Last Modified: Apr 10, 2019
See more info
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 12.1.4, 126.96.36.199
Opened: Oct 24, 2017
If a virtual server using FastL4 is configured with software SYN cookies disabled and global hardware SYN cookies disabled using the pvasyncookies.enabled DB setting, then software SYN cookies may still be sent if a SYN flood occurs on the VIP. This can be observed by seeing that the virtual server went into syncookie mode in the LTM logfile.
The VIP enters SYN cookie mode.
If the FastL4 profile has software-syn-cookie disabled, hardware-syn-cookie enabled, and the pvasyncookies.enabled db setting is set to false.
Both hardware-syn-cookie and software-syn-cookie should be disabled in the FastL4 profile.