Bug ID 1302869: AFM is not accounting Nxdomain attack for TCP query

Last Modified: Feb 28, 2025

Affected Product(s):
BIG-IP AFM(all modules)

Fixed In:
17.5.0, 17.1.2, 16.1.5

Opened: May 30, 2023

Severity: 4-Minor

Symptoms

AFM is not accounting NXDOMAIN query with tcp. At the device level, NXDOMAIN stats are incorrect.

Impact

NXDOMAIN flood attack is not detected.

Conditions

-- DNS cache is activated -- An NXDOMAIN DoS vector occurs

Workaround

None

Fix Information

AFM is now accounting Nxdomain attack for TCP query

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips