We started seeing issues today with some of our customers' web sites where an http/2 profile was applied on the BigIP, when users use the new Chrome 80. The browser won't connect, with error ERR_HTTP2_SERVER_REFUSED_STREAM.
We see this issue with some but not all sites with http/2 enabled. The only differences I see between the sites are details in the HSTS configuration.
Has anybody else seen this, and do we know if the issue is with Chrome or the way BigIP handles http/2 or a combination of the http/2 profile and something else? Our BigIP is running version 12.1.4.
Can you open a case with Support and provide a qkview, details of the affected virtual server, and tcpdump or browser recordings of working and failing requests?
Could you reply back with the case number?
Edit: actually, you indicate the issue is seen on 12.1.4, so this probably isn't the issue. Opening a case and providing a qkview and details of the issue will help us narrow the potential cause.
This might be the issue you're seeing. It would be great if you can open a support case and provide more exact details on the version and issue.
Bug ID 677119: HTTP2 implementation incorrectly treats SETTINGS_MAX_HEADER_LIST_SIZE
When HTTP2 connection's parameters are negotiated, either side may report about its limits in SETTINGS type frame where one of the parameters SETTINGS_MAX_HEADER_LIST_SIZE determines a maximum size of headers list it is willing to accept. The BIG-IP system incorrectly interchanged this parameter with another one called SETTINGS_HEADER_TABLE_SIZE, limiting value of the former one to 32,768.
13.0.1, 12.1.3, 188.8.131.52
We also affected heavily by this. Is there a temporary solution that does not involve a software upgrade if you are in version 12.1.2?
By using a Perfomance layer 4 VIP and disabling http/2 the websites works on Chrome 80 but fails on other browsers now