"Connection Reset" with Standard Virtual Server
Hello,
I am seeing "ERR_EMPTY_RESPONSE" errors with a "Standard" virtual server, but not with a "Performance (HTTP)" virtual server. I would like to use an "Access Policy" to require SAML Authentication, which appears to only be supported with a "Standard" virtual server". I am using SNAT with Auto Map. My problem seems similar to this issue. Any tips on what I should be looking at?
Notes:
I am using BIG-IP 17.1.1.3 Build 0.0.5 Point Release 3
I've disabled HTTPS on my backend and frontend server to help diagnose the issue.
I've tried the normal TCP and HTTP Profile. I also cloned them and made the header sizes larger for the HTTP profile, to no avail.
I do not have any iRules configured.
I have enabled SSO (SSO authentication works fine, but after authenticating I still see an empty response from the backend).
I've taken a PCAP on the backend server and, in analyzing the PCAP, it appears that the request F5 initiates to my backend server is a malformed HTTP request (see the GET / below which doesn't appear to be encapsulated in an HTTP segment). The backend returns a "400" and the client receives ERR_EMPTY_RESPONSE.
other notes:
Confirmed that I have Self IPs under Network > Self IPs
Confirmed that I have enabled SNAT IPs.
HTTP Profile is the standard HTTP Profile. SSL Profile (Which I think shouldn't matter, since this is all HTTP) is (client|server)ssl-insecure-compatible
VLAN and Tunnel Traffic is set to "all VLANs and Tunnels"
Source Address Translation is set to "Auto Map"
I have a policy to rewrite the Host header, but I still have the problem whether it is attached or detached from the Virtual Server.
My pools and nodes are marked as healthy.