For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

IainThomson85_1's avatar
IainThomson85_1
Icon for Cumulonimbus rankCumulonimbus
Nov 09, 2015

CVE-2015-5477 - Fallback Load Balancing Method

Hi All,

 

In the instance of WIP's on a GTM, with the GTM pools set the fall back method of "Return to DNS". As a specific patch hasn't been release to fully mitigate the vulnerablity - The fallback method has to be set to something other than return to DNS.

 

If the fallback method was set to Round Robin, and both VS's availaiblity were down (Oh no - if this was happening we'd have bigger problems)

 

Would the GTM return VS's addresses?

 

I can't seem to find a definitive answer.

 

Articles https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16909.html https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm-concepts-11-3-0/1.html https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm_config_guide_10_1/gtm_loadbal.html

 

BIG-IP DNS
fallback-ip wip gtm pool
management
No RepliesBe the first to reply