Bug ID 745923: Connection flow collision can cause packets to be sent with source and/or destination port 0

Last Modified: Jun 01, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,,, 13.1.3,,,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,,, 14.1.2,,,,, 15.0.0, 15.0.1,,,

Fixed In:

Opened: Oct 04, 2018
Severity: 3-Major


Symptoms vary based on traffic impacted: Virtual server may reset a connection with the source and/or destination port set to 0 when the client sends an ACK after a 4-way close UDP traffic to virtual server with UDP profile immediate timeout configured or datagram load-balancing can collide with existing connections and be incorrectly sent with source and/or destination port 0.


Virtual server performs an incorrect reset with source or destination port 0, or UDP proxy traffic is sent incorrectly with source and/or destination port 0.


-- Conditions to trigger this issue with TCP traffic: - 3-way handshake initiated by client to virtual server. - Client actively closing the connection - 4-way close. - Client continues to send ACK after 4-way close. -- Conditions to trigger this issue with UDP traffic: - UDP profile has timeout immediate configured or datagram load-balancing. - UDP packet arrives that matches an expiring but still-present connection. -- Provisioned for AFM.



Fix Information

Connection flow collision no longer causes packets to be sent from source port 0.

Behavior Change