Bug ID 602329: syncookie header of HA channel mirror packets is not cleared

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,

Opened: Jun 30, 2016

Severity: 3-Major


You notice that L7 connections on the standby unit are increasing and may not be cleared until the tcp timeout.


Connections increase unnecessarily on the standby unit.


This can occur when using mirroring when syn cookies are enabled. It is more severe with hardware syn cookies but still occurs with software syn cookies.


Although it does not completely clear the condition, you can disable hardware syncookies to work around this problem. In tmsh: modify /ltm profile tcp <profile_name> hardware-syn-cookie disable

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips