HAProxy Enterprise supports HTTP/2 over:
unencrypted HTTP (known as h2c);
encrypted HTTPS when OpenSSL 1.0.2 or newer is available on the server.
Most browsers support HTTP/2 over HTTPS only, but you may find it useful to enable h2c between backend services (e.g. gRPC services).
Enable HTTP/2 over HTTPS
To enable HTTP/2 between clients and HAProxy Enterprise, configure the
bind line in a
frontend section as an
ssl endpoint. The
alpn parameter announces that the load balancer supports HTTP/2 (h2) as its first choice and HTTP/1.1 as a backup by listing them in that order. Since this uses the TLS ALPN extension, the HAProxy Enterprise server must have OpenSSL 1.0.2 or newer.
frontend www mode http bind :443 ssl crt
/path/to/cert.crtalpn h2,http/1.1 default_backend servers
Enable HTTP/2 over HTTP (h2c)
To enable HTTP/2 between clients and HAProxy Enterprise without using TLS, use the
proto parameter to announce support for it. This method does not allow you to support multiple versions of HTTP simultaneously.
frontend www mode http bind :80 proto h2 default_backend servers
Adjust the HTTP/2 initial window size
When you expect large file uploads over a network with moderately high latency, you may experience slow upload speeds. You can increase the HTTP/2 Flow Control window size to allow HAProxy Enterprise to buffer more data. Set
tune.h2.initial-window-size in the
global section to the number of bytes the client can upload before waiting for an acknowledgement from the load balancer. For example, you could set a high value like 1048576.