Bug ID 671935: Possible uneven ephemeral port reuse.

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
13.1.0, 12.1.3

Opened: Jun 30, 2017

Severity: 3-Major

Related Article: K64461712


When selecting server-side source ports, the BIG-IP system favors ephemeral ports in the upper range.


If connections on the servers are in the TIME_WAIT state and connection recycling is not configured, the servers may reset those connections that reused a source port too quickly.


In many cases, the BIG-IP system needs to select a source port for the server-side flow different than the source port selected by the client. This is always the case when the virtual server's 'source-port' option is set to 'change'.


Modify the virtual server's 'source-port' option to 'preserve'. This will reduce the need to find suitable source ports for the server-side by the BIG-IP system.

Fix Information

When searching for an available source port, and wrapping into the privileged port range (<1024), the BIG-IP system now performs a small jump out of that range, thus not going into the upper range unnecessarily.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips