Bug ID 702917: Fragmented icmpv6 packets are not displayed when using tcpdump with icmp6 filter

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,

Fixed In:

Opened: Jan 20, 2018

Severity: 3-Major


When using tcpdump to display packets, and when the the icmp6 filter is used as an option to the tcpdump program, as below for example: tcpdump -nni 0.0 icmp6 -s0 tcpdump fails to display icmpv6 packets if they are fragmented. Non fragmented packets are displayed correctly. Using a different filter like: tcpdump -nni 0.0 host <ipv6> -s0 displays the fragmented icmpv6 packets correctly.


Fragmented icmpv6 packets cannot be captured or displayed in tcpdump using the icmp6 filter


1) icmpv6 packets need to be fragments ( likely because they exceeded MTU somewhere). 2) tcpdump has to be run with icmp6 specified as the filter


Don't use the icmp6 filter of tcpdump when you know that the packets could be fragmented. Use a host filter, or no filter ( if traffic is not too large)

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips