Le 28/10/2019 à 15:49, Ing. Andrea Vettori a écrit :

If it is on a development platform, is there any way to have a full network capture ?

Thanks for your help. The server where haproxy is running is a production server while this specific front/backend is a development web site. I can arrange a network capture if needed.

It could be very helpful. The best would be to have a trace from both sides, the client and the server.

Finally, nghttp (https://nghttp2.org) is also a good tool to debug HTTP/2. You may try it to know why the response is truncated.

Thanks, I see that curl uses that library.

Yes, but the verbose mode of nghttp (the tool not the library) shows you all HTTP/2 frames exchanged with the server. It could be interesting to get the output of nghttp of a request sent to HAProxy and another one sent directly to your h2 server.


macbookpro:~ andreavettori$ curl --http2 -v https://g.testhost
[SNIP]
Ok, so here from the protocol point of view everything seems to be ok.


macbookpro:~ andreavettori$ curl --http1.1 -v https://g.testhost
[SNIP]
Here the response seems to be malformed. It is hard to said much more for now. But it could help to find what is going wrong.


macbookpro:~ andreavettori$ curl --http1.1 -v http://g.testhost
[SNIP]
Here there is a problem with your configuration. Don't know what, but HAProxy closed abruptly the client connection. Could you provide your default and global section please ?


macbookpro:~ andreavettori$ curl --http2 -v http://g.testhost
[SNIP]
Here, it is the expected behavior. HAProxy does not support explicit H2 upgrade.


macbookpro:~ andreavettori$ curl --http2-prior-knowledge -v http://g.testhost
[SNIP]
Here too there is a problem with your configuration. Same as above. It should work. It is an implicit upgrade to H2. When the first request received on a client connection is the H2 preface, we do an implicit upgrade.


Finally trying on the third bind (the one where h2 protocol is specified and no ssl option) gives the same results as the last two tests.

For the test with the option "--http2", it is normal and expected. But with the option "--http2-prior-knowledge", it is a real problem. Because "proto h2" on the bind line is exactly here to receive clear H2 requests.

It does not explain why you received truncated responses. But it seems you have a configuration problem that which disturbs you in your tests.

--
Christopher Faulet

Reply via email to