SOD has to reactivate the traffic groups in the device when certain configuration changes occur on the box, specially at boot time. This requires a deactivate/activate sequence, and, when the deactivate occurs, this log appears.

Impact:
None. This is a notification of what is happening with the traffic group on the device.

Recommended Action:
None.


010c0057 : Activating traffic group %s

Location:
/var/log/ltm. Neither the Console nor the GUI provide it.

Conditions:
SOD has to activate the traffic groups in the device when certain configuration changes occur on the box, specially at boot time. This requires a deactivate/activate sequence, and, when the activate occurs, this log appears.

Impact:
None. This is a notification of what is happening with the traffic group on the device.

Recommended Action:
None.


010c005a : Dropping a failover packet that is too small (%u)

Location:
/var/log/ltm

Conditions:
This message indicates that a message was received by SOD on one of its failover listening addresses, but the message was not big enough to be a valid failover packet.

Impact:
Messages that arrive at the failover listening addresses that are too small to be valid are dropped. There is no other effect on system behavior beyond this.

Recommended Action:
If failover messages are not being received from another device in the failover-sync group, and these messages are present in the log, it may indicate an issue with the SOD daemon on the other device. Restarting SOD on the other device may clear the issue. If not, then support will need to be contacted.

Spurious occurrences of this log without other system issue, are not a cause for concern.


010c005b : Dropping a packet that is not a failover packet.

Location:
/var/log/ltm

Conditions:
This log message occurs if the SOD process receives a packet that is not a failover packet.

Impact:
The log (level Notice) is generated when an unknown packet is received by the SOD process and the packet is dropped.

Recommended Action:
None.


010c005e : Waiting for mcpd to reach phase base, current phase is %s

Location:
/var/log/ltm

Neither the GUI nor the console should display it.

Conditions:
This log appears when the switch over (failover) daemon is trying to establish a connection with MCP (configuration daemon). It reports the current MCPD phase in its boot-up sequence.

Impact:
None. This log is informing that MCPD is not ready yet to take any connection.

Recommended Action:
None.


010c005f : Mcpd has reached phase base, current phase is %s

Location:
/var/log/ltm

Conditions:
This is an informational message that SOD has connected to MCPD, and MCPD has reached a state where SOD can continue starting up. This is logged whenever SOD starts up and connected to MCPD and MCPD reaches at least the base phase.

Example:
Nov 11 07:35:24 lead notice sod[6502]: 010c005f:5: Mcpd has reached phase base, current phase is running.

If the following message is seen, and the "MCPD has reached phase base" is not seen afterwards, it may indicate an issue with MCPD.

Nov 11 07:35:00 localhost notice sod[6502]: 010c005e:5: Waiting for mcpd to reach phase base, current phase is platform.

Impact:
None.

Recommended Action:
None.


010c0063 : Waiting for Mcpd without a response. Try again...

Location:
/var/log/ltm

Conditions:
This log message occurs if the SOD process has not established a connection with the MCPD process.

Impact:
The log (level Notice) is generated once during every connection attempt to the MCPD process until a successful connection is established. The SOD process will not operate until this connection is established.

Recommended Action:
Investigate the state of the MCPD process and possibly try a process restart.


010c006a : Configuration CRC values disagree amongst peers. Suggest configsync peers.

Location:
/var/log/ltm
Observed in the UI Device Management "Details" status display.
In the "show cm traffic-group" command.

Conditions:
Configuration relevant to network failover is not in-sync between devices in a failover device group. This message can appear briefly when traffic-group configuration has changed but configsync has not yet completed to the other devices.

Impact:
Network failover calculations might not be correct, resulting in inconsistent (or no) selection of a next-active device, and failover to an unintended location.

Recommended Action:
Enable automatic sync for the failover device group (preferred).
Manually sync the new configuration to the device group.


010c006b : Configuration CRC values agree amongst peers

Location:
/var/log/ltm

There are other indications of configuration being out of sync between devices in the GUI and command line, but the setting and clearing of these indications are unrelated to this log message.

Conditions:
When traffic-group state from other devices is processed, this log appears if the devices in the failover-group did not previously have their configurations in sync.

Oct 13 06:59:37 BIGIP-1 notice sod[6779]: 010c006b:5: Configuration CRC values agree amongst peers.

Impact:
None: Indicates that configurations are now in-sync between devices in the failover-group.

Recommended Action:
None.


010c006c : proc stat: [0] %s

Location:
/var/log/ltm. Neither the console nor the GUI provide it.

Conditions:
SOD has a list of processes it monitors. When any of the processes goes away, this log message appears.

An example of relevant logs when tmm is restarted with bigstart restart follows:

Oct 12 10:23:14 BIGIP-2 warning sod[28395]: 01140029:4: HA proc_running tmm fails action is go offline and down links.
Oct 12 10:23:14 BIGIP-2 notice sod[28395]: 010c0050:5: Sod requests links down.
...
Oct 12 10:23:21 BIGIP-2 notice sod[28395]: 01140045:5: HA reports tmm NOT ready.
Oct 12 10:23:22 BIGIP-2 notice sod[28395]: 010c006c:5: proc stat: [0] pid:28459 comm:(tmm.0) state:S utime:93 stime:103 cutime:1 cstime:10 starttime:7709594 vsize:6928031744 rss:18225 wchan:18446744073709551615 blkio_ticks:9 [-1] pid:1887 comm:(tmm.0) state:S utime:158666 stime:34358 cutime:0 cstime:13 starttime:85235 vsize:6932230144 rss:19317 wchan:18446744073709551615 blkio_ticks:7 [-2] pid:1887 comm:(tmm.0) state:S utime:158655 stime:34355 cutime:0 cstime:13 starttime:85235 vsize:6932230144 rss:19317 wchan:18446744073709551615 blkio_ticks:7 .
Oct 12 10:23:24 BIGIP-2 notice sod[28395]: 01140030:5: HA proc_running tmm is now responding.
...
Oct 12 10:23:31 BIGIP-2 notice sod[28395]: 01140044:5: HA reports tmm ready.
Oct 12 10:23:31 BIGIP-2 notice sod[28395]: 010c0049:5: Tmm ready - links up.
Oct 12 10:23:34 BIGIP-2 notice sod[28395]: 010c006c:5: proc stat: [0] pid:27987 comm:(bigd) state:S utime:6 stime:2 cutime:13 cstime:5 starttime:7709247 vsize:47583232 rss:6415 wchan:18446744071579502277 blkio_ticks:1 [-1] pid:3648 comm:(bigd) state:S utime:1920 stime:604 cutime:12 cstime:10 starttime:176428 vsize:50548736 rss:6472 wchan:18446744071581059260 blkio_ticks:15 [-2] pid:3648 comm:(bigd) state:S utime:1920 stime:604 cutime:12 cstime:10 starttime:176428 vsize:50548736 rss:6472 wchan:18446744071581059260 blkio_ticks:15 .

The log will appear when the process goes away, and when it comes back.

Impact:
None. This log on itself only provides a notification that SOD detected a process going away. The rest of the logs relevant to the process that went away should give more information of what went wrong.

Recommended Action:
None.


010c006d : %s.

Location:
/var/log/ltm

Conditions:
Reports information about the system. It can change from release to release because it is a complete free-form log, and has no rules of what information it can convey.

Some examples are:
"Leaving Offline for Active for dbvar not redundant (tmm ready)"
"Leaving Offline for Standby for dbvar not redundant (tmm not ready)"
"Leaving Offline for Active for mate is active"
"Leaving Offline for Standby for dbvar is redundant"
"Leaving Standby for Offline for ha table offline_cond"
"Leaving Standby for Active for dbvar not redundant (tmm ready)"
"No peer active but stay put for longer."
"Leaving Standby for Active (best ha score)"
"Leaving Standby for Active (mate ha score)"

Impact:
None.

Recommended Action:
None.


010c006e : All devices in traffic group %s %s have a HA group

Location:
/var/log/ltm

Conditions:
Two different cases for this log message.
Case 1: 'All devices in traffic group %s now have a HA group'
This case indicates that HA group is configured correctly on all devices for a traffic group.

Case 2: 'All devices in traffic group %s should have a HA group'
This case indicates that HA group is not configured correctly on all devices for a traffic group.

Impact:
Case 1 is informational, indicating that HA group is configured correctly.

Case 2 is an error condition, indicating that the configuration of HA group is not configured correctly on one or more of the devices. HA group will not operate correctly for this traffic group.

Recommended Action:
Fix the configuration of the HA group in the traffic group on all devices for case 2 log message.


010c0077 : Listening for unicast failover packets on address %s port %d.

Location:
/var/log/ltm

Conditions:
This message indicates that SOD is listening on the specified address and port for unicast network failover packets. It is logged when SOD starts up and begins listening for failover packets. It is also logged when a new unicast failover address is configured while SOD is running.

Impact:
None.

Recommended Action:
None.


010c007e : Not receiving status updates from peer device %s (Disconnected).

Location:
/var/log/ltm

Conditions:
This message is logged on a peer device in the failover-sync group when it does not receive any network failover packets for the network timeout. This timeout defaults to 3 seconds.

Impact:
The device mentioned in the log message is marked as offline by the device logging the message, and is not eligible to be the next failover device.

Recommended Action:
The state of the device that was disconnected should be checked on the reported device. It could be a networking issue, a hardware issue, or an environmental issue.

Once the issue is corrected the device will start sending network failover packets and will be marked online again.


010c0083 : No failover status messages received for %s seconds, from device %s (%s).

Location:
/var/log/ltm

Conditions:
This log message occurs when the SOD process has not received a failover packet from a peer connection during the configured timeout interval.

Impact:
The log (level Warning) is generated after an expected failover packet is not received before the configured timeout interval. This indicates that the peer is no longer sending failover updates to the SOD process, possibly indicating that the peer has become busy or is offline.

Recommended Action:
Investigate the state of the peer connection.


010c0084 : Failover status message received after %s second gap, from device %s (%s).

Location:
/var/log/ltm

Conditions:
This log message occurs when the SOD process receives a failover packet from a peer connection that it marked as no longer sending failover updates.

Impact:
This log (level Warning) is generated by a peer, which is no longer sending failover packets to the SOD process during the expected timeout interval, that has resumed sending packets. The time between packets (in seconds) is displayed.

Recommended Action:
This message is informational.


010d0005 : Chassis fan %d: status (%d) is bad

Location:
/var/log/ltm

Conditions:
A sensor determined that the fan speed is zero (0) RPM, indicating the chassis fan is not rotating.

Impact:
One or more faulty fans reduces the cooling capacity of the system, which can result in overheating issues. This log entry triggers the alarm LED to turn red and display an alert on the LCD.

Recommended Action:
Check for obstructions blocking the fan blades. Replace the fan tray for the faulty fan.


010d0006 : Chassis power supply %d has experienced an issue. Status is as follows: %s

Location:
/var/log/ltm

Appears in GUI, console, and LCD.

Conditions:
A system power supply has failed.

Impact:
In a redundant power supply system, only one power supply will be operational.

Recommended Action:
Replace the failed power supply. If the message persists, file a support ticket.


010d0009 : %s: voltage (%d) is too high

Location:
/var/log/ltm

Conditions:
A voltage sensor reading exceeded the operational limits.

Impact:
Continued operation during these conditions can produce component failure or unexpected behavior. This log triggers a red LED alarm and displays an alert on the LCD.

Recommended Action:
Contact support for resolution.


010d0010 : %s: fan speed (%d) is too low

Location:
/var/log/ltm

Appears in GUI, console, and LCD.

