Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

What happen when we enable HTTP/2 in an existing VIP.

Go to solution
RAQS
Cirrus
Cirrus

‎15-Apr-2020 19:32

Hi All,

 

Hope you all are doing good!

 

I have BIG-IP LTM module running on 13.1.1.4 version (and its in HA) , which means as per me is that version is 13.1.1 and build is 4 please correct if i am wrong.

 

I have a requirement where i need to enable HTTP/2 for an existing VIP. I was doing google and got to know that if we enable HTTP/2 then the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zero .

 

Refer :- https://support.f5.com/csp/article/K94563344

 

As i can not do upgrade right away , so can you please help me with mitigation or workaround to avoid this bug.

Like by anyway can i disable ALPN ? when i enable HTTP/2 or any other steps to mitigate this.

 

Or , we can directly enable HTTP/2 , it will not have an imact.

 

Regards,

Shekhars

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Simon_Blakely
F5 Employee
F5 Employee
In response to RAQS

‎15-Apr-2020 22:52

Actually, you can't on 13.1.1.4, as NPN is no longer supported.

 

K04412053:  Overview of the BIG-IP HTTP/2 profile

 

Activation Modes

ALPN

Specifies how the BIG-IP system negotiates HTTP/2 protocol. By default, the BIG-IP system accepts Application Layer Protocol Negotiation (ALPN). 

Beginning in version 13.1.0, the BIG-IP system no longer supports Next Protocol Negotiation (NPN), which is now deprecated and replaced by the industry standard ALPN published as RFC 7301. Prior to BIG-IP 13.1.0, the NPN is accepted by the BIG-IP system.

 

Sorry - you don't really have any options to safely implement HTTP/2.

View solution in original post

4 REPLIES 4

Go to solution
Simon_Blakely
F5 Employee
F5 Employee

‎15-Apr-2020 21:36

You don't have too many choices

 

1) Disable ALPN and rely on NPN, which is deprecated and has limited browser support

 

2) Enable HTTP/2 with ALPN, and hope that you don't get connections that cause tmm to restart

 

3) push for an upgrade to 13.1.3.3 before enabling HTTP/2

 

 

0 Kudos

Go to solution
RAQS
Cirrus
Cirrus
In response to Simon_Blakely

‎15-Apr-2020 22:37

Hi Blakely,

 

Thanks for your prompt response.

 

So coming to option 1 , how we will achieve that in version 13.1.1.4 ==> Steps to do that

 

Option 2 is like to leave thing on fate and wait & watch.

 

Option 3 we will do but that will take time.

 

So, can you please help with Option 1 and how i will perform steps via GUI or CLI.

 

Regards,

Shekhars

0 Kudos

Go to solution
Simon_Blakely
F5 Employee
F5 Employee
In response to RAQS

‎15-Apr-2020 22:52

Actually, you can't on 13.1.1.4, as NPN is no longer supported.

 

K04412053:  Overview of the BIG-IP HTTP/2 profile

 

Activation Modes

ALPN

Specifies how the BIG-IP system negotiates HTTP/2 protocol. By default, the BIG-IP system accepts Application Layer Protocol Negotiation (ALPN). 

Beginning in version 13.1.0, the BIG-IP system no longer supports Next Protocol Negotiation (NPN), which is now deprecated and replaced by the industry standard ALPN published as RFC 7301. Prior to BIG-IP 13.1.0, the NPN is accepted by the BIG-IP system.

 

Sorry - you don't really have any options to safely implement HTTP/2.

Go to solution
RAQS
Cirrus
Cirrus
In response to RAQS

‎15-Apr-2020 23:55

Thanks Blakely. I really appreciate you time and effort.

 

So, i have only one option to upgrade,

 

Regards,

Shekhars

0 Kudos
Copyright © 2023 Khoros, LLC