Last Modified: Dec 07, 2023
Affected Product(s):
F5OS Velos
Fixed In:
F5OS-C 1.5.0, F5OS-A 1.4.0, F5OS-A 1.3.0
Opened: May 16, 2022 Severity: 3-Major
This is an intermittent problem where the affected BIG-IP tenant may receive incorrect statistics from the F5OS platform. This can cause the BIG-IP tenant to drop DNS traffic that should not be dropped. Typically, the BIG-IP tenant will have periods of time where it receives the correct stats, and periods where it receives incorrect stats.
Clients that send DNS traffic to the affected BIG-IP tenant will not receive DNS responses when they should.
All of the below must be true: -- Two or more BIG-IP tenants are deployed either on the same node in a partition or on the same appliance. -- An AFM license is installed on the F5OS platform. -- At least one tenant is receiving malformed DNS traffic.
When AFM is provisioned for the system, deploying tenants on different nodes on a chassis based system or one tenant per appliance avoids the issue.
BIG-IP tenants receive the correct platform statistics regardless of the node in which they are deployed.