Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Fixed In:
14.0.0
Opened: Jul 28, 2016 Severity: 4-Minor
When the SYN does not have any options set, TCP does not set any options on the SYN-ACK.
No options are set on SYN-ACK.
TCP receives SYN without options.
None.
You can now use a newly introduced sysdb variable tm.tcpsendsynackmssalways to enable or disable this feature. If sysdb variable tm.tcpsendsynackmssalways is enabled and profile MSS is not equal to default MSS, TCP always sets the MSS option to the Profile MSS value on SYN-ACK.
In earlier versions, if SYN did not have any options set, the system did not set any options on the SYN-ACK. There is now a new sysdb variable tm.tcpsendsynackmssalways, which you can use to enable or disable this feature. If sysdb variable tm.tcpsendsynackmssalways is enabled and profile MSS is not equal to default MSS, TCP always sets the MSS option to the Profile MSS value on SYN-ACK.