HAProxy Enterprise Documentation 1.8r2

HTTP/2

HAProxy Enterprise supports HTTP/2 over:

  • unencrypted HTTP (known as h2c);

  • encrypted HTTPS when OpenSSL 1.0.2 or newer is available on the server.

Most browsers support HTTP/2 over HTTPS only, but you may find it useful to enable h2c between backend services (e.g. gRPC services).

Enable HTTP/2 over HTTPS

To enable HTTP/2 between clients and HAProxy Enterprise, configure the bind line in a frontend section as an ssl endpoint. The alpn parameter announces that the load balancer supports HTTP/2 (h2) as its first choice and HTTP/1.1 as a backup by listing them in that order. Since this uses the TLS ALPN extension, the HAProxy Enterprise server must have OpenSSL 1.0.2 or newer.

frontend www
   mode http
   bind :443 ssl crt /path/to/cert.crt alpn h2,http/1.1
   default_backend servers

Enable HTTP/2 over HTTP (h2c)

To enable HTP/2 between clients and HAProxy Enterprise without using TLS, use the proto parameter to announce support for it. This method does not allow you to support multiple versions of HTTP simultaneously.

frontend www
   mode http
   bind :80 proto h2
   default_backend servers

Ajust the HTTP/2 initial window size

When you expect large file uploads over a network with moderately high latency, you may experience slow upload speeds. You can increase the HTTP/2 Flow Control window size to allow HAProxy Enterprise to buffer more data. Set tune.h2.initial-window-size in the global section to the number of bytes the client can upload before waiting for an acknowledgement from the load balancer. For example, you could set a high value like 1048576.

Next up

TCP