Forum Discussion
Incosistent forwarding of HTTP/2 connections with layered virtual
I should add, that I came to the above conclusion, because of the information from the ASM/AWF event log. I see "invalid hostnames", like "piwik.example.com" in the policy for "www.example.com" appearing. The behavior of the forwarding may be correct, but wrongly shown in the event logs of the WAF. 😵
It was definetely not a false positve. There was an issues, which the customer didn't see until now. 🙃
However, the fix was to disable HTTP/2 on the tier2 virtual. So there is definetely an issue with the layered virtual forwarding, when HTTP/2 is enabled. My primary intention to use layered virtual / SNI-routing is to save IP addresses from the public space. I'm still confused about the fact, that the browser doesn't create a new TCP connection for another hostname, although the IP address and port is identical... 😕
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com