Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF4
Opened: Sep 24, 2014 Severity: 2-Critical
In AFM DoS, the performance of ICMP Sweep Vector Mitigation brings down the performance of the BIG-IP system.
Slower performance of the BIG-IP system. A lot of CPU is used to mitigate the AFM DoS Sweep vector.
ICMP Traffic levels at 4 million pps from ~100 Src IP addresses, with the AFM DoS Sweep vector enabled to mitigate ICMP traffic.
Do not enable the AFM DoS Sweep vector for ICMP Traffic when the attack rate is over 4 Million pps.
AFM DoS ICMP sweep mitigation performance issues have been alleviated.