Bug ID 771173: FastL4 profile syn-cookie-enable attribute is not being rolled forward correctly.

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP Install/Upgrade(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,,,,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,, 15.0.0, 15.0.1,,

Fixed In:
15.1.0,,, 13.1.3

Opened: Apr 10, 2019

Severity: 3-Major


The system does not roll forward the FastL4 profile syn-cookie-enable attribute after upgrading from 12.x to 13.x and beyond.


If syn cookies are explicitly disabled on a FastL4 profile prior to upgrading, they may be enabled. FastL4 profiles with default values for "hardware-syn-cookie" (enabled) and "software-syn-cookie" (disabled) prior to upgrading will have "syn-cookie-enable" set to "disabled" on first boot after upgrading.


This happens when upgrading from 12.x to 13.x and beyond.


You can fix the configuration by modifying it manually after upgrading. In tmsh: tmsh modify ltm profile fastl4 <profile_name> syn-cookie-enable <enabled|disabled>

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips