Bug ID 483021: EDNS0 client subnet option treated as malformed

Last Modified: Nov 22, 2021

Affected Product(s):
BIG-IP GTM, Link Controller(all modules)

Known Affected Versions:
10.2.2, 10.2.4

Fixed In:
10.2.4 HF12

Opened: Oct 06, 2014

Severity: 3-Major

Related Article: K17328


A query with EDNS0 client subnet option is treated as malformed by Global Traffic Manager (GTM) and Link Controller which causes query to fall back to BIND. On Link Controller this results in REFUSED response. On GTM with records in Bind this results in a sub-optimal non-GSLB answer. On GTM without records, this results in an NXDOMAIN, also bad.


Queries fail to return satisfactory response. These should just be Google probes, but failing queries from customer traffic could also be sent with client-subnet option.


Authoritative nameservers receiving queries from LDNS which is client-subnet option capable, for example, Google DNS. GTM configured to LB wideips; potentially LC. Potentially with or without Bind backup for wideip names.


iRule which removes EDNS0 options from a query. Note this only works with LTM licensed BIG-IP systems; this will not work with an LC license.

Fix Information

Any EDNS0 options are ignored by GTM and not considered malformed.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips