Forum Discussion

am_gli's avatar
am_gli
Icon for Altostratus rankAltostratus
Sep 28, 2021

configuring HTTP/2 properly

Hi,

 

I have an issue with activating a VS with HTTP/2.

 

Our requirement is following:

 

  • Backend server is capable of HTTP/2
  • F5 should offer HTTP/2 to the client
  • If client is capable of HTTP/2, then clientside connection should be HTTP/2 -> and serverside connection should be HTTP/2 too
  • If client uses HTTP 1.1, then serverside connection should be HTTP 1.1 too

 

I applied a ssl profile to a VS (CS & SS), removed the renegotiation checkbox and activated the default http2 profile for CS and SS, and enabled the HTTP MRF Router option like described in the guide.

 

With MRF checked, the connection fails in Chrome (ERR_HTTP2_PROTOCOL_ERROR) and with CURL ( HTTP/2 stream 0 was not closed cleanly: INTERNAL_ERROR (err 2)).

 

Without MRF, the CS connection is HTTP/2, but the SS connection is still HTTP1.1.

 

Is there a proper way to achieve the scenario described above by default GUI config, or would I have to trigger this somehow with irules?

And why does MRF break the connection?

 

  • I too would like to know this. Also, am.gli can you please post a link to the guide?

    • am_gli's avatar
      am_gli
      Icon for Altostratus rankAltostratus

      https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/big-ip-http2-full-proxy-configuration-14-1-0/01.html

  • Hi am_gli 

    When you say "if MRF is disabled" the serverside is HTTP 1.1 <- this is by design as the configuration is acting in "gateway mode" which means that clientside can serve H/2 to enable the benefits of the protocol while having servers remain on H/1.1

    Would you be able to let us know the TMOS version you are using?

    Also, do you have a request-logging profile? https://cdn.f5.com/product/bugtracker/ID1101181.html