Bug ID 1137217: DNS profile fails to set TC flag for responses containing RRSIG algorithm 13

Last Modified: Sep 29, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP DNS(all modules)

Known Affected Versions:
17.0.0, 16.1.0, 15.1.7

Opened: Aug 17, 2022
Severity: 3-Major

Symptoms

DNS express sends a malformed response when UDP size limit is set to 512.

Impact

Malformed DNS express responses is received when UDP size limit set to exactly 512 and a zone is signed with algorithm 13.

Conditions

The UDP size limit is set to exactly 512 and a zone that is signed with algorithm 13 (ECDSA Curve P-256 with SHA-256), the DNS express responds with a malformed packet.

Workaround

None

Fix Information

None

Behavior Change