Bug ID 910325: DDoS Vector - TCP BAD ACK is not hardware-accelerated

Last Modified: Jul 21, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1

Opened: May 19, 2020
Severity: 2-Critical

Symptoms

There is no FPGA support for vector number 105 (FPGA vector number). This is an L4 DDoS vector that rate limits the number of incorrect TCP ACK Cookies. The vector is commonly referred to as ACK_Cookie_Bad.

Impact

This vector is not hardware accelerated. The DDoS mitigation can rely only on software support for this DDoS vector.

Conditions

This is encountered when a TCP BADACK DDoS vector is detected.

Workaround

None.

Fix Information

None

Behavior Change