Bug ID 471292: Deterministic NAT: incorrect mapping on platforms with PDE trunk size greater than 1

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP CGN(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9

Fixed In:
11.6.0, 11.5.2

Opened: Jul 10, 2014
Severity: 2-Critical

Symptoms

The deterministic NAT (DNAT) utility (dnatutil) might report incorrect reverse mappings for platforms with PDE trunk size greater than 1, due to PDE trunk size value incorrectly logged in the DNAT state information.

Impact

Reverse map could provide incorrect results.

Conditions

Using LSN pool with DNAT mode, and using dnatutil for reverse mapping.

Workaround

Use the --flags attribute to manually provide the daglib flag attribute, which can include the PDE trunk size value.

Fix Information

DNAT state information with PDE trunk size is correctly logged, dnatutil can correctly reverse map using the logged DNAT state for reverse map.

Behavior Change