Bug ID 993269: DoS timestamp cookies are incompatible with FastL4 TCP timestamp rewrite option

Last Modified: Feb 15, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 16.0.0, 16.0.0.1, 16.0.1

Opened: Feb 11, 2021
Severity: 3-Major

Symptoms

Using DoS timestamp cookies together with a FastL4 profile with the timestamp rewrite option enabled might lead to traffic failures. DoS timestamp cookies might also lead to problems with traffic generated by the Linux host.

Impact

Traffic is dropped due to incorrect timestamps.

Conditions

- DoS timestamp cookies are enabled. - FastL4 profile with the timestamp rewrite option enabled.

Workaround

Disable timestamp cookies on the affected VLAN.

Fix Information

None

Behavior Change