Bug ID 478470: AFM Online Help updated: DoS Detection Threshold Percentage

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4

Fixed In:
11.5.3

Opened: Sep 09, 2014
Severity: 4-Minor

Symptoms

AFM Online Help was not updated after 11.4.0 to reflect a change in behavior. Prior to 11.4.0 the DoS Detection Threshold Percentage function would drop packets if an attack was detected. This was regarded as unintuitive when there was a separate rate-limit configuration element that customers could use to drop traffic when an attack was detected.

Impact

Inaccurate description of feature behavior.

Conditions

Anyone referring to OLH for a DoS vector Threshold Percentage Increase.

Workaround

Disregard erroneous information in OLH.

Fix Information

AFM Online Help has been updated to reflect a change in behavior in the DoS Detection Threshold Percentage. After 11.4.0 the DoS Detection Threshold Percentage function no longer drops packets if an attack was detected. OLH now reflects this.

Behavior Change