Bug ID 1101697: TLS1.3 connection failure with 0-RTT and Hello Retry Request (HRR).

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 17.0.0, 17.0.0.1, 17.0.0.2

Fixed In:
17.1.0, 16.1.4, 15.1.7

Opened: Apr 22, 2022

Severity: 3-Major

Symptoms

Connection failure.

Impact

Connection failure.

Conditions

This condition can occur when: - The 0-RTT is enabled. - When TLS1.3 session goes for Hello Retry Request (HRR).

Workaround

Disable the 0-RTT.

Fix Information

Added changes which handle this defects.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips