Bug ID 552566: AFM DoS Profile Sweep vector configured thresholds are per blade instead of being per device

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0, 12.0.0 HF3

Opened: Oct 14, 2015

Severity: 3-Major


All the AFM DoS Profile vector configurations are meant to be per device. The issue is that the configured thresholds are instead used as though they apply to each blade separately - hence in a multi-blade system the virtual DoS thresholds will be much larger than configured.


DoS protection could kick in much later than actually configured by the user.


A multi-blade system with AFM and DoS profile configured on a virtual with the Sweep Vector enabled.


Take the thresholds that you want to configure for the vector and divide it by the number of blades in the system, and configure those thresholds instead.

Fix Information

Fix the bug which considered those numbers to be per blade.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips