Last Modified: Dec 07, 2023
Affected Product(s):
F5OS Velos
Known Affected Versions:
F5OS-C 1.1.0, F5OS-C 1.1.1, F5OS-C 1.1.2, F5OS-C 1.1.3, F5OS-C 1.1.4
Opened: Jan 16, 2021 Severity: 3-Major
Tcpdump may show the packets in an out-of-order fashion if it is run from a partition that spans multiple blades. The order refers to the timeline of these packets appearing on the network links outside the system, e.g., a TCP SYN may come from the client to the system, and the system may have responded with a SYN-ACK to the outside client. The capture may show the SYN-ACK packet first and then the SYN. Other than inferring from knowledge of the protocol what these packets represent, there is no real way to mitigate in the multiple-port aggregation scenario. Note: A tcpdump run from inside a BIG-IP tenant shows the correct order.
Tcpdump captures show the order of the packets differently from when they really happened, leading to possible misinterpretation of events.
-- This may be encountered where there is an LACP-aggregated link that spans two ports on two different blades. -- It has also been seen less frequently as out-of-order between ingress (outside-to-host) and egress (host-to-outside) packets.
None
None