Forum Discussion
NimbostratusHTTP header (3XXXX) exceeded maximum allowed size of 3XXXX - Irule Problem
Hello Friends
I'm having these errors about "HTTP Header Exceeded maximmum allowed size":
Feb 6 15:49:59 BOGEAWF5LTMP01 err tmm[11181]: 011f0005:3: HTTP header (36400) exceeded maximum allowed size of 36000 (Client side: vip=/Common/VS_PX_IGUANA profile=http pool=/Common/Proxy_Pool client_ip=10.162.153.36) Feb 6 15:50:02 BOGEAWF5LTMP01 err tmm[11181]: 011f0005:3: HTTP header (36400) exceeded maximum allowed size of 36000 (Client side: vip=/Common/VS_PX_IGUANA profile=http pool=/Common/Proxy_Pool client_ip=10.162.153.36) Feb 6 15:50:06 BOGEAWF5LTMP01 err tmm1[11181]: 011f0005:3: HTTP header (36400) exceeded maximum allowed size of 36000 (Client side: vip=/Common/VS_PX_IGUANA profile=http pool=/Common/Proxy_Pool client_ip=10.162.153.36)
I did search info about that error, and i found an Irule in this Link: https://devcentral.f5.com/questions/http-profile-maximum-header-size
The Irule is following:
when HTTP_REQUEST {
Check the total HTTP headers size
if {[string length [HTTP::request]] > 10000 }{
Check if the URI is very long
if {[string length [HTTP::uri]] > 1000}{
log local0. "Uri is long. Length [string length [HTTP::uri]], URI: [HTTP::uri]"
Exit this event from this iRule
return
}
Loop through the headers by name
foreach header {[HTTP::header names]} {
Check for a long header value
if {[string length [HTTP::header value $header]] > 1000 } {
log local0. "Header is long. Header Name: $header,\
Length: [string length [HTTP::header value $header]], Value: [HTTP::header value $header]"
Exit this event from this iRule
return
}
}
If we are still here the request was large, but not the URI or any single header.
Log the first 1k bytes of the full request
log local0. "Request is long: [HTTP::request]"
}
}
I used this irule to log the header values, but this irule affects the HTTPS connections that not terminating in the F5. I am balancing two Bluecoat Proxies but the SSL interception is being done in the Proxies directly. You can help me with a modification from this irule to avoid this behavior?
2 Replies
Mauricio_GarantI Modified the template irule to log the HTTP Headers that exceeded the 36000 allowed header size. The irule blocks HTTPS connections, I don´t know why.
iaineNacreous
Could you increase the max header side in the http profile for this VIP...?
https://support.f5.com/kb/en-us/solutions/public/8000/400/sol8482.html
If you are doing any L7 inspection without SSL decrypt then you are going to kill the session on the F5
