Bug ID 744275: BIG-IP system sends Product-Name AVP in CER with Mandatory bit set

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1

Fixed In:
15.0.0, 14.1.0.2, 13.1.3.4

Opened: Sep 17, 2018
Severity: 3-Major

Symptoms

The BIG-IP system always sets the Mandatory bit flag for Product-Name AVPs in DIAMETER Capabilities Exchange Request messages.

Impact

If the DIAMETER peer is intolerant of this Mandatory bit being set, it will reset the DIAMETER connection.

Conditions

Using DIAMETER to send a Capabilities Exchange Request message with the Product-Name AVP.

Workaround

Configure an iRule in the MRF transport-config, for example: ltm rule workaround { when DIAMETER_EGRESS { if {[serverside] && [DIAMETER::command] == "257" } { DIAMETER::avp flags set 269 0 } } }

Fix Information

This release always clears the Mandatory bit for Product-Name AVPs in DIAMETER Capabilities Exchange Request messages.

Behavior Change