Conditions:
A system fan failed to operate at the minimum speed.

Impact:
Depending on the failed fan, the system could power off if chassis or CPU temperatures exceed maximum operating temperatures.

Recommended Action:
Determine the failed fan by typing 'system_check -d' at the command line. File a support ticket to diagnose and resolve this hardware problem.


010d0017 : %s: milli-voltage (%d) is too low

Location:
/var/log/ltm

Appears in GUI, console, and LCD.

Conditions:
Loss of power, or input power is out of recommended range.

Impact:
If a loss of power caused the condition, power redundancy is compromised.
If a loss of power did not cause the condition, indeterminate behavior can result.

Recommended Action:
Verify power is applied to unit.
Verify that the power is the correct input range.
Replace PSU associated with the alarm.


010e0001 : Cannot communicate with MCPD server

Location:
/var/log/ltm

Conditions:
This can be a result of BIG-IP device being very busy. The SNMP agent is unable to communicate with MCPd and thus logs this message. This situation can recover if BIG-IP device becomes less busy. Internally the SNMP requests come into the agent via the MCPd daemon. Responses back to the requester traverse the path back by means of the MCPd as well.

Impact:
All user requests either by means of the cli or the access to SNMP agents will not be honored. The SNMP data will not be retrieved as the interface to the SNMP daemon is down.

Recommended Action:
As a last option, reboot the BIG-IP device.


010e0002 : Established new connection to MCPD server

Location:
/var/log/ltm

Conditions:
This message occurs when a connection or new connection is established with the MCPD server. This message is internal to our software and is only an informational message. MCPD is the master control process daemon which has a number of connections to other processes of which one is the snmpd. When it establishes a communication channel to the snmpd process this message is printed in the log.

Impact:
An internal informational message is logged each time the mcpd communication channel is established with the snmpd.

Recommended Action:
None.


010e0004 : MCPD query response exceeding %d seconds

Location:
/var/log/ltm

Conditions:
This error message occurs when the MCPd response time is very slow. The SNMP subagent is encountering long timeouts while communicating with MCPd. The system may be very busy.

Impact:
The SNMP request fails.

Recommended Action:
One can retry the request. Also, it is worth executing an unrelated tmsh command to see if the same slow response times are seen. Wait to see if it is temporary slowdown of MCPd. Stop any of the SNMP queries that are currently running. As a last option, restart the BIG-IP device.


01100002 : alertd is going down

Location:
/var/log/ltm

Conditions:
BIG-IP device is restarting, or just the alertd daemon is stopping or restarting.

Impact:
None, informational only.

Recommended Action:
None.


01100017 : Email action is failed for toaddress %s

Location:
/var/log/ltm
LCD
SNMP Trap

Conditions:
Email notification for system alert failed to be sent.

Impact:
No additional impact to the system.

Recommended Action:
Recommendation is to review SOL3667 at AskF5 where email notification configuration is described. Make sure there are valid "To" and "From" addresses configured.


01100042 : Failed with MCPD at: %s (%s)

Location:
/var/log/ltm

Conditions:
The alertd daemon has encountered an inter-process communication error with the mcpd daemon. When this happens, there is likely a problem with mcpd either being down or too busy.

Impact:
If the error is simply "Socket read", and non-repeating, it was likely a single case of congestion and should not have long-term impact.

Most of the other errors such as "Connect", "Subscribe", "MCP msg receive", "Socket/pipe select", "Socket error event", "syslog pipe error event", or "errdefs scoket error event" indicate a failure for the alertd daemon to initialize properly. In this situation, alert generation and their associated SNMP traps are likely to be inoperational.

Recommended Action:
Issue a 'bigstart status alertd mcpd' from the CLI. If either process is not in 'run' state, or if the associated log messages are persisting, try issuing a 'bigstart restart <alertd|mcpd>' depending on whether one is malfunctioning, or perhaps both.


01100043 : logcheck Notice: %s %d

Location:
/var/log/ltm

Conditions:
1. "Disconnect mcpd". alertd disconnects from mcpd when alertd is exiting, due to a restart or the BIG-IP system shutting down.
2. "Receive alert msg from diskmonitor". alertd received a message from the disk monitoring subsystem, leading to a check for log rotation.
3. "logrotate triggered by large log <name_of_log_file> of size <size> KB -"Available disk space is <size> KB". Occurs when logrotate is running to compress logs.

Impact:
None. This is not an error condition, but normal operation. logrotate runs periodically to compress logs.

Recommended Action:
None.


01100049 : logcheck Info: %s %d

Location:
/var/log/ltm

Conditions:
Informational messages that indicate DB variable values, free disk space in /var/log, and notifications that old compressed files are being deleted to free up space.

Impact:
Informational, but in some cases, might indicate a low amount of disk space free and deletion of the oldest compressed log archives in /var/log/ltm.

Recommended Action:
If message indicates deletion of old, compressed files, try deleting any unnecessary files that may be contributing to low amount of free disk space.


01110001 : Error running %s

Location:
This message will be generated in the LTM log.

Conditions:
These messages will only be generated when configuration is being synchronized between a pair of devices running a version of TMOS prior to 11.0. In 11.0, a new synchronization system was introduced and this message is longer be generated.

Impact:
The sync request fails, and the other device still has the configuration prior to 11.0.

Recommended Action:
Determine why the sync failed. Disk usage on the local or peer device might be a factor, as well as differences in the base configuration on the peer device, which can cause validation errors. Those errors will be found in the peer device's logs.


01140029 : HA %s %s fails action is %s

Location:
/var/log/ltm

Conditions:
This message occurs when a component detects an HA failure condition, and requests the system to take corrective action.

The first field is the feature type, and the second field is the component name. The list of configured HA features is available through the 'show sys ha-status' command.

Impact:
The impact depends upon what corrective action is configured for the specified component.

Recommended Action:
Correct the issue that caused the component to fail.


01140030 : HA %s %s is now responding

Location:
/var/log/ltm

Conditions:
An HA error condition no longer exists for the specified feature.

Impact:
The system may be able to exit the failure condition required by the HA error condition.

Recommended Action:
None.


01140043 : Ha feature %s reboot requested

Location:
/var/log/ltm

Conditions:
This message is issued when an HA system detects that a reboot should be performed. The most common occurrences are during administrator-requested reboots or a change of boot location:

Ha feature reboot_request_t reboot requested.
Ha feature software_update reboot requested.

Other components may be administratively configured to cause a reboot on failure.

Impact:
The device reboots.

Recommended Action:
If the reboot was unintentional, identify the failing component indicated by the 'feature', and other preceding log message that references this 'feature', and determine why that component failed. If a reboot is not an appropriate action for that component failure, reconfigure it for a different action.


01140044 : HA reports tmm ready

Location:
/var/log/ltm

Conditions:
The TMM is ready to process traffic.

Impact:
It's not an error.

Recommended Action:
None.


01140045 : HA reports tmm NOT ready

Location:
/var/log/ltm

Conditions:
It occurs any time that the tmm starts (or restarts), during the period from startup until when the TMM completes initialization.

Impact:
No traffic is processed until the TMM is ready.

Recommended Action:
Wait for the TMM to become ready.


01140100 : Overdog daemon startup

Location:
/var/log/ltm

Conditions:
The system is starting up and the HA watchdog is now active.

Impact:
The system will now respond to HA error conditions.

Recommended Action:
None.


01140101 : Overdog daemon shutdown

Location:
/var/log/ltm

Conditions:
The system watchdog daemon (overdog) has been shut down, typically because the system is shutting down or rebooting.

Impact:
Watchdog monitoring is no longer active.

Recommended Action:
Wait for the system to finish shutting down.


01140102 : Overdog daemon requests reboot

Location:
/var/log/ltm

Conditions:
The overdog daemon has detected that a subsystem has requested an HA action of "reboot", and is initiating the operation.

Impact:
The system will reboot.

Recommended Action:
None.


01140103 : Watchdog touch enabled with %d seconds

Location:
/var/log/ltm

Conditions:
This message is issued when the system watchdog process (overdog) initiates the hardware watchdog feature.

Impact:
If the system becomes non-responsive, it will automatically reboot.

Recommended Action:
None.


01140104 : Watchdog touch disabled

Location:
/var/log/ltm

Conditions:
This message is issued when the hardware watchdog process (overdog) disarms the hardware watchdog and stops periodic updates. This occurs automatically when the system is already rebooting, or when the administrator disables the hardware watchdog by setting the watchdog.state DB variable to "disable".

Impact:
The hardware watchdog will not automatically reboot the system.

Recommended Action:
Enable the watchdog function by setting the watchdog.state DB variable to "enable".


01140106 : Overdog daemon calling bigstart restart

Location:
/var/log/ltm
console

Conditions:
An HA Table failover action that specifies 'restart-all' has been triggered.

Impact:
All traffic groups will fail over to a peer device, and all local services are restarted.

Recommended Action:
None.


01150216 : Notice from %s: %s

Location:
/var/log/gtm

Conditions:
This is a generic logging message for the daemon "named" that occurs when the daemon checks if the current config file or current zone file is valid, and encounters an unknown error.

Impact:
Any recent changes to the named or zone file configuration will not take effect.

Recommended Action:
Use any information presented in the message to determine what action, if any, is required. This message could indicate an error in the named config or zone files, located in the directory "/var/named/config".


01160004 : LACPD reporting error conditions

Location:
/var/log/ltm

Conditions:
LACPD system encountered an unexpected I/O error when communicating with configuration delivery system (MCPD).

Impact:
No link aggregation functionality.

Recommended Action:
Inspect the /var/log/ltm file for additional errors and warnings and try to correlate the LACPD messaging error with MCPD errors.


01160009 : LACPD reporting a link being added to aggregation

Location:
/var/log/ltm

Conditions:
A link was added to aggregation.

Impact:
The user configuration changed to add a new port to the LACP trunk. This message is informational only.

Recommended Action:
None.


01160010 : LACPD reporting a link being removed from aggregation

Location:
/var/log/ltm

Conditions:
A link was removed from aggregation.

Impact:
The user configuration changed to remove the port from the LACP trunk. This message is informational only.

Recommended Action:
None.


01160011 : LACPD reporting a churn condition

Location:
/var/log/ltm

Conditions:
LACP detects an operable port, but the Actor has not attached the link to an Aggregator and brought the link into operation within a bound time period. Continued failure to reach agreement can be symptomatic of device failure.

Impact:
The churn condition is informational.

Recommended Action:
Inspect the /var/log/ltm file for additional LACP errors and warnings.
Inspect the LACP configuration of the devices.


01160012 : LACPD reporting a churn condition

Location:
/var/log/ltm

Conditions:
LACP detects an operable port, but the Partner has not attached the link to an Aggregator and brought the link into operation within a bound time period. Continued failure to reach agreement can be symptomatic of device failure.

Impact:
The churn condition is informational.

Recommended Action:
Inspect the /var/log/ltm file for additional LACP errors and warnings.
Inspect the LACP configuration of the devices.


01160016 : LACP reporting an internal condition as informational message

Location:
/var/log/ltm

Conditions:
Internal LACP system has encountered an unexpected condition. Conditions can vary and be caused by but not limited to:
- Linux socket errors, which may be temporary in nature
- Device misconfiguration

Impact:
Varies considerably with specific message. It may indicate a configuration error somewhere else in the system.

Recommended Action:
Inspect the /var/log/ltm file for additional errors and warnings and try to correlate the LACP messaging with another system that may be misconfigured or malfunctioning.


