HTTP response from pool member to client IP is getting blocked by F5 LTM with the status code 0

Question

I have a BiGIP LTM with the version 13.1.3.4 with the engineering hotfix where we disabled HTTP compliance check using the command - 'tmsh modify sys db tmm.http.rfc.enforcement value disable'. However, one of our application is failing due to the HTTP compliance issues.

We are observing the HTTP response from pool member to client IP is getting blocked by F5 LTM with the status code 0. Hence, removed HTTP and HTTP-Compression profile as workaround to customer.

Can you please help me out with the causes of blocking the traffic here when we have HTTP profile added in VIP?

simon_blakely · Answer

You really need (decrypted) packet captures to see the server response at a packet level to determine what compliance issues may be occurring, and where. &nbsp;&nbsp;

sajin · Answer

Hi Simon, Thank you, I was specifically looking if any update happened on HTTP profile on 13.1.3.4 compared to our old version - 12.1.3.3 in F5 release notes as the server is dropping connection even after disabling 'http rfc enforcement value' globally.

I will find a downtime to enable the http profile and packet captures. Can you please help me with the commands that I need to run here?

Forum Discussion

HTTP response from pool member to client IP is getting blocked by F5 LTM with the status code 0

Recent Discussions

SNI Sites not taking correct certificate.

How to Renew F5 Device Certificate

irule to enable http/2 acceleration

Service discovery is not happening in AS3

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

Related Content

Response and blocking page

Let's Get Critical, Critical

Introduction of Incident Response

Getting Started with BIG-IP Next: Fundamentals

Get Started with WAAP Security Incidents

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS