Bug ID 629771: the TCP::unused_port does erroneous accept IPV4_COMPAT addresses

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2

Fixed In:
11.5.4 HF3

Opened: Nov 21, 2016

Severity: 3-Major

Symptoms

when calling TCP::unused_port command with a tcl ip addr object which represents the IPv4 address as IPv4-Compatible IPv6 address, the function searches for existing flows related to this address. IPv4-Compatible IPv6 addresses are deprecated, the flow table uses IPv4-Mapped IPv6 address

Impact

The TCP::unused_port command is unable to return an unused port

Conditions

the IP::Addr object has been crafted with the following command [IP::addr <addr> mask ::ffff:ffff]

Workaround

use the string representation by forcing the object to be a string e.g. set ipv6_addr "fe80::250:56ff:0a1e:0101" set ipv4_from_ipv6 [ string tolower [IP::addr $ipv6_addr mask ::ffff:ffff] ] set free [TCP::unused_port $ipv4_from_ipv6 [TCP::local_port] 10.30.1.64 [TCP::client_port] 48000 48255]

Fix Information

ID598860-5 fixes the IP::addr command to return IPV4 MAPPED addr

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips