Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.4.1, 11.4.0, 11.3.0
Fixed In:
11.5.0, 11.4.1 HF4, 11.4.0 HF6, 11.3.0 HF9
Opened: Sep 10, 2013 Severity: 2-Critical Related Article:
K14980
When source port and destination port are same, traffic initiated from the host, such as NTP, may have the response directed to the wrong tmm, resulting in the response being dropped.
Host traffic like NTP, or any other traffic from hosts whose source and destination ports are the same, might not work properly.
The traffic has to be initiated from the host. The source and destination ports have to be the same (though some port numbers may succeed in spite of them being same). The platform needs to have HDAG hardware. Specifically, the following platforms are affected by this issue: -- BIG-IP 5000s/5200v (C109), -- BIG-IP 7000s/7200v (D110), -- BIG-IP 10000s/10200v (D113), -- VIPRION Blade 4300 (A108), -- VIPRION Blade 2250 (A112).
None. Unless the protocol can be configured to work with a source and destination port numbers that are different.
Prior to this release, HDAG platforms could send traffic with the same source and destination ports to the wrong tmm. NTP traffic typically has the same source and destination port. This problem has been corrected.