Bug ID 694707: Hardware Crypto Offload is not compatible with QUIC

Last Modified: Aug 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 15.0.0, 15.0.1

Opened: Nov 15, 2017
Severity: 3-Major

Symptoms

On platforms with Hardware Crypto offload, QUIC encryption and decryption fails.

Impact

QUIC communication is impossible

Conditions

Platforms with hardware crypto offload. Note: Platforms that do not have this capability (e.g., BIG-IP Virtual Edition (VE)) are unaffected.

Workaround

Disable Hardware crypto offload with: tmsh modify sys db crypto.hwacceleration value disable Note: This may result in performance degradation for other virtual servers that use encryption.

Fix Information

None

Behavior Change