01160024 : %s

Location:
/var/log/ltm

Conditions:
Sample messages: warning: no receive on 0.1 for 15s (timeout=30s)
                 warning: no receive on 4.3 for 30s (timeout=60s)

This warns when the timeout reaches the halfway point for early diagnosis of potential LACPd issues when monitoring customer trunks.

Impact:
None.

Recommended Action:
Check /var/log/ltm to see if there are any other log messages that can explain lacpd issues.
Investigate lacpd statistics.


01180010 : [license processing][error]: %s

Location:
/var/log/ltm

The contents of /var/log/ltm can be viewed in the GUI under System > Logs > Local Traffic.

Conditions:
This group of messages includes messages that are generated internally by the license parsing code. They include three general cases:
1) The license file contains errors
2) The parsing code contains errors
3) mcpd's license load/validation code contains errors

The probable cause for this message is an error in copying the license file, for example, introduced during a manual license installation.

Impact:
The BIG-IP system does not function until it can successfully parse and evaluate the installed license file.

Recommended Action:
Re-license the box. If re-licensing does not solve the problem, contact F5 Support.


011b0203 : Error '%s' opening file %s

Location:
/var/log/ltm

Conditions:
This error indicates that the merge daemon, merged, or statistics daemon, statsd, failed to open a file to read. This error identifies the file that failed to open. For example, the message "Error 'No such file or directory' opening file /sys/block/sda/stat" could mean that a drive is defined by the operating system, but the statistics are not yet available, or are no longer available. This error could happen on disk failure.

Impact:
Statistics for the disk are not available when the file is /sys/block/sda/stat. For files in /var/rrd, historical statistics are not be available.

Recommended Action:
No known workaround is available for /sys/block/sda/stat. Rebooting or replacing the failed drive might make statistics available for a failed drive. For /var/rrd, ensure that the directory exists, and is writable and executable. Ensure that the info files in /var/rrd are readable, and that the data files are readable and writable.


011b020b : Error '%s' scanning buffer '%s' from file '%s'

Location:
/var/log/ltm

Conditions:
A round-robin database (RRD) info file is not valid. At the end of the file, there should be a checksum hash on a line that begins "#CRC " followed by a number. This line was not found.

Impact:
The RRD files store historical statistics. The invalid info file prevents certain historical statistics from being read and updated. This affects specific reporting of these statistics like TMSH show commands and TMUI statistics views.

Recommended Action:
Remove or move away the invalid info file and restart statsd. You may need to remove or move away the corresponding data file with the same prefix.


011b0309 : %s %s %s

Location:
/var/log/ltm

Conditions:
This error is reported when statsd or merged gets an error from mcpd. The most common example is "tmstat_sample not ready". This message typically happens on startup when statsd requests data from mcpd but merged has not yet merged any data. This message can also occur if there is an error with the /var/tmstat/cluster directory.

Impact:
Statsd will not be able to collect historical statistics, so they will not be available to tmsh show commands and tmui views.

Recommended Action:
If the message only occurs on startup, then it can be safely ignored. Otherwise, verify /var/tmstat/cluster exists and has permissions for merged.


011b032e : Graph '%s' is not supported, possibly because it is not licensed, or a license has expired

Location:
/var/log/ltm

Conditions:
This message generated by the statsd daemon. The daemon provides services related to statistical data.

It is possible that the license has expired or that the particular graph is not licensed. A user action is required to update the license, so that graph creation is permitted.

Impact:
The Graph is not created and the message is logged.

Recommended Action:
Either update the license or call F5 support to acquire the needed license. A "tmsh install sys license" command will install the license.


011b0600 : Error '%s' during rrd_update for rrd file '%s'

Location:
/var/log/ltm

Conditions:
An attempt to update a round-robin database (RRD) file for historical statistics failed. This error typically means that the data file is corrupt. This error can also be caused by problems with the /var/rrd directory, such as the directory is missing or does not have write and execute permissions.

Impact:
The specific historical statistics are not updated so they are no longer reliable. If the data file is corrupt, this error can also affect reading the old historical statistics, so that statistics reports like TMSH show command or TMUI statistics views might not properly report the specific statistics.

Recommended Action:
Verify that the /var/rrd directory exists, and has write and execute permission. If the directory exists with write and execute permission, remove the specific data files, and then restart statsd to recreate the file.


011b0826 : Cluster collection start error.Exitting

Location:
/var/log/ltm

Conditions:
The statsd daemon failed to read the /config/statsd.conf file, and configure itself to collect historical statistics. This condition might be caused by this file being invalid or a problem with permissions to read the file. It might also be a problem with system resource exhaustion, where file descriptors or memory are not available.

Impact:
No historical statistics will be collected. This issue occurs in all statistics reports that include historical statistics, such as various TMSH show commands and TMUI statistics views.

Recommended Action:
Verify that the /config/statsd.conf file has read permissions and that the file exists. Verify that the file format is valid using the -p (dash p) option of /usr/bin/statsd. Verify that adequate system resources are available. After fixing the problem, restart statsd by using the command "bigstart restart statsd".


011b0900 : TMSTAT error %s: %s

Location:
/var/log/ltm

Conditions:
This error means that the merge daemon, merged, or statistics daemon, statsd, failed to query statistics. This generic error reports a range of underlying causes for the failed query. For example, the error "TMSTAT error max disk stat: read failed." can mean that a drive is defined by the operating system, but that the statistics are not yet available, or are no longer available. This can happen on disk failure. Another example is the error "TMSTAT error tmstat_query cpu_info_table: Cannot allocate memory", which can mean that merged has run out of memory.

Impact:
Statistics for a disk are not available when the error "max disk stat" occurs. For other errors, the message details indicate the statistics that are not available. For example, "cpu_info_table" indicates that the CPU usage statistics have failed.

Recommended Action:
There is no known workaround for a "max disk stat" message. Rebooting or replacing the drive might cause the operating system to make statistics available for a failed drive. For a "Cannot allocate memory" message, restarting merged might make statistics available.


011b090c : tmstat_query_rollup on table %s called

Location:
/var/log/ltm

Conditions:
If debug log is turned on for statsd, then when a stats table roll up is done, typically every 30 seconds, a log message is generated indicating which table roll up is being done.

Impact:
Lots of log messages with the log level set to Debug.

Recommended Action:
Turn off the debug log level to something like informational.


011b090e : getTMValueUNKeyed start

Location:
/var/log/ltm

Conditions:
One is trying to get a statistics value from a table that does not have a key column or the key column is ignored, for example, for a roll up query.

Impact:
No impact. This log message is informational and not an error. A roll-up query is a valid type of query where keys are not specified and data from several tables is summarized.

Recommended Action:
None.


011b0999 : %s: %s

Location:
/var/ltm/log

Conditions:
This message generated by statsd. The daemon provides services related to statistical data.
These are debug logs that can only be turned on thru tmsh.

Impact:
The /var/log/ltm file starts filling up if debug is not turned off. The system does not have this enabled by default.

Recommended Action:
Change the setting through a tmsh command. For example, it can be changed to info or warn as shown below.

tmsh modify sys db log.statsd.level value info
OR
tmsh modify sys db log.statsd.level value warn
OR
tmsh modify sys db log.statsd.level value warning


011d0002 : No diskmonitor entries in database

Location:
/var/log/ltm

Conditions:
MCP is down, or the database is unavailable.

Impact:
The diskmonitor script will not run.

Recommended Action:
Check 'bigstart singlestatus mcpd' and verify it is in 'run'. If not, try rebooting the box. If the problem persists a support ticket should be filed.


011d0004 : Disk partition %s has only %d free

Location:
/var/log/ltm

Conditions:
When the BIG-IP file systems become full, the diskmonitor utility generates warning messages and traps. The diskmonitor utility script runs periodically on the BIG-IP system, alerting you if the partition space or volumes reach a defined threshold.

Impact:
- Upgrades or hotfix installations might fail to proceed.
- Daemon log messages might appear similar to the following examples:
    Couldn't write to <file> / <partition>
    Failed to open file
- System performance can degrade, for example, slow or failed disk writes can occur.

Recommended Action:
Please, refer to https://support.f5.com/kb/en-us/solutions/public/14000/400/sol14403.html for possible actions.


011e0001 : Limiting %s from %d to %d packets/sec for traffic-group %s

Location:
/var/log/ltm

Conditions:
The BIG-IP device throttles the rate of response messages that it sends in certain situations. It is a part of the DoS mechanism. This log information is generated when the BIG-IP device stops throttling the bandwidth for a class of response messages. Depending on the beginning of the log message, it indicates:
- "icmp unreach response" - throttling of ICMP unreachable responses.
- "icmp ping response" - protection from ping floods.
- "icmp tstamp response" - throttling of ICMP response timestamp responses.
- "closed port RST response" - throttling of TCP unreachable messages (no listener).
- "open port RST response" - throttling of responses about aborted TCP connections.
- "unreachable response" - a generic throttle for other kinds of messages, it also covers the specific case of IP reject.

Impact:
It is an information message. The BIG-IP device stopped throttling traffic that likely was generated by a DoS attack.

Recommended Action:
None.


011e0002 : %s: Aggressive mode %s %s (%llx) (%s %s). (%u/%u %s)

Location:
/var/log/ltm

Conditions:
1. db variable log.sweeper.activation.enabled is enabled.
2. The sweeper aggressive mode is activated or deactivated.

The BIG-IP device, or virtual server on BIG-IP sweeper, enters or leaves the aggressive mode and starts or stops to kill connections, reflecting the connflow load change on the BIG-IP device.

BIGIP aggressive mode is activated or deactivated, reflecting the traffic load change on BIG-IP device or the affected virtual server. If it is activated, it indicates that the BIG-IP device is overloaded by connflows in the related virtual server. If it is deactivated, it indicates that the load of connflows is reduced to normal level.

Note that if the db variable is disabled, the log will not show up.

Impact:
It is an informational message only.

Recommended Action:
The message is informational and as designed.
Reducing traffic to the BIG-IP device might prevent this message from appearing.
Turn off the db variable to turn off the log if the log is the only concern.


011e0003 : Aggressive mode sweeper: %s (%llx) (%s %s) %d Connections killed

Location:
/var/log/ltm

Conditions:
1. db variable log.sweeper.activation.enabled is enabled.
2. At least one connection is killed by sweeper due to connflow overloaded on impacted BIG-IP device or the virtual server.

Note if the db variable is disabled, the log will not show up but the connection will still be killed.

Impact:
Connection gets killed by BIG-IP sweeper.

Recommended Action:
The connection gets killed by design. It might suggest that the impacted BIG-IP device or the impacted virtual server is overloaded.

Here are the options to avoid this:
1. Reduce the traffic load to BIG-IP device or affected virtual server.
2. Change eviction policy or adjust the policy parameter of the impacted virtual server.
3. Turn off the db variable to turn off the log, if the log is the only concern.


011f0001 : %s: Bad chunk state %d

Location:
/var/log/ltm

Conditions:
This error occurs due to an invalid or non-compliant HTTP chunking format, while parsing a chunked HTTP response and attempting to retrieve the chunk size. Possible conditions that trigger this error include a malformed HTTP response from the back-end web server, or a faulty LTM virtual server iRule that affects the HTTP response.

Impact:
When this error occurs, the TMM gracefully aborts (resets) the active HTTP connection with the malformed chunked response.

Recommended Action:
A workaround involves either a detailed server-side logging (on the back-end server) to track possible malformed HTTP chunked responses, or the addition of minimal instrumentation logs to the iRules that are potentially altering the HTTP response.


