Bug ID 1184441: VXLAN-GPE and GENEVE tunnel support

Last Modified: Aug 01, 2024

Affected Product(s):
F5OS F5OS(all modules)

Fixed In:
F5OS-A 1.7.0

Opened: Oct 27, 2022

Severity: 1-Blocking

Symptoms

VXLAN-GPE and GENEVE tunnel support can cause host-generated UDP frames with destination ports matching system configured destination ports for VXLAN-GPE or GENEVE to be treated as VXLAN-GPE or GENEVE traffic even if the underlying frame is not VXLAN-GPE or GENEVE. Frames fitting this characteristic may have a bad UDP checksum forced onto the frame if frame fails basic VXLAN-GPE or GENEVE protocol checks.

Impact

Minimal.

Conditions

Administrator configures VXLAN-GPE and/or GENEVE tunnel support.

Workaround

Tunnels are disable by default. This issue is only observed if tunnels are enabled.

Fix Information

N/A

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips