Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5
Fixed In:
14.0.0, 13.1.0.6
Opened: Mar 05, 2018 Severity: 2-Critical Related Article:
K79814103
On 13.1.x DNS responses with truncated bit set are dropped when AFM DNS DoS is enabled.
Clients do not receive truncated DNS responses.
-- AFM DNS DoS is enabled. -- Using 13.1.x.
Disable DNS DoS protection by changing the dos.dnsport variable to another port for which there is no valid traffic. For instance: tmsh modify sys db dos.dnsport value 54
None