Bug ID 431109

AskF5 Home
Bug Tracker
ID 431109

Bug ID 431109: Best threshold setting under IP Fragment Flood

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product: See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.4.1

Opened: Sep 19, 2013
Severity: 2-Critical

Symptoms

On HSBe2 based platforms, the default threshold does not provide best performance under IP fragment flood attack.

Impact

Slow performance.

Conditions

This occurs on HSBe2 based platforms including B4300 and B2100 blades

Workaround

Change the default threshold setting for the ip fragment vector to the following: ip-frag { default-internal-rate-limit 10000 detection-threshold-percent 500 detection-threshold-pps 1000 } ip-frag-flood { default-internal-rate-limit 10000 detection-threshold-percent 500 detection-threshold-pps 1000 }

Fix Information

None

Bug ID 431109: Best threshold setting under IP Fragment Flood

Bug Tracker

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

Bug ID 431109: Best threshold setting under IP Fragment Flood

Bug Tracker

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Have a question?

Follow Us

About F5

Education

F5 sites

Support Tasks