Forum Discussion

Altostratus

Apr 27, 2017

IP-Source Routing Enabled - Vulnerability

Hey guys... Are we vulnerable at all to this? https://www.rapid7.com/db/vulnerabilities/generic-ip-source-routing-enabled IP Source Routing Enabled Source routing is a feature of the IP pr...

Employee

Apr 29, 2017

https://support.f5.com/csp/article/K10191

The BigIP will drop any packet that arrives with IP Options unless you have explicitly enabled them:

The IP drop counter increments when a packet contains an IP option. If the TM.AcceptIPOptions BigDB key is set to enable, the system accept IPv4 packets with IP options.

So unless you explicitly tell the BigIP otherwise it will not accept packets that use Source Routing. Fastl4 does not change this.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

IP-Source Routing Enabled - Vulnerability

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Source IP Based Pool Routing

Route Domains

Block destination IP by source IP

OpenSSH vulnerability

Solving for true-source IP with global load balancers in Google Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS