For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Understanding HTTP/2 Activation Modes on BIG-IP

Introduction Activation modes specifies how the BIG-IP system negotiates HTTP/2 protocol: TMSH equivalent: In this article I go slightly deeper to explain how BIG-IP negotiates HTTP/2 conn...

Published Jun 11, 2020

Version 1.0

Cirrocumulus

Joined May 16, 2019

View Profile

Rodrigo_Albuque

Cirrocumulus

Joined May 16, 2019

View Profile

Rodrigo_Albuque

Cirrocumulus

Apr 28, 2023

Hello, CF-Gallia-MS-NOC , thank you for your question. In the capture snippet you pasted, it is ok for BIG-IP not to come back with an ALPN extension header because you're reusing a previous TLS session so the security parameters previously negotiated, including the ALPN extension are re-used.

This could instead be a bug on your client if it's requesting to re-use the same previously negotiated TLS connection but at the same time it wants BIG-IP to re-negotiate the HTTP protocol.

I also have an article about TLS session resumption and TLS renegotiation.

Let me know if you have further questions.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Understanding HTTP/2 Activation Modes on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS