Bug ID 610862: The BIG-IP system repeatedly retransmits TCP segments when tm.enforcepathmtu is disabled and IPv4 ICMP Fragmentation Needed messages are received.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
13.0.0

Opened: Aug 15, 2016

Severity: 2-Critical

Related Article: K13886979

Symptoms

The BIG-IP system repeatedly retransmits TCP segments when tm.enforcepathmtu is disabled and IPv4 ICMP Fragmentation Needed messages are received. As a result of this issue, you may encounter one or more of the following symptoms: - When the BIG-IP system receives an IPv4 ICMP Fragmentation Needed message and has tm.enforcepathmtu disabled, the system does not update the path MTU (PMTU) for the connection. However, the TCP profile retransmits unacknowledged data at the existing PMTU size, generally resulting in further ICMP Fragmentation Needed messages and subsequent retransmissions.

Impact

The system retransmits the TCP segment each time an ICMP Fragmentation Needed message is received.

Conditions

This issue occurs when all of the following conditions are met: - The system receives an ICMP Fragmentation Needed message. - The BIG-IP database variable tm.enforcepathmtu is disabled.

Workaround

To work around this issue, you can disable tm.pathmtudiscovery. To do so, perform the following procedure. Impact of workaround: Performing the following procedure should not have a negative impact on your system. Note: disabling tm.pathmtudiscovery causes BIG-IP to transmit IP messages with Don't Fragment unset Disabling tm.pathmtudiscovery 1. Log in to the command line. 2. Disable tm.pathmtudiscovery using the following syntax: tmsh modify sys db tm.pathmtudiscovery value disable

Fix Information

TCP no longer retransmits when receiving IPv4 ICMP fragmentation needed messages, thus eliminating the unnecessary retransmissions.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips