Operational Defect Database
BugZero found this defect 67 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Fortinet | 937879
FortiGate 7000F chassis with FIM-7941Fs cannot load balance fragmented IPv6 TCP and UDP traffic. Instead, fragmented IPv6 TCP and UDP traffic received by the FIM-7941F interfaces is sent directly to the primary FPM, bypassing the NP7 load balancers. IPv6 ICMP fragmented traffic load balancing works as expected. Load balancing fragmented IPv6 TCP and UDP traffic works as expected in FortiGate 7000F chassis with FIM-7921Fs.
Last update date:
5/11/2023
Affected products:
FortiFirewall FFW-3980E
FortiFirewall FFW-VM64
FortiFirewall FFW-VM64-KVM
FortiGate FG-1000D
FortiGate FG-1000F
FortiGate FG-1001F
FortiGate FG-100E
FortiGate FG-100EF
FortiGate FG-100F
FortiGate FG-101E
FortiGate FG-101F
FortiGate FG-1100E
Affected releases:
7.2.5
7.2.6
7.2.7
7.4.0
7.4.1
Fixed releases:
7.2.8
7.4.2
Description:
FortiGate 7000F chassis with FIM-7941Fs cannot load balance fragmented IPv6 TCP and UDP traffic. Instead, fragmented IPv6 TCP and UDP traffic received by the FIM-7941F interfaces is sent directly to the primary FPM, bypassing the NP7 load balancers. IPv6 ICMP fragmented traffic load balancing works as expected. Load balancing fragmented IPv6 TCP and UDP traffic works as expected in FortiGate 7000F chassis with FIM-7921Fs. FortiGate-7000F chassis with FIM-7941Fs cannot load balance fragmented IPv6 TCP and UDP traffic. Instead, fragmented IPv6 TCP and UDP traffic received by the FIM-7941F interfaces is sent directly to the primary FPM, bypassing the NP7 load balancers. IPv6 ICMP fragmented traffic load balancing works as expected. Load balancing fragmented IPv6 TCP and UDP traffic works as expected in FortiGate-7000F chassis with FIM-7921Fs.
