Last Modified: Sep 27, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Opened: Aug 06, 2024 Severity: 3-Major
When using a DNS monitor with IP encapsulation, TMM handles probe encapsulation. Bigd reuses source ports after closing sockets quickly, but TMM applies a 30-second timeout, leading to connection re-use. This can result in probes being incorrectly encapsulated to the wrong pool member, causing inaccurate health monitoring
Probes may be encapsulated to the wrong destination, leading to inaccurate health monitoring of pool members.
1. DNS monitor configured with 'transparent' destination and IP encapsulation enabled. 2. Large number of pool members (e.g., 60).
None
None