Last Modified: Dec 07, 2023
Affected Product(s):
BIG-IP AFM
Fixed In:
17.0.0, 15.1.8
Opened: Sep 24, 2021 Severity: 3-Major
The default DAG mode uses the source and destination ports for hash calculation to distribute the traffic across TMMs. This does not scale well for GTP-U traffic since the source and destination port are unchanged (default well known port 2152). This results in a single TMM (CPU) processing all the GTP-U packets results in high load on a single CPU whilst the other CPUs are underutilized.
One CPU being overloaded where as other CPUs are under utilized.
GTP-U traffic uses the same source and destination well known port 2152.
None
A new disaggregation (DAG) mode for GTP-U traffic is introduced to effectively distribute the traffic across different TMM's and thereby proper utilization of CPU resources. This can be enabled/disabled by configuring sys db variable "iptunnel.gtp.teid_hash". This sys db variable is set to disabled by default. When enabled, this behavior is applied to only GTP-U traffic when it matches the below criteria: - GTP-U version needs to be 1 (GTP-U v1) - Source and destination ports need to be 2152.
When the new disaggregation (DAG) mode is enabled for GTP-U traffic by configuring "iptunnel.gtp.teid_hash", the TEID field in the GTP-U header is used to calculate the hash to disaggregate the packets to TMMs. NOTE: The source-address translation is not supported for GTP-U traffic processing virtual when this mode is enabled. The source-port is preserved, and no ephemeral port is used to create connections on the BIG-IP.