F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

JimT02's avatar
JimT02
Icon for Nimbostratus rankNimbostratus
Aug 08, 2016

Help pinpoint what packet is have RFC2616 issues related to a http_profile on LTM

Problem: have a vip with a http_profile proxying to an IIS server with a ssl client & server profile. we receive the following error:

 

011f0007:http_process_state_prepend - Invalid action EV_INGRESS_DATA during ST_HTTP_PREPEND_HEADERS (Server side: vip=xxxx_vs profile=http pool=xxxx_pool).

 

If we remove the http_profile, the error goes away.

 

Actions taken to find cause:

 

Have studied https://support.f5.com/kb/en-us/solutions/public/5000/900/sol5922.html. ran wireshark on the proxy site, but have not been able to identify any abnormalities or what exactly is RFC2616 issues.

 

Is there anything else in F5 or other tools to help pinpoint what packet is have RFC2616 issues? What is a method for finding these?

 

application delivery
iRules
LTM
security

1 Reply

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Aug 09, 2016

    Hi Jim,

    to find out which request/response is triggering the problem, you may try to 

    [log]
    the HTTP requests which doesn't get a response...

    when HTTP_REQUEST {
    set log_request [HTTP::uri]
}
when HTTP_RESPONSE {
    set log_request ""
}
when CLIENT_CLOSED {
    if { $log_request ne "" } then {
        log local0.debug "Unanswered Request: $log_request"
    }
}

    Note: I don't know if the 

    CLIENT_CLOSED
    event will trigger after the exemption is raised. But give it a go to find out...

    Once you've identified the URLs triggering the protocol violateion, grap the headers and post them here...

    Cheers, Kai