Bug ID 771173: FastL4 profile syn-cookie-enable attribute is not being rolled forward correctly.

Last Modified: Oct 24, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP Install/Upgrade(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 15.0.0, 15.0.1

Fixed In:
13.1.3

Opened: Apr 10, 2019
Severity: 3-Major

Symptoms

The system does not roll forward the FastL4 profile syn-cookie-enable attribute after upgrading from 12.x to 13.x and beyond.

Impact

If syn cookies are explicitly disabled on a FastL4 profile prior to upgrading, they may be enabled.

Conditions

This happens when upgrading from 12.x to 13.x and beyond.

Workaround

You can fix the configuration by modifying it manually after upgrading. In tmsh: tmsh modify ltm profile fastl4 <profile_name> syn-cookie-enable <enabled|disabled>

Fix Information

None

Behavior Change