011f0005 : HTTP header (%d) exceeded maximum allowed size of %d

Location:
/var/log/ltm

Conditions:
HTTP headers have a configurable size limit. The request or response includes headers that are too large. The size of headers (in bytes) exceeds the limit configured in the http profile.

Impact:
The connection will be dropped.

Recommended Action:
The size limit for http headers can be modified in the http profile.


011f0007 : %s - Invalid action:0x%x %s (%C) %s (%C)

Location:
/var/log/ltm

Conditions:
This error describes the state of the HTTP filter, and the attempted action. The IP address of the client and server (if available) are shown.

The HTTP Filter encountered an unexpected situation, for example:
- Internal Errors.
- Complex unexpected interactions between filters.
- Complex IRule interactions.
- HA desynchronization.
- RFC violations

Impact:
The connection will be dropped.

Recommended Action:
A TCP Dump might be required in order to determine the exact sequence of events required to trigger the issue. Typically, this error is triggered by an unusual situation not covered by other error messages.


011f0008 : %s - Invalid state transition to %s

Location:
/var/log/ltm

Conditions:
A faulty iRule typically triggers this error, interfering with the normal flow of events in the TMM connection flow. For example, this error can occur when forcibly closing an HTTP connection while redirecting, all within an iRule handling the HTTP request event.

Impact:
This error can result in a range of conditions: from receiving a simple, benign notification to resetting (or aborting) the active connection, depending on how the iRule handles the related connection flow events.

Recommended Action:
When this error occurs, it indicates that an iRule attempts to alter the traffic flow on a virtual server in an unexpected way. The cause can be determined with additional logging in the iRule, and examination of the invalid state transition that is logged by the error.


011f0011 : HTTP header count exceeded maximum allowed count of %d

Location:
/var/log/ltm

Conditions:
The request or response has headers that are too large. The number of headers exceeds the limit configured in the http profile.

Impact:
The connection will be dropped.

Recommended Action:
The limit for the number of http headers can be modified in the http profile. Note that increasing this limit will increase the total amount of TMM memory that can be taken by a http connection.


01200009 : Packet rejected remote IP %*A port %d local IP %*A port %d proto %s: Connection limit exceeded.

Location:
/var/log/ltm

Conditions:
The connection has been rejected because the per-virtual connection limit has been reached.

Impact:
New connections will not be established until the open connection count falls below the limit.

Recommended Action:
None.


01200012 : Warning, connections equals limit %K, proto %s, VS %s: Connection limit reached

Location:
/var/log/ltm

Conditions:
The connection limit for the virtual address/node address/snat address has been reached. In a single tmm system, it is the total connection limit for that tmm. In a cmp system, the tmm's connection limit is determined by the conn_limit/number of active blades. If it does not divide evenly, then the remainder is distributed among the members of low pg number blades.

The connection limit can be set by modifying "connection-limit" for an ltm virtual-address, virtual, snat-translation, node, or pool members. A value of 0 indicates no limit.

Impact:
Any future connection to this tmm for the particular address will result in it being rejected by the tmm.

Recommended Action:
Adjust the connection-limit as appropriate.


01220001 : TCL error: %s

Location:
/var/log/tmm

This error appears in both GUI and console. The exact error message is in the printout.

Conditions:
An error occurred during iRule execution. The exact error message is in the printout.

Impact:
If the error occurred on a connection, the connection can become terminated.

Recommended Action:
To repress the error, use a catch command to prevent the error pass up.


01220002 : Rule %s: %s

Location:
/var/log/ltm

Conditions:
This error is present in the log when one of the following conditions occurs:
1. The iRule code includes a log statement which does not use any of the component, facility, and priority options.
   For example, the statement looks like:

   <some code>
   ...
   log "this is a log message without facility and priority"

2. There an error occurred during TCL compilation of the script.
   In this case, the message will include details of the error generated by the compiler
   and will be of the form "Rule <rule name> compilation failed: <compiler error here>"

Impact:
In the first case, normal log messages appear in the log with this code.

In the second case, the iRule will need to be modified to correct the error.

Recommended Action:
For the first case, it is recommended that the usage of the log command be changed to include facility and priority. For example, change the statement below:
   log "this is a log message without facility and priority"
to
   log local0.info "this is an info level log message"

For the second case, resolution is highly dependent on the error generated, but will most likely require modification
of the iRule source.


01220007 : No pending rule event found for %K

Location:
/var/log/ltm

Conditions:
This message indicates that upon resumption of iRule execution,
after a suspending operation has been executed (for example executing [table lookup key]),
the state of the flow is not as expected and is no longer in a suspending state.

A possible scenario involves an iRule that performs a side band connection as part of its logic, and has the connection reset by the peer while waiting for a response. For example, perform DNS resolution, or obtain some information from a server using HTTP request, and
wait for the answer.
When the suspending operation is completed, the flow cannot resume normal operation.

This condition should rarely be present during normal operation.

Impact:
If the flow was externally affected (terminated), it is likely not in service, so no impact is caused to traffic associated with the flow.
If the flow was not terminated, it is possible traffic associated with the flow may be impacted.

Recommended Action:
Ensure network conditions around the BIG-IP device does not contribute to this issue.

It is possible to forcibly terminate the flow if it still exists (for long held connections) by issuing the following command:
tmsh del sys conn cs-client-addr a.a.a.a cs-server-addr s.s.s.s cs-server-port p


01220009 : Pending rule %s aborted for %K

Location:
/var/log/ltm

Conditions:
This is an information message, issued when one of the following event occurs:

A connection is torn down or aborted, where the connection has an iRule
   currently executing a suspending command (eg. [table lookup key])

Impact:
This is an information message only.

Recommended Action:
None.


01230002 : Interface %d.%d: link is down

Location:
/var/log/ltm

Not on console or in GUI

Conditions:
This message is logged when internal interfaces used to communicate with F5 internal high speed bridges transition from up to down in tmm and report to the master control process (mcp). This is not a spontaneous link failure, but a controlled action, when the tmm process is exiting.
This is an informational log on an internal link status.

This message will appear once for every internal interface when the tmm processes restart. The user can verify that the interface comes back up with the following command:
tmsh show net interface <interface_number> -hidden

At this time, there is not a corresponding message when the interface comes back up.

Impact:
None, this is informational

Recommended Action:
None.


01230140 : RST sent from %A:%d to %A:%d, %s

Location:
/var/log/ltm

Conditions:
This message is logged only when the db variable tm.rstcause.log is set to TRUE.
This message includes the source address and port, destination address and port, and a description, if available. For example, "RST sent from 1.2.3.4:80 to 5.6.7.8:56789, No flow found for ACK".

Impact:
When the db variable tm.rstcause.log is enabled, performance might be affected.

Recommended Action:
This db variable tm.rstcause.log is off by default. To turn off these messages, set the db variable tm.rstcause.log to disabled (tmsh modify sys db tm.rstcause.log value disabled).


01260000 : Profile %s: %s

Location:
/var/log/ltm

Conditions:
This message occurs in the following cases:
* Cannot load a required file (key, certificate, CRL, CA)
* Forward Proxy is enabled, but not licensed
* The supplied cipher string resulted in no ciphers
* Problems with a FIPS key
* Invalid OCSP configuration.

Impact:
Any virtual server reporting this SSL configuration will not work as expected.

Recommended Action:
The message contains details about which error occurred. Use those details to determine a course of action. For example, if the detail is `could not load key file' determine which file it cannot load and why.


01260006 : Peer cert verify error: %s (depth %d; cert %s)

Location:
/var/log/ltm

Conditions:
The peer certificate failed to validate for any number of reasons (invalid certificate, out of date, and so on).

Impact:
The SSL handshake will be aborted.

Recommended Action:
The CA file might need to be updated. More likely, the peer certificate is simply invalid. This is mostly informative.


01260008 : SSL transaction (TPS) rate limit reached

Location:
/var/log/ltm

Conditions:
The SSL license has a limited number of transactions per second, and the incoming rate exceeds this.

Impact:
Any transactions exceeding the licensed limit will be aborted.

Recommended Action:
This is mostly informational, though an, `unlimited,' license is available.


01260009 : Connection error: %s:%d: %s (%d)

Location:
/var/log/ltm

Conditions:
* Various internal errors (unexpected states)
* An attempt to initiate a handshake while a handshake is in progress
* Anytime an SSL alert is sent

Impact:
This is informative and should have no effect on an existing connection.

Recommended Action:
Informative only. No workaround.


01260010 : FIPS acceleration device failure: %s

Location:
/var/log/ltm

Conditions:
The internal FIPS card is not responding correctly to requests. This is a hardware error.

Impact:
Performance degradation to performance cessation.

Recommended Action:
There is no workaround for this issue.


01260012 : Self-initiated renegotiation attempted while renegotiation disabled: %s

Location:
/var/log/ltm

Conditions:
An SSL client or server requests renegotiation when the corresponding SSL profile has renegotiation disabled.

Impact:
Renegotiation will not happen.

Recommended Action:
Enable `renegotiation' is the associated profile.


01260013 : SSL Handshake failed for <PROTOCOL> <SRC> -> <DST>

Location:
/var/log/ltm

Conditions:
The connection is closed before the SSL handshake completes.

Impact:
This is informative only. The peer closed the connection during an SSL handshake.

Recommended Action:
Informative only.


01260014 : Cipher %x:%x negotiated is not configured in profile %s

Location:
/var/log/ltm

Conditions:
Proxy-ssl is configured on the virtual server, passthru is not enabled, and the cipher negotiated by the client and server is not supported in the SSL profile.
Note: This message is deprecated. The new message is, ``Cipher %x:%x negotiated is not supported by Proxy SSL configured in virtual server %s''.

Impact:
The connection will not be allowed.

Recommended Action:
Add the necessary ciphers to the SSL profiles, or reconfigure the SSL server to only negotiate ciphers allowed by the profiles.


01260014 : Cipher %x:%x negotiated is not configured in profile %s

Location:
/var/log/ltm

Conditions:

Impact:
The connection will not be allowed.

Recommended Action:
Add the necessary ciphers to the SSL profiles, or reconfigure the SSL server to only negotiate ciphers allowed by the profiles.


01260015 : Certificate supplied by server (subject CN: %s) was not configured on virtual: %s

Location:
/var/log/ltm

Conditions:
Proxy SSL is configured and the certificate from the SSL server does not exist in any profiles attached to the virtual.

Impact:
An alert will be sent closing the connection.

Recommended Action:
Add the SSL server's certificate to a profile connected with the virtual.


01260017 : Connection attempt to insecure SSL server (see RFC5746) aborted: %A:%d

Location:
/var/log/ltm

Conditions:
Strict renegotiation is enabled on a server-ssl profile, and the SSL server is not capable of secure renegotiation.

Impact:
The connection to the SSL server will be aborted.

Recommended Action:
Only use SSL servers that support secure renegotiation.


01260018 : Connection attempt to insecure SSL server (see RFC5746): %A:%d

Location:
/var/log/ltm

Conditions:
An SSL server does not support secure renegotiation (defined by RFC 5746).

Impact:
This is informational only.

Recommended Action:
None.


01260025 : Cipher %x:%x negotiated is not supported by Proxy SSL configured in virtual server %s

Location:
/var/log/ltm

Conditions:
Proxy-ssl is configured on the virtual server, passthru is not enabled, and the cipher negotiated by the client and server is not supported in the SSL profile.

Impact:
The connection will not be allowed.

