Bug ID 607520: Send MSS on SYN,ACK when SYN does not have any options

Last Modified: May 01, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5

Fixed In:
14.0.0

Opened: Jul 28, 2016
Severity: 4-Minor

Symptoms

When the SYN does not have any options set, TCP does not set any options on the SYN-ACK.

Impact

No options are set on SYN-ACK.

Conditions

TCP receives SYN without options.

Workaround

None.

Fix Information

You can now use a newly introduced sysdb variable TM.TcpSendSynAckMSSAlways to enable or disable this feature. If SYSdb TM.TcpSendSynAckMSSAlways is enabled and profile MSS is not equal to default MSS, TCP always sets the MSS option to the Profile MSS value on SYN-ACK.

Behavior Change

In earlier versions, if SYN did not have any options set, the system did not set any options on the SYN-ACK. There is now a new sysdb variable TM.TcpSendSynAckMSSAlways, which you can use to enable or disable this feature. If SYSdb TM.TcpSendSynAckMSSAlways is enabled and profile MSS is not equal to default MSS, TCP always sets the MSS option to the Profile MSS value on SYN-ACK.