[PATCH 4 of 4] Removed README

Roman Arutyunyan arut at nginx.com
Sun May 14 13:38:55 UTC 2023


# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1684045884 -14400
#      Sun May 14 10:31:24 2023 +0400
# Branch quic
# Node ID d8272b84031bea1940ef8a5b8e2f79ec6a2dcfc1
# Parent  49a8edf7bf31b78681399cd7e93a8516788607dd
Removed README.

diff --git a/README b/README
deleted file mode 100644
--- a/README
+++ /dev/null
@@ -1,319 +0,0 @@
-Experimental QUIC support for nginx
------------------------------------
-
-1. Introduction
-2. Building from sources
-3. Configuration
-4. Directives
-5. Clients
-6. Troubleshooting
-7. Contributing
-8. Links
-
-1. Introduction
-
-    This is an experimental QUIC [1] / HTTP/3 [2] support for nginx.
-
-    The code is developed in a separate "quic" branch available
-    at https://hg.nginx.org/nginx-quic.  Currently it is based
-    on nginx mainline 1.23.x.  We merge new nginx releases into
-    this branch regularly.
-
-    The project code base is under the same BSD license as nginx.
-
-    The code is currently at a beta level of quality, however
-    there are several production deployments with it.
-
-    NGINX Development Team is working on improving HTTP/3 support to
-    integrate it into the main NGINX codebase.  Thus, expect further
-    updates of this code, including features, changes in behaviour,
-    bug fixes, and refactoring.  NGINX Development team will be
-    grateful for any feedback and code submissions.
-
-    Please contact NGINX Development Team via nginx-devel mailing list [3].
-
-    What works now:
-
-    IETF QUIC version 1 is supported.  Internet drafts are no longer supported.
-
-    nginx should be able to respond to HTTP/3 requests over QUIC and
-    it should be possible to upload and download big files without errors.
-
-    + The handshake completes successfully
-    + One endpoint can update keys and its peer responds correctly
-    + 0-RTT data is being received and acted on
-    + Connection is established using TLS Resume Ticket
-    + A handshake that includes a Retry packet completes successfully
-    + Stream data is being exchanged and ACK'ed
-    + An H3 transaction succeeded
-    + One or both endpoints insert entries into dynamic table and
-      subsequently reference them from header blocks
-    + Version Negotiation packet is sent to client with unknown version
-    + Lost packets are detected and retransmitted properly
-    + Clients may migrate to new address
-
-2. Building from sources
-
-    The build is configured using the configure command.
-    Refer to http://nginx.org/en/docs/configure.html for details.
-
-    When configuring nginx, it's possible to enable QUIC and HTTP/3
-    using the following new configuration option:
-
-        --with-http_v3_module     - enable QUIC and HTTP/3
-
-    A library that provides QUIC support is recommended to build nginx, there
-    are several of those available on the market:
-    + BoringSSL [4]
-    + LibreSSL [5]
-    + QuicTLS [6]
-
-    Alternatively, nginx can be configured with OpenSSL compatibility
-    layer, which emulates BoringSSL QUIC API for OpenSSL.  This mode is
-    enabled by default if native QUIC support is not detected.
-    0-RTT is not supported in OpenSSL compatibility mode.
-
-    Clone the NGINX QUIC repository
-
-    $ hg clone -b quic https://hg.nginx.org/nginx-quic
-    $ cd nginx-quic
-
-    Use the following command to configure nginx with BoringSSL [4]
-
-    $ ./auto/configure --with-debug --with-http_v3_module         \
-                       --with-cc-opt="-I../boringssl/include"     \
-                       --with-ld-opt="-L../boringssl/build/ssl    \
-                                      -L../boringssl/build/crypto"
-    $ make
-
-    Alternatively, nginx can be configured with QuicTLS [6]
-
-    $ ./auto/configure --with-debug --with-http_v3_module         \
-                       --with-cc-opt="-I../quictls/build/include" \
-                       --with-ld-opt="-L../quictls/build/lib"
-
-    Alternatively, nginx can be configured with a modern version
-    of LibreSSL [7]
-
-    $ ./auto/configure --with-debug --with-http_v3_module          \
-                       --with-cc-opt="-I../libressl/build/include" \
-                       --with-ld-opt="-L../libressl/build/lib"
-
-3. Configuration
-
-    The HTTP "listen" directive got a new option "quic" which enables
-    QUIC as client transport protocol instead of TCP.
-
