Bug ID 1100737

Bug Tracker
ID 1100737

Bug ID 1100737: Integrate sPVA DDOS vector functionality to appliance devices with multiple ATSE

Last Modified: Mar 30, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Fixed In:
17.1.0

Opened: Apr 20, 2022

Severity: 4-Minor

Symptoms

Multiple ATSEs are not handled in the current code. The users will observe an incorrect traffic rate limit against the configured vector. Selection of the linked TMM thread to ATSE could go wrong, which will result in the handling of the traffic only on one of the ATSEs.

Impact

An incorrect rate_limit will apply on the vectors. Both the ATSEs (TMM) might not participate in handling of the traffic.

Conditions

Occurs on appliances with multiple ATSEs when dos_vectors are configured to mitigate the attack.

Workaround

None

Fix Information

The traffic will be handled properly and the correct rate_limit will apply on the vector configuration.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips