Bug ID 629771: the TCP::unused_port does erroneous accept IPV4_COMPAT addresses

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP All(all modules)

Fixed In:
11.5.4 HF3

Opened: Nov 21, 2016

Severity: 3-Major

Symptoms

when calling TCP::unused_port command with a tcl ip addr object which represents the IPv4 address as IPv4-Compatible IPv6 address, the function searches for existing flows related to this address. IPv4-Compatible IPv6 addresses are deprecated, the flow table uses IPv4-Mapped IPv6 address

Impact

The TCP::unused_port command is unable to return an unused port

Conditions

the IP::Addr object has been crafted with the following command [IP::addr <addr> mask ::ffff:ffff]

Workaround

use the string representation by forcing the object to be a string e.g. set ipv6_addr "fe80::250:56ff:0a1e:0101" set ipv4_from_ipv6 [ string tolower [IP::addr $ipv6_addr mask ::ffff:ffff] ] set free [TCP::unused_port $ipv4_from_ipv6 [TCP::local_port] 10.30.1.64 [TCP::client_port] 48000 48255]

Fix Information

ID598860-5 fixes the IP::addr command to return IPV4 MAPPED addr

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips