Bug ID 510883: Change in default DoS attack detection threshold can degrade L4 performance

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Fixed In:
12.0.0

Opened: Mar 06, 2015
Severity: 3-Major

Symptoms

Lower throughput at very high levels of SYN flood. A more obvious symptom is an "Attack Detected" log message.

Impact

CPS degrades 5-13%, depending on platform.

Conditions

This degradation occurs only under high rate of new TCP connection creation, typically when CPU usage is greater than 60%.

Workaround

Change device DoS detection threshold from default to infinite.

Fix Information

Change in default DoS attack detection threshold can degrade L4 performance

Behavior Change