Should we use Apache's HTTP2?
Update: As of Apache 2.4.26, mod_http2 is no longer considered experimental. Answer below has been updated to reflect this.
Also note that mod_http2_proxy is still considered experimental.
The Experimental Tag is added when functionality is first added and, as the text explains, warns that the implementation, options and APIs may be subject to change. Therefore, if using an Experimental feature, you should carefully read the Changes file when you install any subsequent updates to ensure that you are made aware of any changes you will need to make.
The Experimental tag does not mean that the implementation is unstable. Unstable options will not generally be added directly to the main Apache source tree and instead will be handled as separate installable modules.
Saying that, to use HTTP/2 you will need to upgrade to 2.4.17 at least but really should upgrade to latest (2.4.26 at time of writing) as this module is changing quite a bit, has had a number of bug and performance improvements since launch and has even addressed a number of CVEs (including: 2016-1546, 2016-8740 and 2017-7659). That's not to say it's particularly buggy or dangerous, and there are plenty of other CVEs in Apache (and pretty much all other software) but it means you really should run the latest version.
You will also need to compile against OpenSSL 1.0.2 to work with Chrome and Firefox (as they only allow the newer ALPN protocol and not the older NPN protocol to negotiate the HTTP/2 connection), which may be an extra pain as most package managers don't include this yet. As of 2.4.26 Apache also supports OpenSSL 1.1.
Running newer versions, and compiling from source, rather than from package managers (e.g. yum or APT) does entail some extra effort and discipline (as they will not be as easily installed or patched) which is beyond the scope of your question but is not something to be entered into lightly. This is all assuming you're on Linux. If you're on Windows then you're probably already downloading and installing separately.
Finally to the real crux of your question. In the Apache 2.4.26 release the experimental warning was dropped for the main mod_http2
module, though it's still in place for the newer mod_proxy_http2
module. I've personally been running HTTP/2 on my personal blog site since 2.4.17 and have never had any real problems with it. It seems stable enough to me. Then again I don't get high volumes of traffic and it's not a big deal for me if it goes down. Would I run it against a real production site? Probably not until that experimental warning was removed (2.4.26). Then again, the only way that happens is if people try it out. HTTP/2 is also easy enough to switch off if it does cause problems. Basically it totally depends on your risk appetite. You can read (and subscribe) to the list of known issues at GitHub (https://github.com/icing/mod_h2/issues) and the module author is very responsive and helpful.
Not sure what are you asking about the reverse proxy functionality. Since 2.4.21 Apache introduced mod_proxy_http2
that handles HTTP/2 backends, but I would say that's even less used and tested (still marked experimental). It's also not that useful: the main benefits of HTTP/2 are over high latency networks (i.e. client-to-frontend) rather than over the low latency frontend-to-backend connections. So for now I'd have HTTP/2 on Apache but keep the reverse proxy connection to any backend infrastructure to HTTP/1. And yes this works absolutely fine, if that's what you were asking, though answers to this question claim there may be benefits to speaking HTTP/2 all the way through.