Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP PEM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.0, 11.5.1, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF5, 11.5.2
Opened: Oct 29, 2014 Severity: 3-Major Related Article:
K41581381
System might reuse TCP source ports too quickly on server side when dag hash is ip-only and sourceport mode is set to change.
Conflicting flows result in connections being reset.
This occurs when the dag-cmp hash is ip-only, and the virtual server or PEM-forwarding endpoints sourceport mode is set to change. The BIG-IP system might reuse some TCP source ports on the server side.
This issue has no workaround at this time.
In this release, reuse of TCP source ports is sequential, which eliminates the issue of TCP source ports being used too quickly on the server side.