Open akostadinov opened 3 days ago
force_http11_upstream
option just converts incoming requests of HTTP/1.1, 2 or 3 to that of HTTP/1.1, and does not offers only HTTP/1.1 directly to clients.
In my understanding, your setting seems as below.
client -> (https over http/2) -> rpxy -> (https over http/1.1) -> backend app
But it is weird that your application returns 500 when clients send request with HTTP/2. The setting seems that rpxy
converts HTTP/2 to HTTP/1.1 towards your backend app. So could you check logs of rpxy
and your backend app?
Sorry, I missed to paste rpxy log because the error message in rpxy log seemed like http2 forwarding to http1 was not possible. I think the relevant part is:
2024-09-16T20:38:45.038091Z DEBUG rpxy rpxy_lib::proxy::proxy_main:191: HTTP/2 or 1.1: SNI in ClientHello: "myserver.example.com"
2024-09-16T20:38:45.060956Z DEBUG rpxy rpxy_lib::proxy::proxy_main:82: Request incoming: current # 2
2024-09-16T20:38:45.082350Z DEBUG rpxy rpxy_lib::backend::upstream:88: Found upstream: "/"
2024-09-16T20:38:45.083015Z DEBUG rpxy rpxy_lib::message_handler::handler_manipulate_messages:69: Generate request to be forwarded
2024-09-16T20:38:45.083664Z DEBUG rpxy rpxy_lib::backend::upstream:231: Upstream of index 0 is chosen.
2024-09-16T20:38:45.083690Z DEBUG rpxy rpxy_lib::backend::upstream:232: Context to LB (Cookie in Request): None
2024-09-16T20:38:45.083697Z DEBUG rpxy rpxy_lib::backend::upstream:233: Context from LB (Set-Cookie in Response): None
2024-09-16T20:38:45.083710Z DEBUG rpxy rpxy_lib::message_handler::handler_main:163: Request to be forwarded: [uri https://OpenWrt/, method: GET, version HTTP/2.0, headers {"user-agent": "curl/8.6.0", "accept": "*/*", "x-forwarded-for": "192.168.1.203", "x-forwarded-proto": "https", "x-forwarded-port": "8443", "x-real-ip": "192.168.1.203", "x-forwarded-ssl": "on", "x-original-uri": "https://myserver.example.com/", "proxy": "", "host": "myserver.example.com"}]
2024-09-16T20:38:45.308347Z WARN rpxy hyper_util::client::legacy::client:283: Connection is HTTP/1, but request requires HTTP/2
2024-09-16T20:38:45.310803Z ERROR rpxy rpxy_lib::message_handler::handler_main:74: Failed to get response from backend: Failed to fetch from upstream: client error (UserUnsupportedVersion)
2024-09-16T20:38:45.313777Z INFO rpxy rpxy_lib::message_handler::http_log:76: myserver.example.com <- 192.168.1.203:56784 -- GET / HTTP/2.0 -- 500 Internal Server Error -- https://myserver.example.com "curl/8.6.0", "192.168.1.203" "https://OpenWrt/"
2024-09-16T20:38:45.350427Z DEBUG rpxy rpxy_lib::proxy::proxy_main:112: Request processed: current # 1
More specifically
Connection is HTTP/1, but request requires HTTP/2
P.S. the upstream service is OpenWRT whatever its configuration interface uses as a web server. But should be pretty simple software because these devices are resources constraint. I expect something that adheres to as few modern specifications as possible.
Don't know if this is related to #77 or not. But I have an upstream that only supports HTTP 1.1
Like this:
But when running curl:
So basically TLS handshake appears to incorrectly accept
h2
when it should accepthttp/1.1
because of the upstream server.P.S. Request works with
curl --http1.1
but there is no such option for normal browsers.