Bug ID 808893: DNS DoS profile vectors do not function correctly

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP AFM, Install/Upgrade(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0, 14.1.4.6

Opened: Jul 24, 2019
Severity: 3-Major

Symptoms

Clients report that DNS TXT queries are not working. In /var/log/ltm, you see the following error: DOS attack start was detected for vector TXT query DOS.

Impact

DNS DoS detection and mitigation is not functioning correctly.

Conditions

This can occur when DNS profile DoS vectors are enabled. It can be encountered after upgrading.

Workaround

None.

Fix Information

DNS DoS profile vectors are now detected correctly.

Behavior Change