Recommended Action:
Add the necessary ciphers to the SSL profiles, or reconfigure the SSL server to only negotiate ciphers allowed by the profiles.


01280045 : SAMPLE: stpd - Debug: Connected to BCM56XXD4 = 1

Location:
/var/log/ltm

Conditions:
STPD is running and debug logging is enabled.

Impact:
No impact - debug messages are to aid developers.

Recommended Action:
None.


01290003 : HALMSG reporting error conditions

Location:
/var/log/ltm

Conditions:
Various logs associated with errors encountered by the hardware abstraction layer (HAL) when using the inter daemon messaging interface during startup or normal operation.
Some typical examples are:
    "HalmsgTerminalImpl_::sendMessage() Can't create HalmsgConnection_"
    "HalmsgTerminalImpl_::sendMessage() Unable to send to any %s address", str

Impact:
The HAL messaging service might not create or maintain a connection between affected daemons, for transferring messages between registered HAL messaging component end points.

Recommended Action:
The specific log indicates if the error relates to system instability, where relevant daemons might not be running or responding. If the issue persists across daemon or system restarts, file a support ticket with more specific information, as indicated in the relevant log message.


012a0002 : "LIBHAL reporting critical conditions"

Location:
/var/log/ltm

Conditions:
Various critical logs associated with errors encountered by the hardware abstraction layer (HAL) daemon during startup or normal operation.
Typical examples include:
   "platform_detect: no recognized platform detected."
   "critical platform initialize failure. exiting..."
   "hal_get_dossier: space allocation error"
   "Error creating interface_bundle = %x",err
   "SSD (%s) at bay %d shelf %s: current available space (%d%%) has reached its threshold (%d%%)",...

Impact:
The HAL daemon might not be able to correctly identify the platform or publish the hardware abstraction configuration at startup, or has encountered a critical failure during normal operation.

Recommended Action:
The specific log will indicate if the error relates to platform-specific issues, or system instability. If the issue persists across daemon/system restarts, a support ticket should be filed.


012a0003 : LIBHAL reporting error conditions

Location:
/var/log/ltm

Conditions:
Various error level logs, associated with errors, were encountered by the hardware abstraction layer (HAL) daemon during startup or normal operation.
Some typical examples are:
    "DossierReq exception: %s", str
    "StorageReadReq failure error = %s", str
    "Unable to attach to LCD: %s", str
    "HAL unsupported platform : %s", str

Impact:
The HAL daemon might not be able to correctly identify the platform or publish the hardware abstraction configuration at startup, or has encountered a critical failure during normal operation.

Recommended Action:
The specific log indicates if the error relates to platform specific issues, or system instability. If the issue persists across daemon or system restarts, file a support ticket with more specific information as indicated in the relevant log message.


012a0004 : LIBHAL reporting warning conditions

Location:
HAL daemon (chmand) warning logs reported in /var/log/ltm

Conditions:
Various warning logs associated with problems or anomalies encountered by the hardware abstraction layer (HAL) daemon during startup or normal operation.
Typical examples include:
   "hal_stop_chman: sendMessage failed"
   "AomSelLogger: unable to process SEL logs"
   "halAnnunciatorSet: sendMessage failed"
   "halGetInterfaceOwner: sendMessage failed"
   "halGetSystemSerialId: sendMessage failed",...

Impact:
The HAL daemon may not be able to correctly identify the platform or publish the hardware abstraction configuration at startup, or has encountered a problem during normal operation.

Recommended Action:
The specific log will indicate if the error relates to platform specific issues, or system instability. If the issue persists across daemon/system restarts and causes problems in system operation, a support ticket should be filed.


012a0005 : LIBHAL reporting normal but significant condition

Location:
/var/log/ltm

Conditions:
An event associated with the hardware platform monitoring code has been observed and highlighted as important information. The events can range from state changes in the system to unexpected events that might indicate an error. Some examples are: platform firmware version checks, delays or timeouts when taking actions, and processes starting or stopping.

Impact:
Impact might be very context specific. In most cases, the message itself should indicate whether it is an unexpected event, state change, or important information.

Recommended Action:
If the message indicates a state change, review whether it was expected based upon any changes that were made at that time to the system. If the message indicates an error, look for additional errors of higher or similar severity at the same time that would provide greater clarity to the problem.


012a0006 : LIBHAL reporting informational

Location:
/var/log/ltm

Conditions:
An informational event associated with the hardware platform monitoring code has been observed and reported. It is used widely for indicating chassis and blade status related to disk media and sensor monitoring.

Impact:
The messages are for informational purposes only.

Recommended Action:
There are no workarounds or actions required based on these log messages.


012a0007 : LIBHAL reporting debug-level messages

Location:
/var/log/ltm

Conditions:
These only occur when someone has manually configured the 'log.libhal.level' DB variable to 'Debug'.

Impact:
No impact, these are only intended to be used by F5 development and support for additional diagnostics.

Recommended Action:
Recommend setting log.libhal.level DB variable back to default value of 'Notice'.

modify sys db log.libhal.level value Notice


012a0013 : Blade %d hardware sensor critical alarm: %s

Location:
/var/log/ltm

Conditions:
A hardware sensor reported a potentially critical condition, depending on context.
For example:
- An excessively high temperature reading
- An excessively high or excessively low voltage reading
- Loss of power to a power supply

Impact:
Evaluate this error message in context to determine whether a critical, transitory, or expected condition applies.
- If the error occurs once, it might indicate a transient communication error in the sensor-monitoring subsystem, and not an actual hardware failure or critical environmental condition.
- If the error occurs due to an external event (for example, disconnected external power from a power supply during a maintenance procedure), the message confirms the result of the external action, and no further action is required.
- If the error occurs repeatedly, without the apparent result of a known external event, perform additional diagnosis to identify the faulty hardware or environmental condition causing the critical sensor report.

Recommended Action:
1. If the reported condition appears to be caused by a known external event, no further action is required.
2. If the error occurs only once, examine the logs for entries indicating a transitory communication error (for example, a related daemon restarting). If no obvious explanation is found, perform an EUD during the next available maintenance window. Continue to monitor the system unless additional messages occur.
3. If the error continues with no obvious external cause, perform an EUD as soon as feasible. Evaluate applicable external contributing factors. Consider an RMA for the affected component.


012a0016 : Blade %d hardware sensor notice: %s

Location:
/var/log/ltm and LCD if connected

Conditions:
One of the hardware sensors has indicated the presence or absence of a notable condition.
Examples: Temperature going too high or returning to normal, fan speeds going too low or returning to normal, power going too low or returning to normal.

Impact:
Varies by condition.

Recommended Action:
Inspect /var/log/ltm for additional details. This message is typically accompanied by several other log messages that specify the exact nature of the sensor alarm.


012a0017 : Chassis power module %d turned on

Location:
/var/log/ltm

Conditions:
A power supply status has changed from being powered off to powered on.

Impact:
Informational.

Recommended Action:
It is not an error, no action required.


012c0004 : Lost connection with MCP: %d ... Exiting

Location:
/var/log/ltm. Not in GUI or console.

Conditions:
This is an internal error indicating that the bcm56xxd daemon lost communication with the mcpd process.

Impact:
The bcm56xxd daemon will restart. That will bounce all external interfaces.

Recommended Action:
No workaround, this is an internal error. Look in /var/log/ltm or /var/tmp/mcpd.out for any indication of why the mcpd process stopped communicating or restarted.


012c0010 : BCM56XXD driver error

Location:
/var/log/ltm

Conditions:
Various error logs associated with errors encountered by the switch daemon when attempting to configure the switch.
Some typical examples are:
    "Vlan %s invalid vid", vlan_name
    "Unable to set mac address for unit=%d, port=%d",unit, port
    "Unable to set bundle state for interface %s", name
    "Cannot set flow control for %s", name

Impact:
The switch daemon might not correctly configure the switch based on the existing configuration.

Recommended Action:
Verify that these errors relate to platform-specific configuration issues, or system instability. If the issue persists across daemon or system restarts, a support ticket should be filed.


012c0011 : BCM56XXD SDK error

Location:
/var/log/ltm.

This message is not available in the GUI or the console.

Conditions:
This message indicates that the Broadcom SDK library runs into an error condition when executing a command from the BIG-IP system's bcm56xxd switch daemon to configure broadcom switch.

Impact:
Typically this message indicates a critical error that prevents the broadcom switch from operating at the proper configuration required by BIG-IP. It might impact packets passing on some production traffic, or statistics reporting. Often, bcm56xxd also logs another error message, indicating which application level API is failing.

Recommended Action:
This error rarely occurs. When it does occur, in some cases restarting bcm56xxd ("bigstart restart bcm56xx"), or rebooting the box, will resolve the issues. Otherwise, the error persists after a bcm56xxd restart or reboot, and if it affects production traffic, an SR should be submitted to the F5 support team.


012c0012 : BCM56XXD info

Location:
/var/log/ltm

Conditions:
These messages occur during the normal initialization process of the bcm56xxd daemon. They are used to track the initialization progress of the daemon.

Impact:
None, these are informational messages only.

Recommended Action:
None.


012c0013 : BCM56XXD starting

Location:
/var/log/ltm

Conditions:
Anytime the bcm56xxd daemon starts up as a result of booting or restarting. This message is just a marker to indicate that bcm56xxd has begun executing.

Impact:
No impact, informational only

Recommended Action:
None.


012c0014 : SAMPLE: bcm56xxd - Exiting...

Location:
/var/log/ltm

Conditions:
This message occurs as a result of an orderly bcm56xxd daemon shutdown. The shutdown can occur as a result of the 'bigstart restart' or 'bigstart stop' commands or a self-initiated restart to affect an interface bundling change.

Impact:
None, this is informational only.

Recommended Action:
None.


012c0015 : Link: %s is %s

Location:
/var/log/ltm

Conditions:
Reporting link status of an interface. This is not an error, but an informational message.
Link status can be "DISABLED" "UP" "UNPOPULATED" or "DOWN"

UP means the interface is enabled, communicating and has link.
DOWN means the interface is enabled, but is not able to establish link.
UNPOPULATED means there is no optic inserted in the interface.
DISABLED means the interface is administratively disabled.

Impact:
No impact, informational only.

Recommended Action:
None.


012c0016 : BCM56XXD SDK info

Location:
/var/log/ltm

Conditions:
These messages occur during the normal initialization process of the bcm56xxd daemon. They are used to track the initialization progress of the daemon.

Impact:
None, these are informational messages only

Recommended Action:
None.


012d0007 : Lost connection with MCP: %08x

Location:
/var/log/ltm

Conditions:
This happens when eventd's attempt to make a connection to MCP fails. This is most likely because MCP is down.

Impact:
MCP is down so eventd cannot make a connection to it.

Recommended Action:
Check MCP daemon log to see why it's down. The work around is to restart MCP.


012e0029 : The configuration was successfully loaded.

Location:
/var/log/ltm

Conditions:
This is a deprecated message that was used by bigpipe (prior to tmsh) to indicate successful configuration loads.

Impact:
Cosmetic.

Recommended Action:
None.


01340002 : HA Connection with peer %la:%d for traffic-group %s lost

Location:
TMM log files.

Conditions:
Indicates that the mirroring connection with the peer was dropped. This error only occurs if the connection was up, and subsequently lost. This message might indicate that the peer is rebooting, including for administrative action, network failures, and failures within mirroring.

Impact:
This message can occur during initial startup, and does not indicate an error unless it repeats or is not explicable by administrative reboots. When loss of mirroring connectivity occurs, L7 mirrored flows are no longer mirrored. New connections are mirrored as normal.

