Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP TMOS
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5
Fixed In:
15.1.0, 14.1.4.6
Opened: Sep 13, 2019
Severity: 3-Major
Some NICs, e.g., on BIG-IP 2000/4000 platforms, perform checksum offloading for UDP, and erroneously mark a 0 (zero) checksum as a checksum failure, even though the UDP header includes an optional, 16-bit one's complement checksum that provides an integrity check. If the computed checksum is 0, it is transmitted as all ones. In this case the NIC should accept the checksum, but it does not.
VXLAN tunnel fails.
NIC offload checksum of 0.
None.
The VXLAN tunnel now ignores invalid checksums if the checksum is 0.
