Last Modified: Aug 01, 2024
Affected Product(s):
F5OS F5OS
Fixed In:
F5OS-A 1.7.0
Opened: Oct 27, 2022 Severity: 1-Blocking
VXLAN-GPE and GENEVE tunnel support can cause host-generated UDP frames with destination ports matching system configured destination ports for VXLAN-GPE or GENEVE to be treated as VXLAN-GPE or GENEVE traffic even if the underlying frame is not VXLAN-GPE or GENEVE. Frames fitting this characteristic may have a bad UDP checksum forced onto the frame if frame fails basic VXLAN-GPE or GENEVE protocol checks.
Minimal.
Administrator configures VXLAN-GPE and/or GENEVE tunnel support.
Tunnels are disable by default. This issue is only observed if tunnels are enabled.
N/A