Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IQ ADC
Fixed In:
5.4.0 HF2
Opened: Jan 26, 2018 Severity: 2-Critical
If the max segment size (MSS) value configured for the TCP profile on a BIG-IP system is set to 0, BIG-IQ will fail to import it. [ERROR][23 Jan 2018 13:41:15 CST][/cm/adc-core/working-config/ltm/profile/tcp AdcProfileTcpWorkingConfigCollectionWorker] Validation failure: java.lang.IllegalArgumentException: maxSegmentSize 0 must be between 536 and 1460
BIG-IQ cannot manage LTM (or other services).
TCP Profile max segment size is 0.
Per the LTM manual: Max Segment Size (MSS) specifies the largest amount of data that the system can receive in a single TCP segment, not including the TCP and IP headers. If the value is 0 (zero), the system calculates the value from the MTU. The default value is 1460 bytes. The default MTU is 1500 and the header is 40 bytes. That is why the max segment size is 1460 (1500-50). As a workaround you should be able to set the max segment size to (MTU-40). Unfortunately, this will work only if your MSS is within the current validated range on BIG-IQ.
The BIG-IQ now has the correct validation for TCP profile maxSegmentSize property.