no random-sequence-number

Question

Hi,&nbsp;
Can we configure on F5 anything like "no random-sequence-number"? This is used in ACE load balancers.&nbsp;
The purpose for random-sequence-number is explained below.&nbsp;
Randomizing TCP sequence numbers adds a measure of security to TCP connections by making it more difficult for a hacker to guess or predict the next sequence number in a TCP connection. This feature is enabled by default. To enable TCP sequence number randomization after it has been disabled, use the random-sequence-number command in parameter map connection configuration mode.&nbsp;
Is there any option on F5 to implement such thing?&nbsp;

lpl · Answer

Hi,&nbsp;
This is disabled by default on BIG-IP when using a Virtual Server with a fastL4 profile. 
You can enable it by creating a custom fastL4 profile and select: "Generate Initial Sequence Number".
This feature refers to RFC1948&nbsp;
Kind regards&nbsp;

Forum Discussion

no random-sequence-number

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Failing over Virtual F5 VE to DR location using Zerto

Unblock Request WAF

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Related Content

TCP Internals: 3-way Handshake and Sequence Numbers Explained

TCP 3-WAY Handshake vs TCP Half-Open

ratio load balancing using rand function

Implementing The Exponential Backoff Algorithm To Thwart Dictionary Attacks

Overview of MITRE ATT&CK Tactic - TA0011 Command and Control

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS