Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP GTM, LTM
Known Affected Versions:
11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1
Fixed In:
11.5.0, 11.4.1 HF2, 11.4.0 HF4, 11.2.1 HF10
Opened: Aug 02, 2013 Severity: 2-Critical Related Article:
K14851
BIG-IP did not truncate DNS responses (for non-EDNS0 queries) to 512 bytes. On TCP a query w/ or w/o EDNS0 may also be truncated.
The message may be too large over UDP; or it may be truncated over TCP.
A query with or without EDNS0 against DNS-Express or DNS Cache. On UDP, the query should be truncated to 512b if no EDNS0 is sent; of course if an EDNS0 max udp size is set, then truncate to that value. On TCP a response should never be truncated.
An iRule may be written to keep track of query ID and conditionally truncate the response.
BIGIP no longer truncates DNS over TCP; nor does it send more than 512 bytes over UDP when edns0 is not present.