Bug ID 976633: DDoS Hybrid Defender resets sys.db vlangroup.forwarding.override to disabled upon visiting certain pages

Last Modified: Mar 01, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1

Fixed In:
15.1.2.1, 14.1.4

Opened: Dec 23, 2020
Severity: 3-Major

Symptoms

If the value of the bigdb variable 'vlangroup.forwarding' is set to 'enabled', the DDoS Hybrid Defender UI resets it to 'disabled' when visiting certain pages.

Impact

The value of 'vlangroup.forwarding' is reset to 'disable' (which you can check in tmsh). Misconfiguration of vlan.override might lead to loss in traffic

Conditions

-- DDoS License is used. -- 'vlangroup.forwarding' is enabled. -- Visit one of the following pages: - DoS Setup :: Silverline - DoS Setup :: Global - Network :: High Availability - System :: About

Workaround

None.

Fix Information

Remove check and reset function on DHD page initialization for the following pages: -- DoS Setup :: Silverline -- DoS Setup :: Global -- Network :: High Availability -- System :: About In the BIG-IP v14.1.0 release, the default value of 'vlangroup.forwarding.override' was 'Enabled'. With this fix, the value is no longer reset to 'Disabled'. Note that this does not impact existing v14.1.0 installations or upgrades, as they will keep the existing 'Disabled' value. In the case of a new installation or an upgrade without installing configuration, the value must be manually set to 'Disabled'.

Behavior Change