Bug ID 546940: Per VLAN/tmm based hardware SYN-cookie enhancement is a hardware-only feature

Last Modified: Apr 19, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
13.0.0

Opened: Sep 18, 2015
Severity: 3-Major

Symptoms

The new feature of Per VLAN/TMM based HW SYN-Cookie enhancement to protect BIG-IP device and network is a hardware-only feature. It can only be turned on with hardware platforms that are installed with the supported FPGA firmware bitstreams, namely, BIG-IP 2000/4000/5000 family (v1.11.20.0+), VIPRION B2250 (v2.5.5.0+), and VIPRION B4450 (all), and BIG-IP i5000/i7000/i10000 family (all). For the hardware platforms without the firmware support, there will be no fall-back mechanism to turn on the feature in software only.

Impact

The feature is unavailable on platforms with no firmware support.

Conditions

Configure the per VLAN/tmm hardware SYN-cookie feature

Workaround

None

Fix Information

None

Behavior Change