HTTP Profile "Maximum Header Size"
Hi All,
Our platform is intended to act as a proxy or transparent proxy to serve ONLY http traffic from handset or laptop. (Non http traffic bypassed at F5 level)
After we putting live production traffic to platform, there are lots of HTTP header size error logged and causing the F5 stop sending traffic to one of the pool member.
We tried to increase the size to 64KB and it's error still keep logging in /var/log/ltm.
To avoid downtime, we had the "Maximum Header Size" disabled in HTTP profile.
Please see below for the error log.
History log:
Jan 4 23:58:53 local/tmm err tmm[5238]: 011f0005:3: HTTP header (33304) exceeded maximum allowed size of 32768 (Client side: vip=ext_HTTP_VS_80 profile=http pool=Pool_3128)
Jan 4 23:58:54 local/tmm1 err tmm1[5239]: 011f0005:3: HTTP header (33304) exceeded maximum allowed size of 32768 (Client side: vip=ext_HTTP_VS_80 profile=http pool=Pool_3128)
Jan 4 23:58:55 local/tmm3 err tmm3[5241]: 011f0005:3: HTTP header (33304) exceeded maximum allowed size of 32768 (Client side: vip=ext_HTTP_VS_80 profile=http pool=Pool_3128)
Jan 4 23:58:55 local/tmm err tmm[5238]: 011f0005:3: HTTP header (33304) exceeded maximum allowed size of 32768 (Client side: vip=ext_HTTP_VS_80 profile=http pool=Pool_3128)
I need advice on inquiry below:
1.Is this a critical messages?
2.If particular VS hitting too much of this error, what is the expected F5 behavior? stop sending traffic to one of the pool member?
3.Need input from your security point of view, what value is best approach?
4.If we disable “Maximum Header Size” checking, will it cause security issue? Like DOS attack?
Thanks,
chiewming