Bug ID 694849: TMM crash when packet sampling is turned for DNS BDOS signatures.

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1

Fixed In:
14.0.0, 13.1.1.2

Opened: Nov 16, 2017
Severity: 2-Critical

Symptoms

TMM crashes upon traffic matching a DNS BDOS signature if packet sampling is turned on by enabling db variable (l4bdos.signature.sample.packet.frequency).

Impact

Traffic disrupted while tmm restarts.

Conditions

DB variable l4bdos.signature.sample.packet.frequency is modified to a non-zero value (to collect DNS packet info upon matching a DNS dynamic signature).

Workaround

Disable the packet sampling feature for BDOS signatures by setting the db variable l4bdos.signature.sample.packet.frequency to default value (0).

Fix Information

TMM no longer crashes when packet sampling is turned on and traffic matches DNS BDOS signature.

Behavior Change