The connection will automatically be recreated. If errors recur, refer to the workaround. If this error occurs sporadically, it might be related to bursts of client traffic. Use the workarounds to ensure that the bandwidth and the statemirror.queuelen support the traffic bursts.

Recommended Action:
Ensure that the channel bandwidth supports the needed volume. For example, if mirroring 10G of traffic across a 1G link, this error will recur until the mirroring connection supports the amount of data that needs to be mirrored. Also, adjust the database statemirror.queuelen as appropriate for your platform and mirroring needs.


01340003 : Cluster error: %s

Location:
/var/log/ltm

Conditions:
This error category is used for critical errors in communication between TMM threads,
specifically by MPI proxy.

Impact:
The system may be in an unpredictable state.

Recommended Action:
All occurrences of this error should be reported to TMM developers.


01340004 : HA Connection detected dissimilar peer: local npgs %u, remote npgs %u, local npus %u, remote npus %u, local pg %u, remote pg %u, local pu %u, remote pu %u. Connection will be aborted.

Location:
/var/log/ltm

Conditions:
This message appears when attempting to mirror dissimilar peers. This message indicates a different number of tmms between two HA peers, for example, mirroring from a BIG-IP appliance with 8 tmms to an appliance with 12 tmms. This message also appears when the blades in two chassis are in different locations, or when VCMP guests are on different slots on the same tmms.

Impact:
HA config sync functions normally, but mirroring is not operational. If failover occurs, connections will be lost.

Recommended Action:
Mirroring is only supported between similar peers. For VCMP, guests must be on the same slots on the same physical blades. For appliances, mirroring is only supported between appliances with the same number of tmms.


01380002 : Certificate '%s' in file %s will expire on %s

Location:
/var/log/ltm
console

Conditions:
The warning message is directly printed on the console right after the "checkcert" command is given.
The certificate specified in the warning message is going to expire within one month.

Impact:
The warning message doesn't indicate any error. It is to remind the user to update the certificates that will expire soon. If the user doesn't take any action, then those certificates will expire and it could fail some of the certificate verification process and hence fail the SSL connections that rely on these certificates.

Recommended Action:
Renew or remove the expiring certificates.


013b0004 : %s

Location:
/var/log/ltm

Conditions:
This is a catch-all error message emitted for any error in the csyncd daemon. On all devices, this daemon watches for certain file changes (such as, copying an ISO image of a new TMOS version to the device) and performs actions as a result of those changes (such as, informing the rest of the system that a new installable ISO is available). On chassis, in addition to this, it ensures that updates on some files (such as the system configuration) are kept in sync across all blades.

Impact:
Variable.

Recommended Action:
Variable.


013b0008 : %s

Location:
/var/tmp/csyncd.out

Conditions:
When csyncd logging is enabled, many events will log messages describing what they are doing. csyncd is the system service that watches the filesystem to take certain actions, such as informing TMOS about an ISO image for a new release copied onto the filesystem. It also synchronizes certain files between blades of a chassis.

Impact:
This is not an error message. Error messages will be logged at a higher log level.

Recommended Action:
None.


013c0004 : %s

Location:
/var/log/ltm

Conditions:
There are many conditions that are reported under the context of this error message.

failure communicating with the mcp daemon - error may include "IO error on recv from mcpd - connection lost"
failure interacting with storage devices - error may include "volumeset does not exist HD1.1", or "Failed to create volumeset"
failure interacting with the system hypervisor - error may include "Fatal error: vcmp_media_insert failed"
failure interacting with the kernel - error may include "audit failed, cannot continue
failure parsing the startup commands - error may include "audit failed, cannot continue

Impact:
Software management will not be possible.

Recommended Action:
- You might be out of disk space and you might encounter this when creating new volumes. Check the amount of available disk space. For more information, see SOL14403: Maintaining disk space on the BIG-IP system (11.x - 12.x).
- If this occurs while trying to load an image or when provisioning a VCMP instance with a new image, the permissions on the image might be incorrect. Make sure that the .iso images in /shared/images have 644 permissions.
- If this occurs on a VIPRION, you may need to re-insert the blade if you recently added it.
- You might need to back up the configuration, re-install new software, and reload the configuration.
- If your hard drive firmware is running version 01.03E01, you might need to obtain a hard drive firmware update from F5, referencing ID363930.


013d0006 : cand done

Location:
/var/log/ltm

Conditions:
BIG-IP is shutting down, or the cand daemon is restarting.

Impact:
None, this is informational not an error condition.

Recommended Action:
None.


01420001 : %s

Location:
/var/log/ltm

Conditions:
TMSH uses this code to indicate internal operation errors, possibly caused by user input. Often, the TMSH session is terminated along with this log message.

Some of the sample error messages for this code include:

1. Errors related to idle timeout.

"Unable to call thread method watch_time_left: "
"Unable to access user tty path"
"Failed to create timeout thread: "

2. Errors related to internal functioning of TMSH. These could also be user input related.

"fatal: <error_string>"
"exception: <error_string>"
"cfg exception: <error_string>"
"std exception: <error_string>"
"unexpected exception"
"boost assertion failed: <error_msg> file: <filename> line: <line_number>"

Impact:
TMSH application exits.

Recommended Action:
None.


01420002 : SAMPLE: tmsh - AUDIT - pid=13324 user=root query_partitions=all update_partition=Common module=(tmos)# status=[Command OK] cmd_data=list ltm virtual idnshare3-139

Location:
/var/log/audit

Conditions:
These messages appear whenever tmsh processes a command while auditing is turned on (GUI: system->logs->configuration->options->audit-logging->tmsh).

Impact:
These messages are strictly informational. They simply record the commands received by tmsh (and the success or failure there-of) for later use by auditors.

Recommended Action:
These messages do not represent warning or error conditions. They can be disabled by turning off the audit logging (see Conditions above).


01420003 : "%s"

Location:
/var/log/ltm

Conditions:
1. User sets cli global-settings idle-timeout. This idle timer expires.

The tmsh cli global-settings idle-timeout can be configured to terminate the user sessions. The timeout expiry results in the session termination along with this log generation.

"User idle time out reached; logged out of tmsh."

2. The roles for a user with an ongoing tmsh session changes.

"Your user account role has been changed, you must re-authenticate. Current session has been terminated."

3. User authentication failure.

"Cannot authenticate <username> with mcpd. mcpd did not return a result message elements. Current session has been terminated."

"Cannot load user credentials for user <username>. Current session has been terminated."

// failure to get result message from backend
"<msg> Current session has been terminated."

4. partition-access for the current user has changed.

"Your user account partition-access has been changed, you must re-authenticate. Current session has been terminated."

Impact:
Ongoing tmsh session terminates.

Recommended Action:
None.


01420006 : %s

Location:
/var/log/ltm

Conditions:
Errors due to incorrect user entered data, syntax errors, or errors received from the backend database. This error does not result in termination of the TMSH session.

Some error strings include:

- "error opening %s: %s" when processing stats script commands.
- "Invalid input for tmsh idle-timeout: <value>. Value not changed."

Because extensive feature-specific and generic application errors map to this error code, exhaustive coverage of the error messages is not provided.

Impact:
None.

Recommended Action:
None.


01420007 : Certificate '%s' in file %s expired on %s

Location:
/var/log/ltm
console

Conditions:
The warning message is directly printed on the console right after the "tmsh run sys crypto check-cert" command is given.
The certificate specified in the warning message has been expired since the specified date.

Impact:
The expired certificates could fail some of the certificate verification process and hence fail the SSL connections that rely on these certificates.

Recommended Action:
Renew or remove the expiring certificates.


01420008 : Certificate '%s' in file %s will expire on %s

Location:
/var/log/ltm
console

Conditions:
The warning message is directly printed on the console right after the "tmsh run sys crypto check-cert" command is given.
The certificate specified in the warning message is going to expire within one month.

Impact:
The warning message doesn't indicate any error. It is to remind the user to update the certificates that will expire soon. If the user doesn't take any action, then those certificate will expire and it could fail some of the certificate verification process and hence fail the SSL connections that rely on these certificates.

Recommended Action:
Renew or remove the expiring certificates.


01420010 : %s

Location:
/var/log/ltm

Conditions:
A condition occurred in TMSH that might be caused by internal functioning errors, for example: could not connect to back end daemon etc.

Because several system conditions map to this error code, an exhaustive list is not provided. Instead, example error messages appear in the known issue text.

TMSH logs messages with this code when a nonfatal condition occurs for the application. The TMSH session does not terminate when this warning message is logged.

sys config component related warnings
- Failed: ("<message>)"
- "Getting emergency configuration options in /config/.bigip_emergency.conf from the last successful save."
- "Failure to save the temporary SCF. Error message: <message>"

Subscription related warnings
- "subscription cannot establish mcp connection\n"
- "subscription has failed to establish mcp connection. Exception: <message>"
- "subscriber identification failed. Exception: <message>"
- "subscription failed, no response from mcpd\n"
- "subscription failed: <message>"
- "subscription failed to register. Exception: <message>"
- "subscription failed to receive message. Exception: <message>"

master key related warnings
- "Exception during query for initial master key value\n"
- "General exception during query for initial master key value\n"

Impact:
None.

Recommended Action:
None.


01460005 : SAMPLE: promptstatusd - mcpd.running(1) held, wait for mcpd

Location:
This message appears in the LTM log.

Conditions:
The promptstatusd is the system service that keeps the files updated that control the dynamic parts of the bash and tmsh prompts. For example, this includes the part that shows whether the system is active, standby, offline, or waiting to come up.

These messages are of level 'warn', which may indicate that something is wrong. Since promptstatusd is a service that only reports information, it does not indicate a problem with promptstatusd, but with another part of the system. As one example, 'mcpd.running(1) held, wait for mcpd' indicates that mcpd has restarted and that promptstatusd is waiting for it to come up again.

Impact:
promptstatusd will return to a healthy state when the underlying condition is fixed.

Recommended Action:
Other errors, proximate in time, will describe the issue (for example, why mcpd restarted or is having trouble coming up). promptstatusd will return to normal once that issue is resolved.


01460006 : SAMPLE: promptstatusd - semaphore tmm.running(1) held

Location:
This message appears in the LTM log.

Conditions:
The promptstatusd is the system service that keeps the files updated that control the dynamic parts of the bash and tmsh prompts. For example, this includes the part that shows whether the system is active, standby, offline, or waiting to come up.

These messages are of level 'notice', which record state but do not require immediate action. For example, 'semaphore tmm.running(1) held' is a common log message, which means that the TMM is in the process of starting up.

Impact:
These are not error messages. No action is required.

Recommended Action:
These are not error messages. No action is required.


01460007 : SAMPLE: promptstatusd - semaphore tmm.running(1) released

Location:
This message appears in the LTM log.

Conditions:
The promptstatusd is the system service that keeps the files updated that control the dynamic parts of the bash and tmsh prompts. For example, this includes the part that shows whether the system is active, standby, offline, or waiting to come up.

These messages are of level 'info', which record state but do not require immediate action. For example, 'semaphore tmm.running(1) released' is a common log message, which means that the TMM just finished starting up, and things that depend on it are now allowed to proceed with their startup.

Impact:
These are not error messages. No action is required.

Recommended Action:
These are not error messages. No action is required.


01470000 : iSession: Connection error: %s:%u: %s:%d

Location:
/var/log/ltm

Conditions:
A fatal error occurred on an iSession tunnel, producing the following message:
01470000:3: iSession: Connection error: <function>:<line number>:<cause>, <TMM error>.
- The <function>:<line number> text identifies the code location.
- The <cause> text describes the error.
- The <TMM error> text provides the TMM error text.

