For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kobedan's avatar
kobedan
Icon for Nimbostratus rankNimbostratus
May 10, 2022

HTTP/3 in the frontend and HTTP/2 in the backend

Hi,

I'm lost. I have two virtual servers, one listening for HTTP/2 and one listening to HTTP/3. With the HTTP/2 one the requests to the backend pool members happen over HTTP/2 but with the HTTP/3 profile it falls back to HTTP/1.1

Does anyone have any idea how I could solve this problem?

 

application delivery

3 Replies

  • shsingh's avatar
    shsingh
    Icon for Employee rankEmployee
    May 10, 2022

    Hi kobedan 

    Are you on v15? As there is no support for serverside H/3 and QUIC: https://support.f5.com/csp/article/K60235402

    --snippet from the article--

    In this experimental implementation of HTTP/3 and QUIC, the BIG-IP system offers the following features and requirements:

    • To enable proxy support for HTTP/3, you must configure the virtual server with HTTP/3 and QUIC profiles as well as enable the HTTP MRF Router setting. 
    • You must use HTTP/3 and QUIC together. Using QUIC without HTTP/3 is not supported.
    • Using QUIC and HTTP/3 on the server side is not supported in this implementation.
    • On the Configuration utility, you must set the Protocol option to UDP. The QUIC and HTTP/3 profile options will then be available for selection.
    • QUIC works only with TLSv1.3. The BIG-IP system provides the default clientssl-quic profile that you should use as a parent profile to customize your own Client SSL profile.
    • kobedan's avatar
      kobedan
      Icon for Nimbostratus rankNimbostratus
      May 11, 2022

      Hi shsingh 

      I'm using version 16. 

      My problem is not that I can't use HTTP/3 on the server side, i know that that won't work. But the problem is that when using HTTP/3 client side the server side isn't using HTTP/2. I know that HTTP/2 on the server side works because when using HTTP/2 on the client side I have HTTP/2 on the server side working with the same HTTP/2 profile.

      When forcing HTTP/2 always on by switching activation mode from ALPN to always I get this error in my Chrome browser:

      And this error on Firefox:

       

       

       

  • shsingh's avatar
    shsingh
    Icon for Employee rankEmployee
    May 11, 2022

    Hey kobedan 

    Thanks for the explanation and screenshot. 

    My guess is that H/3 on clientside will mean drop to H/1 on serverside... in a similar way to in "gateway mode" H/2 on clientside does H/1 on serverside.

    What you're expecting is to have serverside drop to H/2 instead of H/1

    The solution article does not explain the expected behaviour in that scenario. Give me a day to see what I can test and report back. I would also encourage a support case on this to understand the expected behaviour. DM me your support case so I can also track it internally.