Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP CGN
Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11
Fixed In:
11.6.0, 11.5.2, 11.4.1 HF6
Opened: Feb 21, 2014 Severity: 2-Critical Related Article:
K15538
Connections may fail when using CGNAT Deterministic NAT (DNAT) with ECMP or route pools.
Second connection fails.
This issue occurs with: -- LSN pool with Deterministic mode. -- Route pools or ECMP such that the same destination may have two different routes. -- Two connections from the same client to the same destination
None.
Deterministic NAT (DNAT) does not pick a colliding port for the second connection, so connections complete successfully.