Bug ID 477232: CGNAT translations have a higher chance of port reuse when address persistence is enabled

Last Modified: Oct 17, 2023

Affected Product(s):
BIG-IP CGN(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.0.0, 11.5.2, 11.4.1 HF6

Opened: Aug 28, 2014

Severity: 2-Critical

Related Article: K16243

Symptoms

When using a LSN pool with persistence mode address, in addition to reusing the same translation address for subsequent connections, the translation port also persists and is reused.

Impact

Poor utilization of available translation ports and very high levels of port reuse. In the case of TCP connections this port reuse can cause servers to reject connections because a previous connection is in the TIME_WAIT state.

Conditions

LSN pool with persistence mode address.

Workaround

None.

Fix Information

An issue with excessive port reuse in CGNAT translations when using persistence mode address has been fixed.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips