[nginx-quic] HTTP/3(QUIC): I can't test HTTP/3 with nginx-quic repo

Roman Arutyunyan arut at nginx.com
Tue Feb 2 14:46:32 UTC 2021


Hi Andrey,

> On 2 Feb 2021, at 17:30, Andrey Khramov <andrey at apporto.com> wrote:
> 
> Hello, there
> 
> I tried to test the HTTP/3 (QUIC) with nginx-quic in several days.
> But I couldn't test HTTP/3 (QUIC).
> 
> I built the quic branch of nginx-quic repo according to README of that repo.
> The configuration options follows as below:
> $ ./auto/configure --prefix=/etc/nginx \
>                  --sbin-path=/usr/sbin/nginx \
>                  --conf-path=/etc/nginx/nginx.conf \
>                  --pid-path=/var/run/nginx.pid \
>                  --error-log-path=/var/log/nginx/error.log \
>                  --http-log-path=/var/log/nginx/access.log \
>                  --with-debug \
>                  --with-http_v2_module --with-http_ssl_module \
>                  --with-http_v3_module --with-http_quic_module \
>                  --with-stream_quic_module \
>                  --with-cc-opt="-I../boringssl/include" \
>                  --with-ld-opt="-L../boringssl/build/ssl \
>                  -L../boringssl/build/crypto"
> $ make
> 
> To install the nginx-quic, I installed the nginx 1.19.6 package on Ubuntu 18.04 and replaced the nginx binary with the nginx-quic:
> $ sudo cp objs/nginx /usr/sbin/
> 
> I configured that the nginx-quic works as load-balancer of HTTPS:
> HTTPS -> nginx-quic (7443 port) -> Apache2 (80 port) -> Apache Tomcat (8080 port)
> 
> The configuration file (nginx.conf) follows as below:
> 
> user  nginx;
> worker_processes  auto;
> 
> events {
>     worker_connections  1024;
> }
> 
> http {
>     log_format quic '$remote_addr - $remote_user [$time_local] '
>                     '"$request" $status $body_bytes_sent '
>                     '"$http_referer" "$http_user_agent" "$quic" "$http3"';
> 
>     access_log /var/log/nginx/access.log quic;
>     error_log  /var/log/nginx/error.log debug;
> 
>     server {
> 
>         listen 7443 http3 reuseport; # Enable HTTP/3.
>         listen 7443 ssl; # Enable HTTP/1.1 (optional).
> 
>         ssl_certificate      /home/ubuntu/andrey/http3/example-fullchain.pem;
>         ssl_certificate_key  /etc/ssl/private/example.key;
>         ssl_protocols        TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
> 
>         location / {
>             add_header alt-svc '$http3=":7443"; ma=86400'; # Advertise that QUIC is available
>             add_header QUIC-Status $quic; # Sent when QUIC was used
> 
>             proxy_pass http://backend1 <http://backend1/>;
>         }
>     }
> 
>     server {
>         listen 8443 ssl http2;
> 
>         ssl_certificate      /home/ubuntu/andrey/http3/example-fullchain.pem;
>         ssl_certificate_key  /etc/ssl/private/example.key;
>         ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
> 
>         location / {
>             proxy_pass http://backend2 <http://backend2/>;
>         }
>     }
> 
>     upstream backend1 {
>         ip_hash;
>         server localhost max_fails=3 fail_timeout=30s;
>     }
> 
>     upstream backend2 {
>         ip_hash;
>         server localhost max_fails=3 fail_timeout=30s;
>     }
> }
> 
> I opened UDP 7443 port on the cloud server (AWS).
> 
> I tested HTTP/3 (QUIC) with the client tools (neqo-client, curl-http3) and the browsers (Firefox 85 and Chrome 88) according to https://quic.nginx.org/readme.html <https://quic.nginx.org/readme.html>.
> I got the right result with the client tools, but I didn't get the right result with the browsers.
> 
> When connecting 7443 port with the browsers, I get the HTTP/1.1 now.
> When connecting 8443 port with the browsers, I get the HTTP/2 now.

The first request goes over HTTP/1, but then it’s supposed to switch to HTTP/3 if everything is right.

Does https://quic.nginx.org/ <https://quic.nginx.org/> detect QUIC support in your browsers?
If yes, please follow the ‘QUIC TEST’ link at the top and run the test.

Also, make sure QUIC/HTTP/3 is enabled in the browser.
In Firefox open the about:config <about:config> page make sure http.http3.enabled parameter is ’true’.

> I hope any suggestions and help.
> Thanks.
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel

—
Roman Arutyunyan
arut at nginx.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20210202/a1ba8045/attachment.htm>


More information about the nginx-devel mailing list