Bug ID 788693: Rechunk setting in HTTP profile may reject processing of compressed payload

Last Modified: May 29, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1

Opened: May 31, 2019
Severity: 3-Major

Symptoms

When the HTTP profile is configured with the Rechunk setting, and the payload is compressed, the HTTP compression profile may refuse to decompress the content if, during decompression, the uncompressed payload size would exceed the defined threshold.

Impact

A connection is reset due to an error, and a response is not served.

Conditions

-- A virtual server is configured with an HTTP profile, specifying the recheck setting for response-chunking. -- Profile http-compression is also attached to the virtual server. -- A server provides a compressed response with a 'Transfer-Encoding: gzip' header. -- The compressed ratio of the uncompressed-to-compressed payload size exceeds the predefined threshold.

Workaround

Adjust threshold and maximum allowed size in MBytes to allow a rejected response to pass the BIG-IP system using DB variables: compression.zlibinflateratio.threshold compression.zlibbombsensitivity.sizemb

Fix Information

None

Behavior Change