Headers truncated at 4096bytes

Question

A problem has arisen with a virtual server over the last few weeks.  When testing an application the user recieves 400 Bad Requests errors in their browser.  From my testing it looks as though Headers are being truncated at 4096 bytes when leaving the Big-IP bound for the pool member.  If a Header is 4097 bytes or above the 400 Bad Request error occurs.&nbsp;
&nbsp;Testing direct to the pool member, missing out the Big-IP, the error does not occur with Headers over 4096 bytes.&nbsp;
&nbsp;Has anybody else experienced this type of issue?&nbsp;
&nbsp;Regards,&nbsp;
&nbsp;Ewan

hooleylist · Answer

Hi Ewan, 
&nbsp;  
&nbsp; Are you running any modules on the virtual server?  I thought LTM could handle up to 32k byte length headers by default: 
&nbsp;  
&nbsp; SOL8482: Error Message: HTTP header exceeded maximum allowed size of   
&nbsp; http://support.f5.com/kb/en-us/solutions/public/8000/400/sol8482.html 
&nbsp;  
&nbsp; Have you tried comparing a tcpdump of the LTM clientside and serverside HTTP request?  If so, do you see the long header being truncated?  If you do, I'd suggest opening a case with F5 Support to investigate the issue. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Headers truncated at 4096bytes

1 Reply

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Security headers

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing

Log Http Headers

iRule to modify a content-security-policy header