Bug ID 572234: When using a pool route, it is possible for TCP connections to emit packets onto the network that have a source MAC address of 00:98:76:54:32:10.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 13.0.0

Fixed In:
13.1.0, 13.0.0 HF1, 12.1.3.7, 11.6.3.3, 11.5.6

Opened: Feb 05, 2016

Severity: 3-Major

Symptoms

When using a pool route, it is possible for TCP connections to emit packets onto the network that have a source MAC address of 00:98:76:54:32:10. This is the MAC address of Linux's tmm0 or tmm interface.

Impact

The traffic is sourced from invalid ethernet MAC 00:98:76:54:32:10. The iQuery connection cannot continue.

Conditions

The traffic destination is the BIG-IP Linux host, e.g. big3d iQuery server. The traffic is proxied via fastL4, e.g. ConfigSync "Local Address" is set to None. The return route is a pool route. The traffic is interrupted, e.g. a router between the iQuery server and the client is switched off for several seconds.

Workaround

Increase the lasthop module's TCP idle timeout. echo 121 > /proc/sys/net/lasthop/idle_timeout/tcp

Fix Information

TCP connections no longer emit packets that have a source MAC address of 00:98:76:54:32:10.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips