Bug ID 910129: Hardware offload on the TCP Push Flood vector causes goodput to drop.

Last Modified: May 27, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3

Opened: May 18, 2020
Severity: 2-Critical

Symptoms

When whitelisting traffic from an external IP address that is targeting a virtual IP address on an internal VLAN, if you specify the source IP address from the external VLAN, once the traffic has been processed on the internal VLAN, the whitelist no longer applies.

Impact

Hardware offload on the TCP Push Flood vector causes goodput to drop.

Conditions

This occurs when configuring whitelists.

Workaround

To have the traffic from that external VLAN processed, all traffic on the internal VLAN must either be added as a second whitelist or the external VLAN must be wildcarded to not specify the external VLAN.

Fix Information

None

Behavior Change