Bug ID 1271453

Bug Tracker
ID 1271453

Bug ID 1271453: DNS requests with NSEC3 RR type Responding with no NSEC3 and no authority section from BIG-IP authoritative server.

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP DNS(all modules)

Opened: Mar 15, 2023

Severity: 3-Major

Symptoms

DNS requests with NSEC3 RR type Responding with no NSEC3 and no authority section from BIG-IP authoritative server.

Impact

DNSSEC Validation failure at resolver.

Conditions

-- Create a Zone in BIND. -- Create DNSSEC zone on BIG-IP. -- Send dig -t nsec3 ZONENAME @BIG_IP_listener +dnssec -- Observer the lack of AUTHORITY SECTION, NSEC3 and RRSIG

Workaround

None

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips