431 Request Header Fields Too Large for a service mapped through consul API Gateway

Consul
1

Hello !

I’ve just deployed a service through my consul API gateway, which is a frontend application. It has worked for a day, but now I systematically get a 431 http error " Request Header Fields Too Large".
I’ve looked for it, I assume it’s because request header size is too small and so I’ve tried to increase it. My consul instance is installed through Helm and I found nothing about it Consul Helm Chart Reference. So I tried to use the following in my Helm chart :

connectInject:
  envoyExtraArgs: >-
    --config-yaml
    '{\"name\":\"http-header\",\"typedConfig\":{\"@type\":\"type.googleapis.com/xds.type.v3.TypedStruct\",\"type_url\":\"type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\",\"value\":{\"max_request_headers_kb\":128}}}'

It doesn’t work because the envoy configuration is wrong somewhere, but the envoy documention is not easily understandable :sweat_smile:

If somebody knows what is wrong with my envoy configuration, that’s great but I’ll work on it again and ask to the Envoy community. However am I on the right path? Is it really because of Envoy? Is there another way to configure it?

2

Hi! It’s strange to me if it is a configuration issue that it would work for a day and then start throwing this error, but it’s always a possibility. Perhaps this is too basic, but have you tried deleting your cookies and trying again? Generally when I see this error its due to an incorrectly sized cookie. Baring that, can you share a bit more about your set up and configuration or if you’ve seen anything suspicious in the gateway container logs? Unfortunately a 431 error could mean a lot of different things, so if we could narrow down for sure where it’s coming from that would be helpful.

3

Thank you for your answer ! The problem disappeared as fast as it appeared and came back today… I have absolutely no logs. But APIs deployed on the same gateway works!
I tried in another browser => Same issue :frowning:
I have an app using NextJS and NextAuth. I know that NextAuth is passing cookies which had caused us issues for the Spring Boot API as well, we had to set a parameter to increase the size of the header. However, no issues on the gateway side for the API. But if a parameter limits the headers size, it should be customizable ! I think that probably it should be possible with parameter I tried.
We will try to reduce the size of cookies with NextAuth but it’s kind of a blocker for us today.