RD 0 suffix is ignored in Tenant with non-0 defaultRouteDomain

[adityoari]

Environment

• Application Services Version: 3:50.2
• BIG-IP Version: 17.1.1.3

Summary

In a Tenant with non-0 defaultRouteDomain, we append %0 to the virtualAddresses entry of the Service to expose that VS in RD0. The %0 seems to be ignored/stripped, as the resulting VS would still be created in the Tenant's default RD. When we append non-0 RD, the VS is correctly created with the intended RD.

Reproducibility: Always Severity/impact: Major

Steps To Reproduce

1. Submit the following declaration:

{
    "class": "AS3",
    "declaration": {
        "class": "ADC",
        "schemaVersion": "3.50.2",
        "label": "http",
        "remark": "A1 Template",
        "as3cm": {
            "class": "Tenant",
            "defaultRouteDomain": 1,
            "App1rd0": {
                "class": "Application",
                "template": "generic",
                "a1_80_vs": {
                    "class": "Service_TCP",
                    "remark": "app1 VS",
                    "virtualAddresses": [
                      "10.104.0.20%0"
                    ],
                    "virtualPort": 80,
                    "pool": "app1_pool"
                },
                "app1_pool": {
                    "class": "Pool",
                    "monitors": [
                        "http"
                    ],
                    "members": [
                        {
                            "servicePort": 8081,
                            "serverAddresses": []
                        }
                    ]
                }
            },
            "App1rd2": {
                "class": "Application",
                "template": "generic",
                "a1_80_vs": {
                    "class": "Service_TCP",
                    "remark": "app1 VS",
                    "virtualAddresses": [
                      "10.104.0.20%2"
                    ],
                    "virtualPort": 80,
                    "pool": "app1_pool"
                },
                "app1_pool": {
                    "class": "Pool",
                    "monitors": [
                        "http"
                    ],
                    "members": [
                        {
                            "servicePort": 8081,
                            "serverAddresses": []
                        }
                    ]
                }
            }
        }
    }
}

2. Observe that Service with RD0 suffix is created in RD1, while Service with RD2 suffix is correctly created:

admin@(bip02)(cfg-sync Standalone)(Active)(/as3cm)(tmos)# li ltm virtual recursive destination
ltm virtual App1rd0/a1_80_vs {
    destination 10.104.0.20%1:80
}
ltm virtual App1rd2/a1_80_vs {
    destination 10.104.0.20%2:80
}

Expected Behavior

RD0 suffix is honoured and correctly configured

Actual Behavior

RD 0 suffix seems to be ignored/stripped, while non-0 suffix works fine.

The /var/log/audit file clearly shows that AS3 created the first VS with Tenant-default RD of 1, while the second VS was created correctly on RD2.

May  6 20:44:56 bip02.az.aditf5.com notice mcpd[5898]: 01070417:5: AUDIT - client tmsh, tmsh-pid-18687, user admin - transaction #4540094-7 - object 0 - create { virtual_server { virtual_server_name "/as3cm/App1rd0/a1_80_vs" virtual_server_contribute_to_va_status 1 virtual_server_auto_lasthop 0 virtual_server_conn_limit 0 virtual_server_description "app1 VS" virtual_server_va_name "/as3cm/10.104.0.20%1" virtual_server_port 80 virtual_server_enabled 1 virtual_server_ip_proto 6 virtual_server_lasthop_pool_name "" virtual_server_wildmask 255.255.255.255 virtual_server_sf_flags 0 virtual_server_nat64 0 virtual_server_default_pool "/as3cm/App1rd0/app1_pool" virtual_server_rate_limit 0 virtual_server_action_on_service_down 0 virtual_server_src_addr 0.0.0.0%1 virtual_server_source_address_translation_type 3 virtual_server_srcport 0 virtual_server_translate_addr 1 virtual_server_translate_port 1 virtual_server_listed_enabled_vlans 0 } } [Status=Command OK]
May  6 20:44:56 bip02.az.aditf5.com notice mcpd[5898]: 01070417:5: AUDIT - client tmsh, tmsh-pid-18687, user admin - transaction #4540094-24 - object 0 - create { virtual_server { virtual_server_name "/as3cm/App1rd2/a1_80_vs" virtual_server_contribute_to_va_status 1 virtual_server_auto_lasthop 0 virtual_server_conn_limit 0 virtual_server_description "app1 VS" virtual_server_va_name "/as3cm/10.104.0.20%2" virtual_server_port 80 virtual_server_enabled 1 virtual_server_ip_proto 6 virtual_server_lasthop_pool_name "" virtual_server_wildmask 255.255.255.255 virtual_server_sf_flags 0 virtual_server_nat64 0 virtual_server_default_pool "/as3cm/App1rd2/app1_pool" virtual_server_rate_limit 0 virtual_server_action_on_service_down 0 virtual_server_src_addr 0.0.0.0%2 virtual_server_source_address_translation_type 3 virtual_server_srcport 0 virtual_server_translate_addr 1 virtual_server_translate_port 1 virtual_server_listed_enabled_vlans 0 } } [Status=Command OK]

[mdditt2000]

@adityoari I am assuming this because "10.104.0.20%0" would be default and therefore not apply the RD=0. I am assuming traffic is passing correct?

[mdditt2000]

Assigned AUTOTOOL-4354 to me added to current sprint.

[mdditt2000]

functional as normal. Closing issue

[adityoari]

@mdditt2000 no the traffic did not pass at all, since the VS is supposed to be in RD0. With this bug, AS3 created it in the Partition's default (non-0) and the resulting VS does not have connectivity to the outside/client-side network.

[mdditt2000]

@adityoari understand. Please reach out to me at [email protected] to prioritize

[mdditt2000]

@adityoari validating in the current Sprint. Standby for eval. Its possible AS3 is working as designed.

[mdditt2000]

AS3 3.52.0 build 2 is now available - Please reach out for early build. Issue resolved

[sunitharonan]

This issue has been resolved in AS3 52.0