You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Susan Hinrichs (JIRA)" <ji...@apache.org> on 2015/03/02 15:24:04 UTC

[jira] [Commented] (TS-3416) Enabling HTTP2 breaks proxying

    [ https://issues.apache.org/jira/browse/TS-3416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14343184#comment-14343184 ] 

Susan Hinrichs commented on TS-3416:
------------------------------------

I think your problem is in 

CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl:proto=http2

The actual npn string is h2 or h2-14.  So proto=h2,h2-14 would work.

Or just omit the proto, and it will offer both versions of http2, plus spdy, http1.x, etc.  That is how I run things.  The highest common protocol gets picked.

CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl

> Enabling HTTP2 breaks proxying
> ------------------------------
>
>                 Key: TS-3416
>                 URL: https://issues.apache.org/jira/browse/TS-3416
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: Core, HTTP/2
>            Reporter: Neil Craig
>
> Hi guys
> Firstly, apologies if this is the wrong place to ask.
> I have ATS 5.3, compiled (with experimental plugins) from a github pull a couple of days ago, runnning on CentOS 6.6 64 bit. I'm trying to get ATS working with h2 as a reverse proxy but every time I enable h2 via proxy.config.http2.enabled in records.config, proxying breaks. I've tried both http and https backends and many variants of http_ports config.
> H2 is working in that the chrome/firefox indicator shows it and i can see it in chrome:net-internals but as i say, proxying breaks. The moment i disable h2 via proxy.config.http2.enabled INT 0, proxying works again (as does vanilla TLS).
> I can't see anything in the logs which is helpful. My configs are below:
> records.config:
> CONFIG proxy.config.http2.enabled INT 1
> CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl:proto=http2
> CONFIG proxy.config.log.logfile_dir STRING /var/log/trafficserver
> CONFIG proxy.config.body_factory.template_sets_dir STRING etc/trafficserver/body_factory
> CONFIG proxy.config.url_remap.filename STRING remap.config
> proxy.config.log.common_log_enabled INT 1
> proxy.config.log.common_log_is_ascii INT 1
> proxy.config.log.common_log_name STRING nutscrape.log
> CONFIG proxy.config.cache.control.filename STRING cache.config
> CONFIG proxy.config.ssl.server.multicert.filename STRING ssl_multicert.config
> CONFIG proxy.config.log.extended_log_enabled INT 1
> CONFIG proxy.config.log.extended_log_is_ascii INT 1
> CONFIG proxy.config.log.extended_log_name STRING ext.log
> CONFIG proxy.config.ssl.server.cert.path STRING /usr/local/etc/tls-certs/
> CONFIG proxy.config.ssl.server.private_key.path STRING /usr/local/etc/tls-certs/
> remap.config:
> map_with_recv_port https://<edge-hostname> http://<origin-hostname>
> reverse_map http://<origin-hostname> https://<edge-hostname>
> I haven't changed anything else I can think of and have no plugins running.
> In terms of logs, the error.log shows 404s for the origin requests (but i can curl/wget the same resources from the server). The diag.log looks like this:
> [Feb 27 11:23:55.589] {0x2b0a0481e060} STATUS: opened /var/log/trafficserver/diags.log
> [Feb 27 11:23:55.589] {0x2b0a0481e060} NOTE: updated diags config
> [Feb 27 11:23:55.591] Server {0x2b0a0481e060} NOTE: cache clustering disabled
> [Feb 27 11:23:55.592] Server {0x2b0a0481e060} NOTE: ip_allow.config updated, reloading
> [Feb 27 11:23:55.594] Server {0x2b0a0481e060} NOTE: cache clustering disabled
> [Feb 27 11:23:55.595] Server {0x2b0a0481e060} NOTE: logging initialized[3], logging_mode = 3
> [Feb 27 11:23:55.600] Server {0x2b0a0481e060} NOTE: loading SSL certificate configuration from /usr/local/etc/trafficserver/ssl_multicert.config
> [Feb 27 11:23:55.627] Server {0x2b0a0481e060} NOTE: traffic server running
> [Feb 27 11:23:55.637] Server {0x2b0a06e94700} WARNING: skipping access control checks for HTTP/2 connection
> [Feb 27 11:23:55.653] Server {0x2b0a06e94700} WARNING: skipping access control checks for HTTP/2 connection
> [Feb 27 11:23:55.727] Server {0x2b0a0481e060} NOTE: cache enabled
> (after a restart).
> That's about all i can think of that's likely to be useful.
> Any advice or a pointer to a better place to ask would be very gratefully 
> received.
> Cheers
> Neil



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)