This issue has been resolved in these releases. However, end users are encouraged to upgrade as soon as possible. F5 does not recommend enabling ePVA acceleration for virtual servers with FastL4 profiles.

When enabling ePVA acceleration on virtual servers with FastL4 profiles, end users are at risk of leaving unencrypted traffic unmonitored by the security appliance. Furthermore, enabling ePVA on virtual servers with FastL4 profiles can lead to the termination of the TMM process. This issue has been resolved in these releases. However, end users are encouraged to upgrade as soon as possible. F5 does not recommend enabling ePVA acceleration for virtual servers with FastL4 profiles. When enabling ePVA acceleration on virtual servers with FastL4 profiles, end users are at risk of leaving unencrypted traffic unmonitored by the security appliance. Furthermore, enabling ePVA on virtual servers with FastL4 profiles can lead to the termination of the TMM process. resolved In BIG-IP 11.x, 10.x, 9.x, and 5.x releases, when enabling ePVA acceleration on virtual servers with FastL4 profiles, end users are at risk of leaving unencrypted traffic unmonitored by the security appliance. This issue has been resolved in BIG-IP 11.x, 10.x, 9.x, and 5.x releases only.

What is ePVA? ePVA is an enhancement of the feature that allows virtual servers with FastL4 profiles to use hardware acceleration. This can be useful for specific workloads, but it also has drawbacks. With ePVA, the server's CPU is used for encryption and decryption, which reduces available CPU time for virtual machines. ePVA is disabled by default in BIG-IP 11.x, 10.x, 9.x, and 5.x releases because of these drawbacks and a potential impact on security appliance performance when compared to using hardware acceleration alone.

BIG-IP 11.x, 10.x, 9.x, and 5.x releases

BIG-IP 11.x, 10.x, 9.x, and 5.x releases
BIG-IP 11.5, 10.2, 9.7, and 5.6 releases

Timeline

Published on: 05/05/2022 17:15:00 UTC
Last modified on: 05/12/2022 15:38:00 UTC

References