Forum Discussion
T5C
Altocumulus
AltocumulusBIGIP resets connecion
Hello Team How to check what's the reason for resetting connection from F5 in this situation: F5 receives from server 'application/octet-stream' http first packet, acknoledges it and then sends r...
Hello,
what great news, that it is working now. I think you can extract the headers and value pairs and check them by yourself and compare header names and values with RFC.
For example, the following HTTP request from the client causes the connection to be reset:
POST /web/page HTTP/1.1
Accept: */*
aaabbbccc
Cache-Control: no-cache
Content-Length: 438Note: The aaabbbccc header is malformed because it does not conform to the name: value syntax.
Using another example, the following HTTP request from the client also causes the connection to be reset:
POST /web/page HTTP/1.1
Accept: */*
aaabbbccc :
Cache-Control: no-cache
Content-Length: 438Note: If there is a white space between the field name (aaabbbccc) and colon (:), then the request fails and the system considers it to be malformed. Full details about HTTP header restrictions are described in IETF RFC 7230: Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing.This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.
Reference: https://support.f5.com/csp/article/K38905534
Unfortunately, it is not mentioned in any of F5 articles how to check for the malformed header and know the header specifically, so you can check it by yourself by getting all of the header names and values.
BR,
Mohamed Salah
T5CAltocumulus
AltocumulusHello,
When http profile is changed to http transparent - everything works OK. (it looks that header which was suspicious has the same value on another environment on different device - and on that device everything is working fine).
How to check what header is malformed ? Is there any way to debug it ?
Hello,
what great news, that it is working now. I think you can extract the headers and value pairs and check them by yourself and compare header names and values with RFC.
For example, the following HTTP request from the client causes the connection to be reset:
POST /web/page HTTP/1.1
Accept: */*
aaabbbccc
Cache-Control: no-cache
Content-Length: 438Note: The aaabbbccc header is malformed because it does not conform to the name: value syntax.
Using another example, the following HTTP request from the client also causes the connection to be reset:
POST /web/page HTTP/1.1
Accept: */*
aaabbbccc :
Cache-Control: no-cache
Content-Length: 438Note: If there is a white space between the field name (aaabbbccc) and colon (:), then the request fails and the system considers it to be malformed. Full details about HTTP header restrictions are described in IETF RFC 7230: Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing.This link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.
Reference: https://support.f5.com/csp/article/K38905534
Unfortunately, it is not mentioned in any of F5 articles how to check for the malformed header and know the header specifically, so you can check it by yourself by getting all of the header names and values.
BR,
Mohamed Salah
- T5C
Hello
One of http headers was set by appication server with inappropriate value without ending \r\n, only \r.
After impementing changes by application team now it works great.
BR,
TC.
