Bug ID 1132925: Bot defense does not work with DNS Resolvers configured under non-zero route domains

Last Modified: Mar 26, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,, 16.0.0,, 16.0.1,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,, 17.0.0,,

Fixed In:

Opened: Aug 01, 2022
Severity: 4-Minor


When a DNS Resolver is configured under a non-zero route domain, the bot defense does not use the DNS resolver to perform DNS queries, resulting in some bots not being detected.


Some bots are not detected by bot defense mechanism.


DNS Resolver is configured under non-zero route domain.


Configure DNS Resolver under route domain 0.

Fix Information

Enhanced bot defense to use resolvers from any corresponding route domain. However, bot defense does not support route domain modification of DNS resolvers. Resolvers must be deleted and created again in the correct route domain.

Behavior Change