Bug ID 1060625: Wrong INTERNAL_IP6_DNS length.

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2,

Fixed In:
17.1.0, 17.0.0,

Opened: Nov 10, 2021

Severity: 3-Major


Tunnel establishment fails when an IPv6 DNS IP address is provided in the IKE_AUTH payload. As per RFC it should be 16 octets, but BIG-IP sends 17 octets(that is, it tries to provide the subnet info also).


Tunnel will not establish.


Initiator requests an IPv6 DNS IP during tunnel negotiation.



Fix Information

The INTERNAL_IP6_DNS payload is now filled with only the IPv6 address (the subnet is excluded).

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips