[
https://issues.apache.org/jira/browse/TS-3416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14343184#comment-14343184
]
Susan Hinrichs commented on TS-3416:
------------------------------------
I think your problem is in
CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl:proto=http2
The actual npn string is h2 or h2-14. So proto=h2,h2-14 would work.
Or just omit the proto, and it will offer both versions of http2, plus spdy,
http1.x, etc. That is how I run things. The highest common protocol gets
picked.
CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl
> Enabling HTTP2 breaks proxying
> ------------------------------
>
> Key: TS-3416
> URL: https://issues.apache.org/jira/browse/TS-3416
> Project: Traffic Server
> Issue Type: Bug
> Components: Core, HTTP/2
> Reporter: Neil Craig
>
> Hi guys
> Firstly, apologies if this is the wrong place to ask.
> I have ATS 5.3, compiled (with experimental plugins) from a github pull a
> couple of days ago, runnning on CentOS 6.6 64 bit. I'm trying to get ATS
> working with h2 as a reverse proxy but every time I enable h2 via
> proxy.config.http2.enabled in records.config, proxying breaks. I've tried
> both http and https backends and many variants of http_ports config.
> H2 is working in that the chrome/firefox indicator shows it and i can see it
> in chrome:net-internals but as i say, proxying breaks. The moment i disable
> h2 via proxy.config.http2.enabled INT 0, proxying works again (as does
> vanilla TLS).
> I can't see anything in the logs which is helpful. My configs are below:
> records.config:
> CONFIG proxy.config.http2.enabled INT 1
> CONFIG proxy.config.http.server_ports STRING 80:http 443:ssl:proto=http2
> CONFIG proxy.config.log.logfile_dir STRING /var/log/trafficserver
> CONFIG proxy.config.body_factory.template_sets_dir STRING
> etc/trafficserver/body_factory
> CONFIG proxy.config.url_remap.filename STRING remap.config
> proxy.config.log.common_log_enabled INT 1
> proxy.config.log.common_log_is_ascii INT 1
> proxy.config.log.common_log_name STRING nutscrape.log
> CONFIG proxy.config.cache.control.filename STRING cache.config
> CONFIG proxy.config.ssl.server.multicert.filename STRING ssl_multicert.config
> CONFIG proxy.config.log.extended_log_enabled INT 1
> CONFIG proxy.config.log.extended_log_is_ascii INT 1
> CONFIG proxy.config.log.extended_log_name STRING ext.log
> CONFIG proxy.config.ssl.server.cert.path STRING /usr/local/etc/tls-certs/
> CONFIG proxy.config.ssl.server.private_key.path STRING
> /usr/local/etc/tls-certs/
> remap.config:
> map_with_recv_port https://<edge-hostname> http://<origin-hostname>
> reverse_map http://<origin-hostname> https://<edge-hostname>
> I haven't changed anything else I can think of and have no plugins running.
> In terms of logs, the error.log shows 404s for the origin requests (but i can
> curl/wget the same resources from the server). The diag.log looks like this:
> [Feb 27 11:23:55.589] {0x2b0a0481e060} STATUS: opened
> /var/log/trafficserver/diags.log
> [Feb 27 11:23:55.589] {0x2b0a0481e060} NOTE: updated diags config
> [Feb 27 11:23:55.591] Server {0x2b0a0481e060} NOTE: cache clustering disabled
> [Feb 27 11:23:55.592] Server {0x2b0a0481e060} NOTE: ip_allow.config updated,
> reloading
> [Feb 27 11:23:55.594] Server {0x2b0a0481e060} NOTE: cache clustering disabled
> [Feb 27 11:23:55.595] Server {0x2b0a0481e060} NOTE: logging initialized[3],
> logging_mode = 3
> [Feb 27 11:23:55.600] Server {0x2b0a0481e060} NOTE: loading SSL certificate
> configuration from /usr/local/etc/trafficserver/ssl_multicert.config
> [Feb 27 11:23:55.627] Server {0x2b0a0481e060} NOTE: traffic server running
> [Feb 27 11:23:55.637] Server {0x2b0a06e94700} WARNING: skipping access
> control checks for HTTP/2 connection
> [Feb 27 11:23:55.653] Server {0x2b0a06e94700} WARNING: skipping access
> control checks for HTTP/2 connection
> [Feb 27 11:23:55.727] Server {0x2b0a0481e060} NOTE: cache enabled
> (after a restart).
> That's about all i can think of that's likely to be useful.
> Any advice or a pointer to a better place to ask would be very gratefully
> received.
> Cheers
> Neil
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
