On Thu, Feb 07, 2019 at 06:37:28PM +0100, Willy Tarreau wrote:
> > I'll try with h2c and see if I can put it between client and haproxy.
>
> Then I suspect that you'll see haproxy either emit RST_STREAM or emit
> too large a frame and this frame get rejected.
So after checking the code, I can
On Thu, Feb 07, 2019 at 06:44:01PM +0200, Jarno Huuskonen wrote:
> At least on my test case haproxy listens http2 and uses http/1.1
> to backend server
> (example config and example backend server (in go) are in earlier
> mail: https://www.mail-archive.com/haproxy@formilux.org/msg32727.html
>
Hi,
On Thu, Feb 07, Willy Tarreau wrote:
> On Thu, Feb 07, 2019 at 04:50:12PM +0200, Jarno Huuskonen wrote:
> > Hi,
> >
> > On Thu, Feb 07, Steve GIRAUD wrote:
> > > Thanks Jarno for the investigation.
> >
> > No problem.
> >
> > > The large header is only on response and there is only one
Thanks for your precious answer,
I might have an idea. The default H2 max-frame-size is 16kB (by the
spec). It is possible that your server ignores the setting and tries
to push a frame size that is larger than the agreed limit, which
becomes a protocol violation.
For information, we use IIS10
Hi,
On Thu, Feb 07, 2019 at 04:50:12PM +0200, Jarno Huuskonen wrote:
> Hi,
>
> On Thu, Feb 07, Steve GIRAUD wrote:
> > Thanks Jarno for the investigation.
>
> No problem.
>
> > The large header is only on response and there is only one large header
> > (18k).
> >
> > haproxy + ssl + http2
Hi,
On Thu, Feb 07, Steve GIRAUD wrote:
> Thanks Jarno for the investigation.
No problem.
> The large header is only on response and there is only one large header (18k).
>
> haproxy + ssl + http2+ tune.bufsize:32768 --> request fails
Did you check with curl or chrome if you get the same
Hi,
Thanks Jarno for the investigation.
The large header is only on response and there is only one large header (18k).
haproxy + ssl + http2+ tune.bufsize:32768 --> request fails
haproxy + ssl + http1.1 + tune.bufsize:32768 --> request ok
If I request my backend directly in h2 + ssl but
Hi,
On Wed, Feb 06, Steve GIRAUD wrote:
> Effectively, the header size is 17 556 bytes.
Is the large header(s) only on response (and not on request) ?
(Is it one large header 17k header ?)
> If I increase the bufsize to 40 000 bytes and the maxrewrite to 20 000 the
> request failed.
For me
Effectively, the header size is 17 556 bytes.
If I increase the bufsize to 40 000 bytes and the maxrewrite to 20 000 the
request failed.
--
Steve Giraud
De : Jarno Huuskonen
Envoyé : mercredi 6 février 2019 09:36
À : Steve GIRAUD
Cc : haproxy@formilux.org
Hi,
On Wed, Feb 06, Steve GIRAUD wrote:
> Hello everybody,
> Has anyone ever found that HAProxy returns a 502 error when ssl offload is
> enabled and the http response contains a very long header.
> If I turn off SSL offload , all is OK with the same header.
What's the size of the (very long)
Hello everybody,
Has anyone ever found that HAProxy returns a 502 error when ssl offload is
enabled and the http response contains a very long header.
If I turn off SSL offload , all is OK with the same header.
I Use HaProxy 1.8.17 on PFSense 2.4.4p1
Regards,
uname -a
FreeBSD PFSHA3.statim.fr
11 matches
Mail list logo