Bug ID 1307605: AFM does not detect NXdomain attack (for DNS express)

Last Modified: Dec 31, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Fixed In:
17.1.2

Opened: Jun 15, 2023

Severity: 4-Minor

Symptoms

AFM does not account for NXDOMAIN query when DNS express is in use. At the device level, NXDOMAIN stats are incorrect.

Impact

NXDOMAIN attack is not detected.

Conditions

-- DNS express is enabled -- NXDOMAIN DoS vector detection is enabled

Workaround

None

Fix Information

Supported NXDOMAIN DOS Vector with DNSX (DNS Express)

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips