Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5
Fixed In:
12.0.0, 11.6.0 HF6, 11.5.3
Opened: Jan 30, 2015
Severity: 3-Major
When DNS cache resolver is resolving a DNS query, it might send queries to the backend name server iteratively. If the name server is responding slowly and the cache resolver is sending queries to name servers at a high rate, the CPU usage of the BIG-IP system might be vary high.
The CPU usage might be extremely high. Site might be unstable.
(1) Configure the cache resolver to have a large value (, for example, 40 KB) for both max-concurrent-queries and max-concurrent-udp. (2) The cache resolver sends queries to the name servers at a high rate. (3) The backend name server is responding slowly to the cache resolver.
Configure the cache resolver to have a default value for both max-concurrent-queries and max-concurrent-udp.
The CPU usage does not increase unexpectedly when the cache resolver sends a large number of DNS queries to slow backend name servers.
