Last Modified: Oct 04, 2024
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1
Opened: Nov 11, 2022 Severity: 3-Major
When the server TCP connection is under timewait closing state, if a new client connection is initiated towards the server under the BIG-IP SYN-Cookie mode, the server will respond with ACK instead of SYN+ACK for the SYN received. The BIG-IP system drops this ACK and retransmit the SYN, till timeout occurs.
Longer establishment time and retry.
- Running an i15820DF BIG-IP system. - FastL4 profile with syn-cookie-enable set to "enabled". - New client connection is reusing the port to get to the same server TCP connection.
None
None