Forum Discussion

Vinne73's avatar
Vinne73
Icon for Cirrus rankCirrus
Nov 06, 2024

Invalid Content-Length header caused Big-IP to terminate connection?

Hi all,

I updated our Big-IP cluster to 17.1.1.4 last monday, and now I have a strange problem. When doing a HTTP request to any VIP, using POST but just as well GET or ..., and specifying an invalid "Content-Length" header, the Big-IP instantly terminates the connection as soon as the header is transmitted.

No error is logged in /var/log/ltm.

Examples:

Content-Length: haha

Content-Length: 2a

An empty Content-Length also causes the issue.

Curl example:

...

> User-Agent: curl/7.76.1
> Accept: */*
> Content-Length: aa
>
* OpenSSL SSL_read: Connection reset by peer, errno 104
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Unknown (21):

 

I don't have any special iRules that might assume Content-Length is numeric. And then I would expect a TCL error.

Now my question: can anybody running 17.1.1.4 do a simple Postman-like request, and include an invalid Content-Length header? Does this work for you?

I would like to hear if others have this problem as well before I make a support case.

Yes I know invalid Content-Length headers are not ok, but clients should not be punished for it imo. And GET should not have Content-Length anyway, but then the Big-IP should just ignore it, right?

Thank you

Vincent

No RepliesBe the first to reply