There are three kinds of iSession tunnels: user data connections, deduplication control connections, and WAN optimization control daemon (wocd) connections.

Fatal errors include deduplication and compression codec errors, memory management errors, and iSession protocol errors.

Impact:
Transient errors on deduplication control connections are common when a deduplication endpoint is initializing. Deduplication connections and wocd connections are automatically re-established after a fatal connection error. User data connections must be re-established by the client application after a fatal connection error.

Recommended Action:
If iSession connection errors persist, verify network connectivity to the iSession peer endpoint associated with the aborted flows.


01480002 : %s

Location:
/var/log/ltm

Conditions:
General high-level error message indicating function or subsystem failure. This is usually due to failure deeper in the system for other reasons.

Impact:
Specific functionality failed, error string indicates failure point.

Recommended Action:
Look for specific subsystem errors in order to determine why the function/subsystem failed.


01480024 : Can't bind the flow, waiting for config response on channel %s

Location:
/var/log/ltm

Conditions:
The message appears when traffic is sent to a virtual server that has a plugin profile, and the TMM has not yet completed establishing a connection to the plugin. This usually occurs when there are configuration changes to the virtual server or the plugin. During configuration changes, the TMM and plugin negotiate the plugin configuration. This happens very quickly; however, in instances of high load, the TMM might try to accept a client connection before the TMM connection with the plugin has been established.

Impact:
Connections initiated while the plugin connection is not established will be dropped.

Recommended Action:
A successful configuration update to a virtual or plugin may display this message under high load but only briefly. If the messages persist, the plugin is not responding to the TMM request for a configuration update. The plugin may be restarting or had failed to start. Check the plugin specific configuration and status.


01490510 : %s: Initializing Access with max global concurrent access session limit: %d

Location:
/var/log/apm

Conditions:
- When the device boots up.
- When device license is reactivated.
- When add-on license is installed.
- In an HA setup, when the standby unit becomes active the first time.

Impact:
This is not an error message.

Recommended Action:
None.


01490523 : {{Access Profile, %s}{Partition, %s}{Session ID, %s}{Max Concurrent Sessions, %d}} "#0:#1:#2: Initializing Access with max global concurrent connectivity session limit: #3"

Location:
/var/log/apm

Conditions:
- When the device boots up.
- When device license is reactivated.
- When add-on license is installed.
- In an HA setup, when the standby unit becomes active the first time.

Impact:
This is not an error message.

Recommended Action:
None.


01490526 : %s: Initializing Access with max global concurrent connectivity session limit: %d

Location:
/var/log/apm

Conditions:
- When the device boots up.
- When device license is reactivated.
- When add-on license is installed.
- In an HA setup, when the standby unit becomes active the first time.

Impact:
This is not an error message.

Recommended Action:
None.


01490541 : Access using device name: %s and device ID: %.*s.

Location:
/var/log/apm

Conditions:
1. When the device boots up.
2. When the device name is updated.

Impact:
This is an informational message only.

Recommended Action:
None.


01490555 : %s: Initializing Access with max global concurrent url filtering session limit: %d

Location:
/var/log/apm

Conditions:
Message is observed when the URL Filtering license is initialized and the license key is used.

Impact:
This is not an error, but a notice that informs the user that URL Filtering license has been initialized.

Recommended Action:
None.


014c0001 : DIAMETER: %s error: %lE

Location:
This error is logged in /var/log/ltm and can take a few forms:

err tmm1[6286]: 014c0001:3: diameter process ingress error Improper version
err tmm4[7361]: 014c0001:3: diameter hud_dime_handle error Prerequisite operation not in progress
err tmm2[15195]: 014c0001:3: diameter rexmit_callback error Hudfilter teardown
err tmm2[15195]: 014c0001:3: diameter process ingress error Not found
err tmm1[8269]: 014c0001:3: diameter process ingress error Illegal value

Conditions:
This message will be logged if an exception arises in the following conditions:
1. The diameter retransmit callback is called and the message cannot be retransmitted.
2. An egress message fails to be rewritten or the i/o queue fails to be processed.
3. The watchdog callback has been called and a signal fails to be sent to the watchdog.
4. The diameter event handler has been called and one of 23 errors occurs. The most common of these is "Prerequisite operation not in progress," which usually occurs if handshake fails.
5. The input cannot be parsed, or the i/o queue cannot be processed on ingress.
6. An invalid AVP query is attempted.

Impact:
In each condition, an error is logged. In all cases except the invalid AVP case, a HUDEVT_ABORTED event is created and handled.

Recommended Action:
1. If the retransmit callback is called and the message cannot be retransmitted, there is no workaround. To mitigate this problem, try increasing the retransmit attempt limit in the profile configuration.
2. If an egress message cannot be written, it's because an AVP is too big or un-parseable. Make sure peer servers are sending well-formed AVPs.
3. If the watchdog callback fails, it's because of an out of memory error. Try reducing traffic on this hardware, or try making changes to the configuration to free more memory, such as removing unneeded iRules or changing the persistence timeout.
4. If a handshake fails, check your network status and ensure proper configuration of the diameter peer that failed the handshake.
5. If parsing the input fails, it means that the input is not properly formed, or an out of memory error has occurred. Check that you have adequate resources and ensure proper configuration of diameter peers. If the error message says "Improper version," make sure the version of tmos you're running supports the messages you're receiving.
6. If an invalid AVP query occurs, a peer has passed an invalid AVP, possibly maliciously. Make sure the diameter peer is properly configured.


014f0001 : %s

Location:
/var/log/ltm

Conditions:
scriptd is starting.

Impact:
This is not an error message. No action is necessary. The system is likely starting up.

Recommended Action:
None.


014f0002 : %s

Location:
/var/log/ltm

Conditions:
scriptd is stopping.

Impact:
This is not an error message. No action is necessary. The system is likely shutting down.

Recommended Action:
None.


014f0004 : %s

Location:
/var/log/ltm

Conditions:
An error occurred, usually one generated by a running Tcl script. Some of the more common errors are:

"Lost connection to mcpd": mcpd restarted; therefore, scriptd automatically restarted in order to reconnect to it. No action is required.

"stopping worker process (....) socket error": scriptd maintains a pool of processes, and one of these had an issue and therefore was killed. This requires no action; scriptd will start up another one as necessary.

"scriptd, initialization failed": Another scriptd process is running. This is an F5 bug, but one that does not affect system functionality. No action is required.

Impact:
An iApp template or iCall script is likely failing.

Recommended Action:
Examine the error message to determine the issue.


014f000e : Becoming primary cluster member

Location:
/var/log/ltm

Conditions:
scriptd is running on a chassis, and a new blade became the cluster primary. This message prints on the primary blade to indicate that this scriptd instance is now working. (scriptd does nothing on secondary blades.)

Impact:
This is not an error message. No action is necessary.

Recommended Action:
None.


01530007 : %s started ===============================

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) has successfully initialized and started operating.

Impact:
The zone transfer daemon is ready to perform zone transfers as required.

Recommended Action:
No action required for a single instance of this message. It is a notification displayed when the zone transfer daemon starts up.

If this message persists then it might indicate that a separate issue is causing the zone transfer daemon to restart in a loop. Other log messages should be investigated to determine the cause.


0153002c : An instance of zxfrd (pid: %d) is already running! Exiting

Location:
/var/log/ltm

Conditions:
An instance of the DNS Express zone transfer daemon (zxfrd) has attempted to start while another instance was already running.

This is most likely to occur if an instance of the zone transfer daemon was manually started through '/var/service/zxfrd/run'.

Impact:
The second instance of the DNS Express zone transfer daemon will exit leaving the first to continue processing.

Recommended Action:
If there is a single instance of this message, occurring in a situation where the system or zxfrd has recently been started, then there is likely no issue and no action required.

If this message persists or is occurring in a situation where the system or zxfrd has not recently been started, then it might indicate a problem with the status of zxfrd. Restarting the zone transfer daemon by running the command 'bigstart restart zxfrd' as root, might resolve the issue.


01531003 : Failed to sign zone transfer query for zone %s using TSIG key %s

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) encountered an error while attempting to sign a zone transfer query for the specified zone using the specified TSIG key.

Impact:
The zone transfer query will not be sent, causing the zone transfer to fail. This in turn might cause the associated zone to be marked invalid and will not be available for dns queries until a successful zone transfer is completed.

Recommended Action:
Verify that the associated TSIG key is correct and that the secret value entered for this key comes from the appropriate key generation utility, such as BIND's "keygen".


0153100c : Failed on receive of %d bytes for transfer of zone %s (%s)

Location:
/var/log/ltm

Conditions:
There was a connection error during a zone transfer for the specified zone. The type of error is specified by the parenthesized portion of the message.

Impact:
The zone being transferred might not be available until a successful zone transfer is completed.

Recommended Action:
Use the parenthesized portion of the log message, combined with other log messages, to diagnose and correct the connection error. The system will automatically schedule a new zone transfer attempt.


0153100e : Transfer of zone %s failed with rcode (%s)

Location:
/var/log/ltm

Conditions:
This error indicates that DNS Express was not able to perform a zone transfer from a master nameserver.

Impact:
If the zone has never been transferred successfully, the zone will not be available. If the zone has previously successfully transferred, it will not be updated until the issue is resolved. If the issue is not resolved before the zone expiration time, the zone will no longer be available on the BIG-IP until the next successful transfer.

Recommended Action:
The rcode in the error message is provided by the master nameserver and can be used to investigate why the master nameserver was not able to provide the zone transfer.


01531010 : Transfer of zone %s failed b/c there are no records

Location:
/var/log/ltm

Conditions:
This error is generated by DNS Express when a zone transfer answer is received from a master nameserver with no records. At a minimum, there should be SOA records in the answer, even if there are no zone resource records.

Impact:
If the zone has never been transferred successfully, the zone will not be available. If the zone has previously successfully transferred, it will not be updated until the issue is resolved. If the issue is not resolved before the zone expiration time, the zone will no longer be available on the BIG-IP until the next successful transfer.

Recommended Action:
Configuration on the master nameserver should be investigated to determine why a malformed zone transfer response is being generated.


01531015 : Failed to retrieve next RR in %s for zone %s

Location:
/var/log/ltm

Conditions:
This error message can only occur when the zone transfer daemon (zxfrd) is processing a response to a zone transfer request. The message means that zxfrd was unable to obtain the next resource record from the packet it is processing.

This can occur if:
- The data in the response is incomplete
- The data in the response is garbled
- The number of records in the ANSWER section of the transfer does not match the amount indicated in the DNS header.

Impact:
This message indicates that the zone transfer has failed and will be rescheduled. If the issue is persistent and prevents a successful transfer from succeeding before the zone expiration time, the zone will no longer be available on the BIG-IP until the next successful transfer.

Recommended Action:
If the issue is persistent, configuration and logs on the master nameserver or intermediate network devices should be investigated to determine why the BIG-IP cannot successfully complete a zone transfer.


01531018 : Failed to transfer zone %s from %s, will attempt %s

Location:
/var/log/ltm

Conditions:
This error indicates that a zone transfer attempt failed. The first argument is the name of the zone, the second is the master nameserver, and the third is the next type of transfer attempt that will occur (AXFR or IXFR). This message should be seen in conjunction with a more specific error message that gives more details about the failure.

