Last Modified: Aug 15, 2022
Affected Product:
See more info
BIG-IP TMOS
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5
Fixed In:
14.1.5.1
Opened: Jan 20, 2022
Severity: 3-Major
If an error occurs while deleting a hardware SYN cookie Neuron rule, TMM may crash. Possible (but not required) symptoms include TMM logs before the crash like: neuron_client_send_data: Error: mds_conn_send_xbuf failed neuron_client_send_req: neuron_client_send_data failed: ERR_REJECT hudproxy_neuron_client_closed_cb: Neuron client connection terminated
Traffic disrupted while tmm restarts.
-- Platforms with Neuron/TCAM support (BIG-IP iSeries)
On HSB platforms it is possible to disable the Neuron SYN cookie feature by the 'HSBE::syncookie_neuron_enabled 0' Tcl command in /config/tmm_init.tcl. However, this would prevent full hardware SYN cookie protection for wildcard or subnet virtual servers.
Error handling during Neuron rule deletion is fixed.