Known issues
This section lists the known issues in FortiDDoS-F 6.1.4 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
Bug ID | Description |
---|---|
731320 |
During SPP creation, it takes several seconds for the back-end databases to be configured for each SPP. If the system is interrupted by a reboot, formatlogdisk or power failure, the databases may not be completed. The symptom will be missing graphs in some or all SPPs. After upgrading, adding an SPP, or after traffic is passing through FortiDDoS, user should: 1) Check that Dashboard > SPPs graph widget is showing traffic. If so, all databases are present. If not showing traffic (and traffic is present): 2) Check Monitor > SPPs. Cycle through all SPPs looking for traffic on each one. If any are not showing traffic use CLI execute spp-rrd-reset spp <rule_name> to reset those databases. 3) If in doubt, use CLI execute rrd-reset All (note: "All"). This should have no affect on existing traffic or drop data nor logs. It is purely a graphing issue. |
714102 | After installing the VM, if traffic ports are deleted and added again, management ports are unreachable. After installing the VM, reboot the VM before changing Traffic ports (to SR-IOV, for example). |
626478 | Trusted Hosts are not checked if LDAP/RADIUS/TACACS+ external authentication is used. |
668077 | RADIUS and other external authentication 2FA is not available in 6.1.x. |
670473 |
The "TCP Session Idle Timeout" for IPv6 is fixed at 528 seconds. |
672585 | Very small, invalid DNS packets may be dropped even when no DNS Anomalies are enabled with no logging. |
676495 | The Monitor > Layer 3 > Other: Fragmented Packets graph does not show Thresholds for TCP/UDP/Other Fragments. |
677407 | After a large IP or Domain Blocklist has been successfully uploaded to FortiDDoS, there is no indication that it is present on the system (no count of entries and no ability to search for an entry). Download will download the list as a text file to confirm. |
678433, 678434 | Release 6.1.x does not support LDAPS/STARTTLS |
678445 | Purging a large number of ACLs from an SPP can take more than 30 seconds with no progress indication. |
679309 |
When configured with large numbers of ACLs and wide attacks across all ACLs, all logs may not show. |
692550 | Under heavy attack load, graphing may lag. |
680412 | The last x-axis label on the Dashboard Drops Graph is not always displayed. |
685605 | Under heavy flooding system may show DQRM memory drops when DQRM table is not full. |
688477 | Under very heavy, sustained flooding across a wide range of parameters, reporting may be delayed. |
690017 | For FDD-200F and FDD-1500F: After creating a Service Protection Profile, you may see event logs like this: SPP:sp3 RRD Mismatch, expected : 227 but got :110 These are harmless and can be ignored. |
693817 | Failed LDAP logins don't provide information on the failure. |
693789 | When FDD-VM is operating on a virtual machine and underlying hardware supporting supporting SR-IOV, it is unable to disable the data ports. |