Impact:
If the zone has never been transferred successfully, the zone will not be available. If the zone has previously successfully transferred, it will not be updated until the issue is resolved. If the issue is not resolved before the zone expiration time, the zone will no longer be available on the BIG-IP until the next successful transfer.

Recommended Action:
The BIG-IP system continues to attempt to transfer the zone. The cause of this issue could be incorrect configuration on the BIG-IP system, such as the wrong master nameserver IP address, network configuration issues that prevent the BIG-IP system from reaching the master, or configuration issues on the master nameserver, such as incorrect ACLs.

Additional log messages should provide context as to the cause of the transfer failure.


0153101b : Ignoring NOTIFY for zone %s due IXFR in progress

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) has received a zone change notification (DNS notify) for the specified zone, but that zone has an incremental zone transfer in progress.

Impact:
The received zone change notification is ignored.

Recommended Action:
There is no action required. The system is simply displaying that it has received the notification and has chosen to ignore it, under the assumption that the current zone transfer will include the change notifications.


0153101c : Handling NOTIFY for zone %s

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) is logging that it has received a zone change notification (DNS notify) for the specified zone.

Impact:
A zone transfer will be scheduled to begin within a short period of time for the specified zone.

Recommended Action:
None.


0153101f : %s Transfer of zone %s from %s succeeded

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) has successfully completed transferring a zone.

Impact:
The records being transferred are now available on the system and can be returned as the result of incoming dns queries.

Recommended Action:
None.


01531023 : Scheduling zone transfer in %ds for %s from %s

Location:
/var/log/ltm

Conditions:
This message occurs whenever the zone transfer daemon (zxfrd) schedules a zone transfer from a master nameserver.

The logging level for this message was changed from NOTICE to DEBUG beginning in version 11.3.0.

Impact:
The conditions that this message indicates are normal and expected. There is no negative impact to the system.

Recommended Action:
None.


01531025 : Serials equal (%d); transfer for zone %s complete

Location:
/var/log/ltm

Conditions:
This message occurs whenever the zone transfer daemon (zxfrd) requests a zone transfer from a master nameserver and there have been no changes to the zone since the last successful zone transfer.

The logging level for this message was changed from NOTICE to DEBUG beginning in version 11.3.0.

Impact:
The conditions that this message indicates are normal and expected. There is no negative impact to the system.

Recommended Action:
None.


0153102a : Failed connect callback to %s for transfer of zone %s

Location:
/var/log/ltm

Conditions:
This is primarily a diagnostic error message used to provide additional context when a zone transfer fails. The failure is most likely due to a network connectivity or network configuration problem.

Impact:
If the zone has never been transferred successfully, the zone will not be available. If the zone has previously successfully transferred, it will not be updated until the issue is resolved. If the issue is not resolved before the zone expiration time, the zone will no longer be available on the BIG-IP until the next successful transfer.

Recommended Action:
Use this log message in conjunction with other ZXFR log messages that should appear with it to help diagnose the cause of the failure. Investigate network connectivity between the BIG-IP and master nameserver and verify network configuration on all devices including intermediate switches/firewalls.


01531105 : Zone %s expired. Zone will be unavailable until the next successful zone transfer

Location:
/var/log/ltm

Conditions:
A zone that was transferred to this system has expired.

Impact:
The expired zone will not be available to dns queries until another zone transfer is successfully completed.

Recommended Action:
None.


01531300 : Cluster status changing from %s to %s

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) detected that the cluster state has changed. This generally occurs when a blade in a clustered system changes its offline/online status.

Impact:
Depending on the new cluster status, the DNS Express zone transfer daemon (zxfrd) might start or stop zone transfers on this blade. The primary blade on a clustered system handles zone transfers to the system.

Recommended Action:
No action is directly required by this message. However, if this state change was unexpected or unintended, then there should be other log messages on the system, indicating what caused the specified status change. Corrective action can be taken based upon those messages.


0153e0f7 : Lost connection to mcpd

Location:
/var/log/ltm

Conditions:
The DNS Express zone transfer daemon (zxfrd) has lost its connection to the configuration daemon (mcpd). This is expected to be a recoverable transient condition, most likely seen when mcpd has restarted.

Impact:
zxfrd will restart in an attempt to restore its connection with mcpd. Until zxfrd is able to restore its connection to mcpd, zone transfers will not be attempted.

Recommended Action:
The message indicates a problem communicated with mcpd. If the message persists, the logs should be investigated to determine what could be affecting mcpd. If zxfrd is having trouble, other daemons will be as well.


01570004 : %s

Location:
/var/log/ltm

Conditions:
The connection from lldpd to mcpd is lost. Most possibly mcpd is down or restarted.

Impact:
The lldpd daemon will be restarted and try to connect to mcpd again.

Recommended Action:
None.


015a0000 : SAMPLE: devmgmtd - Initial trust configuration created

Location:
/var/log/ltm

Conditions:
First boot of the device, or reset of the trust domain.

Impact:
This is not an error condition. The system is behaving normally.

Recommended Action:
None.


015c0004 : %s

Location:
/var/log/ltm

Conditions:
This general error message originates from the iprepd daemon.
These errors typically relate to network availability, brightcloud.com availability, DNS lookups, or memory issues.

Impact:
The iprepd daemon cannot connect to the brightcloud.com service. Consequently, it cannot diagnose traffic coming from IPs with bad reputations. Related features (for example, ASM or irules) will not work, or work with a non-updated IPs database.

Recommended Action:
A customer usually needs to check and fix the network connection or the dns setup. There is no other workaround.


015c0009 : IP Reputation has no license currently

Location:
/var/log/asm

Conditions:
This error message originates from the iprepd daemon.
This error indicates that there is no valid license for the IP Intelligence feature.

Impact:
IP Intelligence feature cannot be used.

Recommended Action:
Update IP Intelligence license.


01670003 : Inbound entry %A,%d,%A,%A found

Location:
/var/log/ltm

Conditions:
This is a debug message, enabled by setting sys db variable log.lsn.level to "Debug". This debug message is logged when an LSN inbound connection is received and the inbound entry is found in the TMM internal database. During normal operation, log.lsn.level must be set to "Error". This debug message only exists in 11.x.x releases.

Impact:
None.

Recommended Action:
Set sys db log.lsn.level to "Error".


01670009 : Inbound connection :%A,%d is active

Location:
/var/log/ltm

Conditions:
This is a debug message, enabled by setting sys db variable log.lsn.level to "Debug". This message is logged when we fail to add an inbound entry because the entry already exists. If this happens, TMM will try to pick a different translation IP:port. During normal operation log.lsn.level must be set to "Error". This debug message only exists in 11.x.x releases.

Impact:
None.

Recommended Action:
Set sys db log.lsn.level to "Error".


01670010 : Inbound entry:%A%%%d:%d, ds-lite remote:%A local:%A timeout:%d for key:%A%%%d:%d proto:%d added. ha mirrored: %s

Location:
/var/log/ltm

Conditions:
This is a debug message, enabled by setting sys db variable log.lsn.level to "Debug". This debug message is loggeed when an inbound entry is added to the TMM internal database for an outbound connection. During normal operation, log.lsn.level must be set to "Error". This debug message only exists in 11.x.x releases.

Impact:
None.

Recommended Action:
Set sys db log.lsn.level to "Error".


01670019 : "DNAT configuration: %s"

Location:
/var/log/ltm

Conditions:
A CGNAT Deterministic NAT LSN Pool is configured and attached to an active virtual server. This log entry records the state information used by the dnatutil to reverse map LSN translations.

Impact:
Log entries are for information only.

Recommended Action:
None.


01670020 : DNAT connection: %s

Location:
/var/log/ltm

Conditions:
This error is logged if the mode in the LSN pool/AFM NAT source translation object is set to "Deterministic", and the config is changed while flows using these objects are active.

Impact:
This log message has no negative impacts. This log message is used by the "dnatutil" to reverse map the subscriber.

Recommended Action:
None.


01670021 : [%u.%u] LSN Pool %s has no usable translation address for DNAT

Location:
/var/log/ltm, /var/log/tmm

Conditions:
The deterministic NAT pool on the indicated TMM has no usable address.

Impact:
Source address translation for the virtual server using the LSN pool will fail, when client connections use the designated TMM.

Recommended Action:
Increase the number of translation addresses for the LSN Pool.


01690000 : SAMPLE: evrouted - shutdown cleanly

Location:
/var/log/ltm

Conditions:
A daemon is shutting down under expected conditions (that is, the device is being powered down or rebooted).

Impact:
This is not an error message and does not indicate a problem.

Recommended Action:
None.


016e0002 : Execution of action '%.*s' failed, error %E

Location:
/var/log/ltm

Conditions:
This error occurs when a TMM fails to execute an LTM policy action. This condition can occur when the TMM connection flow is aborted for unknown or unforeseen reasons (for example, out of memory or extreme load), and the related tear-down workflow transitions through a temporary stale state, while running LTM policy actions that involve the workflows being disposed.

Impact:
This error often indicates a deeper problem, possibly affecting multiple subsystems within the TMM. In this instance, the execution of some LTM policy actions fail, and the underlying LTM traffic or connection cannot be shaped.

Recommended Action:
Open a support ticket.


01700000 : PPTP CALL-REQUEST id;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d

Location:
/var/log/ltm

Conditions:
The client has sent an outgoing call request.

Impact:
This log entry is for information purposes only.

Recommended Action:
None.


01700001 : PPTP CALL-START id;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d

Location:
/var/log/ltm

Conditions:
The server has responded with an outgoing call reply indicating that the call was successful.

Impact:
This log entry is for information purposes only.

Recommended Action:
None.


01700002 : PPTP CALL-END id;%d reason;%d from;%A%%%u to;%A nat;%A%%%u ext-id;%d

Location:
/var/log/ltm

Conditions:
The control channel was terminated.

Impact:
This log entry is for information purposes.

Recommended Action:
None.


01700005 : Error creating PPTP-GRE local flows, error %E.

Location:
/var/log/ltm

Conditions:
Creating a GRE flow, and error conditions such as low memory, internal database error, or software bug.

Impact:
GRE flow cannot be created, so the connection cannot complete.

Recommended Action:
If there are no other errors about low memory conditions, then contact support.


018e0002 : %s

Location:
/var/log/ltm

Conditions:
This message is generated when the sdmd daemon exits normally, for example, by using "bigstart restart sdmd", or, when the ILX feature changes from the state of being provisioned to not being provisioned.

Impact:
The sdmd daemon manages Node.js processes for the iRulesLX feature. If sdmd is not running, then the iRulesLX feature is not operational.

Recommended Action:
If ILX is provisioned, and sdmd is not running, from the BIG-IP shell, enter "bigstart start sdmd".


018e0005 : Exiting, received shutdown signal

Location:
/var/log/ltm

Conditions:
This message is generated when the sdmd daemon receives a sigint, sigterm, or sigquit signal. This will happen normally when the sdmd daemon is stopped or restarted by using the bigstart command, bigstart restart sdmd, bigstart stop sdmd, or when the ILX feature is unprovisioned. The sdmd daemon logs this message during a normal shutdown.

Impact:
The sdmd daemon supports the iRulesLX feature. If the sdmd daemon is not running, iRulesLX is not operational.

Recommended Action:
If ILX is provisioned and the sdmd deamon is not running, from the BIG-IP shell enter "bigstart start sdmd".




*********************** NOTICE ***********************

For additional support resources and technical documentation, see:
******************************************************
Generated: 31/03/2017
Copyright F5 Networks (2017) - All Rights Reserved

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)