Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM, Install/Upgrade
Known Affected Versions:
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10
Opened: Oct 18, 2013 Severity: 2-Critical
For 11.5 htsplit mode is enabled by default. htsplit is actuals only for platform/blades which have CPU with hyper-threading. htsplit mode decrease number of tmms in twice. So after upgrade from 11.4 to 11.5, you may see that DOS attacks happens on normal traffic rates. Example: You have BIG-IP 10000/12000 with 11.4 with 12 tmms, and you configure DOS accordingly. Then when you make upgrade to 11.5 and you end up with 6 tmms because of htsplit mode.
You may see false-alarm DOS attack on normal traffic rates.
Platform/blade CPU have hyper-threading and sys db scheduler.splitplanes.ltm = "true"
Double the thresholds for AFM DOS vectors.
None