Forum Discussion
JustCooLpOOLe
Cirrocumulus
CirrocumulusHTTP/2.0 Server-Side Traffic
Hi,
As I understand it now, the HTTP/2 profile is only for client-side traffic and that any traffic sent back to the server is sent using HTTP/1.1. Does this still hold true? If so, is anyone aware of when the F5 will be able to communicate over HTTP/2.0 to the pool members? Is there a workaround?
Our developers are starting to explore this as an option and right now they are ok with just client-side but I'm sure they would like to implement it on the server-side so thought I would throw this out there.
https://support.f5.com/csp/article/K04412053
"In BIG-IP 11.6.0, F5 introduces HTTP/2 protocol support as defined in RFC7540 for processing client-side HTTP/2 traffic. The support for server-side HTTP/2 traffic processing is introduced in BIG-IP 14.1.0; the webacceleration and OneConnect profiles are not supported in HTTP/2 full proxy mode in this version. In BIG-IP 15.0.0, F5 introduces the support for webacceleration profile in HTTP/2 full proxy mode."
Leonardo_Souzahttps://support.f5.com/csp/article/K04412053
"In BIG-IP 11.6.0, F5 introduces HTTP/2 protocol support as defined in RFC7540 for processing client-side HTTP/2 traffic. The support for server-side HTTP/2 traffic processing is introduced in BIG-IP 14.1.0; the webacceleration and OneConnect profiles are not supported in HTTP/2 full proxy mode in this version. In BIG-IP 15.0.0, F5 introduces the support for webacceleration profile in HTTP/2 full proxy mode."
JustCooLpOOLeThanks @Leonardo Souza !
- bradhanson
Altocumulus
Question related to this. If server-side is set for HTTP/2 but it goes to a server that is HTTP/1,1.1 does it negotiate to the HTTP/1,1.1?
We have a virtual server that would have servers behind it with HTTP/2 but an iRule/Policy is in place for 'exceptions' where it changes the server pool to other servers that are not supporting HTTP/2.
Thanks!!
- bradhanson
Answer my own question after some testing. Yes, it will negotiate and connect to servers that aren't supporting HTTP/2. So I can have a mixed set of servers behind the virtual server some supporting HTTP/2 and others not and it connects successfully.
I have to note how simple and apparently 'transparent' this is.
- Leonardo_Souza
Think about HTTP/2 profile like any other profile, let's say severssl profile.
You could have servers doing SSL, but in a failed scenario send people to a static sorry page without SSL.
In that case, before redirecting to that new server, you remove the serverssl profile.
In theory, the same idea could be applied to HTTP/2, so in the iRule/LTM Policy you remove the HTTP/2 profile before sending traffic to the server.
I said in theory because I haven't tested it.
However, this bug proves it should work:
https://cdn.f5.com/product/bugtracker/ID869553.html
The bad news is the bug above, and that I could not find that opiton using LTM Policy.
You could open a ticket with F5 support to see if there is any engineering hotfix for that because it applies to all the latest versions.