Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

rbunix's avatar
rbunix
Icon for Nimbostratus rankNimbostratus
Apr 04, 2023

F5 11.6.5.3 returns uncompressed HTTP response

Our backend servers run Apache and the gzip/deflate is done on this servers, after this we have a Varnish system that queries the apache servers and store the compressed javascript in cache. If we qu...
devops
rbunix's avatar
rbunix
Icon for Nimbostratus rankNimbostratus
Apr 04, 2023

Hello Paulius! Thanks for sharing that link, I actually saw that link earlier and tried to debug from there but I don't have nothing configured in the VIP so guess it must be something different.

 

Thanks anyway!

Paulius's avatar
Paulius
Icon for MVP rankMVP
Apr 04, 2023

rbunix You might consider performing the same troubleshooting that they did in the referenced article to see if something similar is happening. It could be that the F5 isn't agreeing to the compression and that is why it isn't passing to the user compressed. If you are not able to figure this one out you could open an F5 case to see if they can assist. I would imagine that in addition to the QKVIEW they will want captures of the communication both from the client to the VS and from the F5 to the pool member. You should be able to get this all in one tcpdump by doing the following because it will follow the connection through the SNAT that occurs and it will add additional fields that show what the F5 is doing with the connection as it passes through it. You could also add on "-w <directory_path_with_filename>" to the end and save the capture so you can provide it to F5.

tcpdump -nni 0.0:nnp host <client_IP>