Forum Discussion

MAbbas's avatar
MAbbas
Icon for Cirrus rankCirrus
Feb 05, 2022

Grpc Keepalive and F5 full proxy

Hi - my F5 is running v16.1 - and is a full gRPC proxy - the problem i am having i s

clinet sends gRPC ping to keep session open - to the F5 .but F5 cannot keep the session alive as there is no traffic that goes to the server - because -F5 being a proxy responds to teh ping .

How can i keep the server side connection open - other than increasing the the timeout.

thanks  

 

application delivery
  • Nikoolayy1's avatar
    Nikoolayy1
    Icon for MVP rankMVP
    Feb 05, 2022

    Hello you mean HTTP/2? If so because this is new thing that F5 support better check with the TAC if there is new bug:

    https://support.f5.com/csp/article/K61517014

    https://support.f5.com/csp/article/K47440400

    https://support.f5.com/csp/article/K04412053

     

    Also maybe test if the servers can also send keep-alives as it seems that the client keep alive is not forwarded to the servers by the F5 device because of a bug or on purpose and maybe test if removing the web compression or web acceleration profiles (web cache) as there are some known bugs with those profiles and HTTP/2.

     

    https://cdn.f5.com/product/bugtracker/ID714372.html

     

    Also you may test enabling the TCP keep alives under the TCP profiles:

     

    https://support.f5.com/csp/article/K8049

    https://support.f5.com/csp/article/K13004262

    • MAbbas's avatar
      MAbbas
      Icon for Cirrus rankCirrus
      Feb 06, 2022

      thanks for the reply . F5 is working fine as a gRPC -http2 proxy .

      the problem i have is - client sends GRPC pings - that teh F5 responds being a proxy - hence no traffic goes to the backend server . hence the question - i sthere a way to send those pings to the backend server - other than keeping the socket open with a timeout value on teh server side.

      thanks

       

       

  • Daniel_Wolf's avatar
    Daniel_Wolf
    Icon for MVP rankMVP
    Feb 11, 2022

    Hi MAbbas 

    I also did a bit of reading on this subject, this is my opinion:
    When proxying the HTTP/2 protocol, the same connection to a pool member can be used for multiple requests coming from multiple clients at the same time.
    Very much similiar to OneConnect in HTTP/1.1. Sending pings from a pariticular client over a reverse proxy would be somewhat inconsistent with whole idea of multiplexing.

    From my understanding gRPC keepalive is ment for peer-to-peer but not for proxied connections. If there is a requirement that clients keep a connection with the backend, TCP keepalive might be an option.
    Or extending the the TCP timeout value.

    KR
    Daniel