Bug ID 751924: TSO packet bit fails IPsec during ESP encryption

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,, 15.0.0, 15.0.1,,,,

Fixed In:

Opened: Dec 05, 2018
Severity: 2-Critical


Internal error when an unexpected packet bit for TCP segment offload manages to reach crypto code for ESP in IPsec, when this is not expected.


Traffic disrupted while tmm restarts.


Traffic passing through ESP encapsulation for an IPsec tunnel when the TSO bit (for TcpSegmentationOffload) is set on the packet involved.



Fix Information

Now we ensure the TSO bit is cleared, so it doesn't cause ESP crypto code to fail, when it cannot be handled correctly.

Behavior Change