stackoom
  简体   繁体   中英

Apache httpd server doesn't accept GET HTTP request from F5 load balancer

 原文  2020-02-10 05:32:00       apache/ httpd.conf/ f5

Question

We are currently bringing reverse proxy solution between inte.net and application server. I have completed the simple reverse proxy setup and I am successfully able to reach application server from reverse proxy. But when I try to perform a health check from F5 to reverse proxy, it fails and there are no errors in the error_log except the following in access_log

XX.XXX.XX.X - - [07/Feb/2020:15:33:27 -0700] "\x16\x03\x01" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:28 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:32 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:33 -0700] "\x16\x03\x01" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:37 -0700] "\x16\x03\x01" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:38 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:42 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:43 -0700] "\x16\x03\x01" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:47 -0700] "\x16\x03\x01" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:48 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:52 -0700] "\x16\x03\x01\x02" 400 226 "-" "-"
XX.XXX.XX.X - - [07/Feb/2020:15:33:53 -0700] "\x16\x03\x01" 400 226 "-" "-"

2 answers

solution1
 10 ACCPTED  2020-02-10 05:43:31

Instead of HTTP methods (which is the first thing a HTTP client will send), you are getting strings starting with \\x16 , which is the start of a TLS handshake.

This means that your client is trying to use HTTPS to speak to a HTTP server. Just starting a server on port 443 doesn't make it HTTPS. The quick way to confirm this is probably to change a url such as https://foo to http://foo:443

solution2
 1  2022-04-14 14:56:16

I had the same problem "\ x16 \ x03 \ x01" 400 226 "-" "-". My mistake was in my DNAT firewall. I caught communication on both 80 and 443 and DNAT only to IP: 80. This rule redirects all traffic from http and https to TCP / 80. That's why the request "\ x16.." was recorded in the log. Maybe my experience will help someone:-)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Application Fail over not working in apache 2.2 web server configured with BIG IP (f5) load balancer F5 load balancer with Apache web and Tomcat SSL Issue Load Balancer with Apache HTTPD Apache http server load balancer Apache load balancer dropping the HTTP request body Apache httpd doesn't load .bashrc apache http server load balancer monitoring Get original remote host from the request redirected by the Apache load balancer Google Load balancer vs httpd apache load balancer Can F5 work as both webserver as well as load balancer
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM