Last Modified: Jul 13, 2024
Affected Product(s):
BIG-IP PEM
Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3
Fixed In:
12.0.0, 11.6.0 HF4
Opened: Mar 25, 2014 Severity: 3-Major
The UDP virtual used by PEM treats TTL differently than the standard UDP forwarding virtual. The standard UDP forwarding virtual decrements TTL whereas the PEM UDP virtual reinitializes TTL to 255. In the event that there is a routing loop in the network which traverses a BIG-IP running PEM, this behavior would prevent TTL from expiring and thus exacerbate the effects of the loop.
A PEM virtual doesn't have the flexibility to decrement the TTL value on PEM UDP listener because it is always reset to 255.
This inconsistency of TTL handling between standard LTM virtual and PEM virtual (with PEM enabled).
There is no workaround for this.
With this improvement, you will have the flexibility to define the TTL handling behavior (decrease by 1 vs. resetting to 255). This can be archived by change db variable(tmm.udp.ttl.mode) on 11.6.0 hotfix: tmsh modify sys db tmm.udp.ttl.mode value "decrement"