Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
16.0.0, 15.1.0, 14.1.2.8
Opened: Oct 10, 2019 Severity: 3-Major
When hosts send ICMP unreachable error messages and processed by the BIG-IP system, subsequent good UDP packets do not get the persistence LSN translation address.
LSN persistence issues. UDP packets from the same client IP address may not get the same translation address every time, even though there exists a persistence entry in the table
-- Virtual server with FW NAT or CGNAT configuration to accept UDP traffic. -- Client or/and server randomly sends ICMP unreachable messages.
None.
Processing ICMP unreachable packets no longer causes FWNAT/CGNAT persistence issues with UDP traffic.