Last Modified: Aug 05, 2020
See more info
Known Affected Versions:
14.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 14.1.2, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 15.0.0, 15.0.1, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 15.1.0, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 16.0.0
Opened: Jan 16, 2020
HTTP/2 protocol can be negotiated with the Application-Layer Protocol Negotiation (ALPN) on the Transport Layer Security (TLS) level of communication. When an iRule disables HTTP/2 on a server side, it is assumed that the BIG-IP system no longer offers h2 to a server as an option.
The BIG-IP system offers h2 as an option in ALPN when the HTTP/2 profile is disabled on a server side. If h2 is accepted by the server, communication fails since HTTP/2 is disabled and does not decode HTTP/2 traffic.
-- A virtual server has an HTTP/2 profile configured on both the client and server sides. -- A server SSL profile is configured on the virtual server. -- An iRule using the 'HTTP2::disable serverside' command is attached to the virtual server.