Forum Discussion

sank_198085's avatar
sank_198085
Icon for Nimbostratus rankNimbostratus
Apr 17, 2015

Client connection getting reset on 304 Not Modified Response going through F5 Load Balancer

clients use HTTPS (SSL) channel to communicate with the Load Balancer, Load Balancer uses HTTP (Clear) channel to communicate with the server.

 

3-nodes round robin Port = 80 HTTP Profile = http SNAT Pool = Auto Map iRule assigned for http to https redirect Default Persistence Profile = source_addr

 

Does F5 adds since-last-modified on its own? What may be the reason for client connection getting reset.

 

deployment
  • Kevin_Davies_40's avatar
    Kevin_Davies_40
    Icon for Nacreous rankNacreous
    Apr 18, 2015

    F5 will not add last-modified headers unless you have additional profiles attached. You will need to check if the 304 message is actually being sent to the client. Use tcpdump and wireshark to confirm this.

     

    • sank_198085's avatar
      sank_198085
      Icon for Nimbostratus rankNimbostratus
      Apr 18, 2015
      Thanks will try to capture tcpdump. But the weird thing is it only happens when F5 is brought into picture and access server from firefox browser. When we access server without F5 in between it never happens.
    • Kevin_Davies_40's avatar
      Kevin_Davies_40
      Icon for Nacreous rankNacreous
      Apr 18, 2015
      I'm surprised if it modifies any headers. It should just pass them through. A tcpdump capture client and serverside should confirm this.
  • sank_198085's avatar
    sank_198085
    Icon for Nimbostratus rankNimbostratus
    Apr 18, 2015
    Thanks will try to capture tcpdump. But the weird thing is it only happens when F5 is brought into picture and access server from firefox browser. When we access server without F5 in between it never happens.
  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus
    Apr 18, 2015

    Try removing the hdr

    when HTTP_REQUEST_SEND {
clientside {
   if {[HTTP::header exists "If-Modified-Since"]}{
         HTTP::header remove "If-Modified-Since"
      }
   }
}
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 18, 2015

    clients use HTTPS (SSL) channel to communicate with the Load Balancer, Load Balancer uses HTTP (Clear) channel to communicate with the server.

     

    3-nodes round robin Port = 80

     

    HTTP Profile = http

     

    SNAT Pool = Auto Map

     

    iRule assigned for http to https redirect

     

    Default Persistence Profile = source_addr

     

    isn't virtual server listening on port 443? is clientssl profile assigned to the virtual server?

     

    also, i do think you need http to https redirect irule on this virtual server because it is listening on port 443.