Bug ID 868889: BIG-IP may reset a stream with an empty DATA frame as END_STREAM

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.2,,,,, 15.0.0, 15.0.1,,,,

Fixed In:

Opened: Jan 14, 2020

Severity: 3-Major


HTTP/2 defines END_STREAM flag in a frame as an end of a stream. A peer can send an empty (with no payload) DATA frame to designate a last one in a stream. When BIG-IP receives an empty DATA frame, it handles it incorrectly, sending RST_STREAM to a client.


The BIG-IP system may reset the stream.


-- The BIG-IP system has a virtual server configured with an HTTP/2 profile on the client side. -- The client sends a request containing a payload over a stream, ending the stream with empty DATA frame.


A client should resend the request handling more data.

Fix Information

When empty DATA frame with END_STREAM flag is handled by the BIG-IP system, it terminates the stream accordingly.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips