Bug ID 703908: maxSegmentSize of 0 in TCP profile is not accepted

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IQ ADC(all modules)

Known Affected Versions:
5.4.0, 5.4.0 HF1

Fixed In:
5.4.0 HF2

Opened: Jan 26, 2018
Severity: 2-Critical

Symptoms

If the max segment size (MSS) value configured for the TCP profile on a BIG-IP system is set to 0, BIG-IQ will fail to import it. [ERROR][23 Jan 2018 13:41:15 CST][/cm/adc-core/working-config/ltm/profile/tcp AdcProfileTcpWorkingConfigCollectionWorker] Validation failure: java.lang.IllegalArgumentException: maxSegmentSize 0 must be between 536 and 1460

Impact

BIG-IQ cannot manage LTM (or other services).

Conditions

TCP Profile max segment size is 0.

Workaround

Per the LTM manual: Max Segment Size (MSS) specifies the largest amount of data that the system can receive in a single TCP segment, not including the TCP and IP headers. If the value is 0 (zero), the system calculates the value from the MTU. The default value is 1460 bytes. The default MTU is 1500 and the header is 40 bytes. That is why the max segment size is 1460 (1500-50). As a workaround you should be able to set the max segment size to (MTU-40). Unfortunately, this will work only if your MSS is within the current validated range on BIG-IQ.

Fix Information

The BIG-IQ now has the correct validation for TCP profile maxSegmentSize property.

Behavior Change