Bug ID 738945: SSL persistence does not work when there are multiple handshakes present in a single record

Last Modified: Jun 20, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.0, 14.0.0, 13.1.1.2, 13.1.1.1, 13.1.1, 13.1.0.8, 12.1.3.7

Fixed In:
15.0.0, 14.1.0.2, 13.1.1.4, 12.1.4.1

Opened: Aug 01, 2018
Severity: 2-Critical

Symptoms

SSL persistence hangs while parsing SSL records comprising multiple handshake messages.

Impact

SSL persistence parser fails to parse such messages correctly. The start of the record may be forwarded on to server but then connection will stall and eventually idle timeout.

Conditions

This issue intermittently happens when an incoming SSL record contains multiple handshake messages.

Workaround

There is no workaround other than using a different persistence, or disabling SSL persistence altogether. After changing or disabling persistence, the transaction succeeds and no longer hangs.

Fix Information

None

Behavior Change