Bug ID 605270: On some platforms the SYN-Cookie status report is not accurate

Last Modified: Oct 07, 2023

Affected Product(s):
BIG-IP vCMP(all modules)

Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3,,,,,

Fixed In:
13.1.0, 13.0.0,, 11.5.7

Opened: Jul 15, 2016

Severity: 3-Major


On a vCMP guest, after a ePVA-enabled virtual server enters SYN Cookie mode, the FPGA will never leave SYN Cookie mode even though BIG-IP has returned to normal mode.


Since this occurs very intermittently, the entire impact is not known. Initially this is an incorrect SYN Cookie status reporting issue for LTM Virtual statistics, but it is possible that if SYN Cookie mode is triggered again, hardware SYN might not be enabled properly.


This occurs intermittently on virtual servers with ePVA enabled on a vCMP instance where SYN Protection is triggered.


Upgrade with new fixes for this.

Fix Information

BIG-IP FPGAs now correctly report hardware SYN Cookie mode.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips