Forum Discussion

s_p_92's avatar
Icon for Altostratus rankAltostratus
Mar 09, 2023

Settings when configuring http/2 for the client side only

We have used the http/2 settings at and our flow is user mobile devices to BIG-IP is http/2. BIG-IP translates http/2 to http/1.1 then sends it to our back-end servers.

1. We have seen lot of Client connection closed error messages after turning on http/2 and trying to trace if any http/2 settings need to be changed from the default http/2 settings at ?

2. How does BIG-IP translate http/2(received from user mobile devices) to http/1.1 and how can we check those settings to tweak them?

3. Anything else we should check for?

5 Replies

    • s_p_92's avatar
      Icon for Altostratus rankAltostratus

      Thanks Paulius 

      I saw that but missing what else I need to check for the Client connection closed errors which spiked after turning on http/2 errors

  • Gajji's avatar
    Icon for Cirrostratus rankCirrostratus

    In Virtual Server ->>  Under the "HTTP Profile" section, you should see an option for "HTTP/2 Profile." This setting determines the HTTP/2 configuration used by the virtual server.
    By default, BIG-IP uses the "http2-default" profile, which includes settings for HTTP/2 to HTTP/1.1 translation.

    IF you want to create a custom one please read the documetation properly and then only do.

    • s_p_92's avatar
      Icon for Altostratus rankAltostratus

      Thanks Gajji 

      In Virtual Server under the section for "HTTP profile", value of "HTTP/2 profile" has a custom value but that uses the default settings mentioned at This was done by someone who has now left the company so we don't know the thinking behind creating a custom profile and then using the default settings

      What else can I check?


  • BIG-IP translates by copying the HTTP generic headers that are common between HTTP/2 and HTTP/1.1 to the HTTP/1 side. There's nothing much special. If you're encountering an error in the connection, the best thing to do is to capture it using Wireshark. Here's an article I wrote on how to decrypt TCPdump/wireshark packet captures:

    Once you decrypt the HTTP/2 side and concurrently capture the HTTP/1.1 side, just look for the error message and maybe share it here.