Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
14.1.0, 14.0.0, 13.1.1, 13.1.0, 13.0.1, 13.0.0, 12.1.4, 12.1.3, 11.6.3, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5
Fixed In:
15.0.0, 14.1.0.6, 14.0.0.5, 13.1.1.5, 12.1.4.1, 11.6.5.1
Opened: Aug 29, 2018 Severity: 3-Major
There is a hard-coded limit on the number of SYNs forwarded on a FastL4 connection. This might cause a problem when a connection is reused, for example, if a connection is not correctly closed.
If the number of SYNs on a single connection reaches this limit, subsequent incoming SYNs are dropped and the connection might not time out.
-- SYN forwarding on FastL4 connections. -- The number of SYNs on a single connection reaches the hard-coded limit.
There is no workaround.
The following command enables the forwarding of an an unlimited number of SYNs: tmsh modify sys db tm.dupsynenforce value disable