Forum Discussion
chiewming_15294
Jan 18, 2012Nimbostratus
HTTP Profile "Maximum Header Size"
Hi All,
Our platform is intended to act as a proxy or transparent
proxy to serve ONLY http traffic from handset or laptop. (Non http traffic bypassed at F5 level)
...
hooleylist
Jan 19, 2012Cirrostratus
1) When you say TMM reset the connection, it's mean client need resend http request again?
TMM sends the client a TCP reset. This would result in a failure of the current HTTP request and the client would need to hit refresh to resubmit the request. If they send the same request with a large HTTP header set, they would receive another reset.
2) Is "Maximum Header Size" applicable to only client http request? other http activity?
The max header size is checked for the HTTP request headers only as far as I'm aware.
3) TMM check on the packet's "Header length" for the size or TMM does calculate on the header size?
TMM calculates it based on the start of the HTTP headers up until the first \r\n\r\n sequence which ends the headers.
4) Regarding your reply on question (4), it thought it can be disabled by uncheck the check box in Local Traffic -> Profiles -> Services -> HTTP -> *my_http_profile* ?
No. That would just use the default HTTP profile's value for max header size.
5) What could be the cause of larger http header size other than web application/URI behavior?
It could be a malicious client, a poorly designed client or incorrect web app behavior.
6) I read on some F5 article saying that DOS attack could make use of this to create spamming if value set too high.
Yes, but I don't think it's much of a risk if you temporarily raise the limit even to 64KB in order to log details of the request and fix the issue.
Aaron
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects