Requests through Azure Application Gateway fail with HTTP 504 if headers + payload is greater than about 1590 bytes

Question

We have a web application on an Azure hosted VM sitting behind an Azure Application Gateway. The Azure Application Gateway terminates SSL using the public certificate for the host, then uses an internal certificate to send the traffic to the backend server.

Most GET requests are forwarded correctly to the backend but most POST requests fail with HTTP 504 (gateway timeout). Experimenting using PowerShell Invoke-WebRequest and Fiddler replay has led us to discover that it is the total size of the request (headers + payload) that causes this error: if headers + payload is greater than about 1590 bytes then the request never reaches the backend server (no entry in IIS log file) and the Application Gateway returns a HTTP 504 to the caller.

What do we need to change on Application Gateway to fix this?

Answer 1

Microsoft support identified a bug with Windows Server 2022 that was causing the problem, so we re-installed on a Windows Server 2019 VM and the issue went away.

A little more info on the symptomns: we discovered that an error was appearing in the HTTP.sys log (at C:\Windows\System32\LogFiles\HTTPERR).