Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP All
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Opened: Oct 25, 2018 Severity: 4-Minor
Attempts to send fragmented packets destined for SSH or the webui of BIG-IP VE running with 1 NIC will fail. This is a rare situation generally, but one noted area where we have seen it is when BIG-IQ attempts to discover the BIG-IP.
The IP fragments will not be properly reassembled and the connection will ultimately fail. This is only an issue for IP fragmented traffic sent with 1nic destined for SSH or the webui.
BIG-IP VE configured with 1 network interface. Send IP fragmented traffic to either SSH or the web interface (TCP/8443 for 1nic).
Prevent IP fragmentation, or configure multiple network interfaces.
None