Last Modified: Sep 13, 2023
Known Affected Versions:
18.104.22.168, 22.214.171.124, 126.96.36.199, 14.1.5
Opened: Jan 20, 2022 Severity: 3-Major
If an error occurs while deleting a hardware SYN cookie Neuron rule, TMM may crash. Possible (but not required) symptoms include TMM logs before the crash like: neuron_client_send_data: Error: mds_conn_send_xbuf failed neuron_client_send_req: neuron_client_send_data failed: ERR_REJECT hudproxy_neuron_client_closed_cb: Neuron client connection terminated
Traffic disrupted while tmm restarts.
-- Platforms with Neuron/TCAM support (BIG-IP iSeries)
On HSB platforms it is possible to disable the Neuron SYN cookie feature by the 'HSBE::syncookie_neuron_enabled 0' Tcl command in /config/tmm_init.tcl. However, this would prevent full hardware SYN cookie protection for wildcard or subnet virtual servers.
Error handling during Neuron rule deletion is fixed.