Folks,
Sorry for offtopic, but I am observing more or less same situation with
nginx.
My HTTP/2 configuration works when frontend/backend are configured in TCP
mode, but doesn't work if frontend/backend are in HTTP mode.
As soon as I change mode from http to tcp - it works fine.
Both haproxy and nginx build done with proper openssl library which
supports ALPN.
nginx built done with nginx_http_v2_module module
Log which I see at haproxy side:
Dec 21 15:28:50 haproxy haproxy[14184]: some_foo_ip:58693
[21/Dec/2015:15:28:49.779] https-in~ http2/foo1 424/0/2/-1/427 502 261 - -
PH-- 1/1/0/0/0 0/0 "PRI * HTTP/2.0"
At nginx side - there are no any log at all.
Any idea on how to fix that?
HTTP mode config for haproxy:
frontend https-in
bind *:443 ssl crt CERTIFICATE_PATH no-sslv3 ciphers
ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!DH+3DES:!ADH:!AECDH:!MD5 alpn h2
mode http
option httplog
option socket-stats
use_backend http2 if { ssl_fc_alpn -i h2 }
default_backend ssl-term
backend ssl-term
balance roundrobin
mode http
server foo 10.1.1.1:8080 maxconn 10000 check
backend http2
balance roundrobin
mode http
server foo1 10.1.1.1:8082 maxconn 50 check
NGINX side config:
server {
listen 443 ssl;
#HTTP2 LB section
listen 8080;
listen 8082 http2;
....
}
On Sun, Dec 20, 2015 at 9:30 AM, Baptiste <[email protected]> wrote:
>
> > HAproxy doesn't support SNI, NPN or ALPN on the backend currently
>
> Since 1.6, HAProxy supports sni on the server side, using a fetch.
>
> Baptiste
>
--
BR,
Pavlo Zhuk
+38093 2412222
