Manual Chapter :
Create a virtual server to manage HTTP/2 traffic with session persistence
Applies To:
Show Versions
BIG-IP LTM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0
Create a virtual server to manage HTTP/2 traffic with session persistence
You can use this procedure to create a virtual server to listen for HTTP/2 traffic, apply profiles and policies, and send the traffic to a pool of application servers that are HTTP/2-enabled.
Do not use the HTTP/2 protocol with NTLM protocols, as they are incompatible.
The BIG-IP does not support Virtual Desktop Infrastructure (VDI) in HTTP/2 environment. Do not attach both HTTP/2 profile and VDI profile together in the virtual server, a virtual server configured with both HTTP/2 profile and VDI profile can result in
ERR_HTTP2_PROTOCOL_ERROR
.- On the Main tab, click.The Virtual Server List screen opens.
- ClickCreate.The New Virtual Server screen opens.
- In theNamefield, type a unique name for the virtual server.
- For theDestination Address/Masksetting, confirm that theHostbutton is selected, and type the IP address in CIDR format.The supported format is address/prefix, where the prefix length is in bits. For example, an IPv4 address/prefix is10.0.0.1or10.0.0.0/24, and an IPv6 address/prefix isffe1::0020/64or2001:ed8:77b5:2:10:10:100:42/64. When you use an IPv4 address without specifying a prefix, the BIG-IP system automatically uses a/32prefix.The IP address you type must be available and not in the loopback network.
- In theService Portfield, type443or selectHTTPSfrom the list.
- From theHTTP Profile (Client)list, select a previously-created HTTP profile.
- From theHTTP Profile (Server)list, select(Use Client Profile).Alternatively, if you created a separate HTTP profile for managing server-side traffic, select the profile from the list.
- For theSSL Profile (Client)setting, from theAvailablelist, selectclientssl-secure, and move it to theSelectedlist.This profile disables mid-stream SSL renegotiation by default. Disabling SSL renegotiation is a requirement for an HTTP/2 full-proxy deployment.
- For theSSL Profile (Server)setting, from theAvailablelist, selectserverssl-secure, and move the profile to theSelectedlist.This profile disables mid-stream SSL renegotiation by default. Disabling SSL renegotiation is a requirement for an HTTP/2 full-proxy deployment.
- From theAccelerationlist, selectAdvanced.
- From theHTTP/2 Profile (Client)list, select the HTTP/2 profile that you previously created.
- From theHTTP/2 Profile (Server)list, select(Use Client Profile), or if you created a separate HTTP/2 profile for server-side traffic, select the profile from the list.
- For theHTTP MRF Routersetting, select the check box. For example:
- From theDefault Poollist, select a pool that is configured to serve HTTP/2 traffic.
- From theDefault Persistence Profilesetting, select the persistence profile that you previously created.
- ClickFinished.
The HTTP/2 virtual server is now ready to listen for HTTP/2 traffic and send the traffic to the assigned server pool.