-    Along with "quic", it's also possible to specify "reuseport"
-    option [8] to make it work properly with multiple workers.
-
-    To enable address validation:
-
-        quic_retry on;
-
-    To enable 0-RTT:
-
-        ssl_early_data on;
-
-    To enable GSO (Generic Segmentation Offloading):
-
-        quic_gso on;
-
-    To set host key for various tokens:
-
-        quic_host_key <filename>;
-
-    QUIC requires TLSv1.3 protocol, which is enabled by the default
-    by "ssl_protocols" directive.
-
-    By default, GSO Linux-specific optimization [10] is disabled.
-    Enable it in case a corresponding network interface is configured to
-    support GSO.
-
-    A number of directives were added that configure HTTP/3:
-
-        http3
-        http3_hq
-        http3_stream_buffer_size
-        http3_max_concurrent_streams
-
-    In http, an additional variable is available: $http3.
-    The value of $http3 is "h3" for HTTP/3 connections,
-    "hq" for hq connections, or an empty string otherwise.
-
-Example configuration:
-
-    http {
-        log_format quic '$remote_addr - $remote_user [$time_local] '
-                        '"$request" $status $body_bytes_sent '
-                        '"$http_referer" "$http_user_agent" "$http3"';
-
-        access_log logs/access.log quic;
-
-        server {
-            # for better compatibility it's recommended
-            # to use the same port for quic and https
-            listen 8443 quic reuseport;
-            listen 8443 ssl;
-
-            ssl_certificate     certs/example.com.crt;
-            ssl_certificate_key certs/example.com.key;
-
-            location / {
-                # required for browsers to direct them into quic port
-                add_header Alt-Svc 'h3=":8443"; ma=86400';
-            }
-        }
-    }
-
-4. Directives
-
-    Syntax: quic_bpf on | off;
-    Default: quic_bpf off;
-    Context: main
-
-    Enables routing of QUIC packets using eBPF.
-    When enabled, this allows to support QUIC connection migration.
-    The directive is only supported on Linux 5.7+.
-
-
-    Syntax: quic_retry on | off;
-    Default: quic_retry off;
-    Context: http, server
-
-    Enables the QUIC Address Validation feature.  This includes:
-    - sending a new token in a Retry packet or a NEW_TOKEN frame
-    - validating a token received in the Initial packet
-
-
-    Syntax: quic_gso on | off;
-    Default: quic_gso off;
-    Context: http, server
-
-    Enables sending in optimized batch mode using segmentation offloading.
-    Optimized sending is only supported on Linux featuring UDP_SEGMENT.
-
-
-    Syntax: quic_host_key file;
-    Default: -
-    Context: http, server
-
-    Specifies a file with the secret key used to encrypt stateless reset and
-    address validation tokens.  By default, a randomly generated key is used.
-
-
-    Syntax: quic_active_connection_id_limit number;
-    Default: quic_active_connection_id_limit 2;
-    Context: http, server
-
-    Sets the QUIC active_connection_id_limit transport parameter value.
-    This is the maximum number of connection IDs we are willing to store.
-
-
-    Syntax: http3_stream_buffer_size size;
-    Default: http3_stream_buffer_size 64k;
-    Context: http, server
-
-    Sets buffer size for reading and writing of the QUIC STREAM payload.
-    The buffer size is used to calculate initial flow control limits
-    in the following QUIC transport parameters:
-    - initial_max_data
-    - initial_max_stream_data_bidi_local
-    - initial_max_stream_data_bidi_remote
-    - initial_max_stream_data_uni
-
-
-    Syntax: http3_max_concurrent_streams number;
-    Default: http3_max_concurrent_streams 128;
-    Context: http, server
-
-    Sets the maximum number of concurrent HTTP/3 streams in a connection.
-
-
-    Syntax: http3 on | off;
-    Default: http3 on;
-    Context: http, server
-
-    Enables HTTP/3 protocol negotiation.
-
-
-    Syntax: http3_hq on | off;
-    Default: http3_hq off;
-    Context: http, server
-
-    Enables HTTP/0.9 protocol negotiation used in QUIC interoperability tests.
-
-5. Clients
-
-    * Browsers
-
-        Known to work: Firefox 90+ and Chrome 92+ (QUIC version 1)
-
-        Beware of strange issues: sometimes browser may decide to ignore QUIC
-        Cache clearing/restart might help.  Always check access.log and
-        error.log to make sure the browser is using HTTP/3 and not TCP https.
-
-    * Console clients
-
-        Known to work: ngtcp2, firefox's neqo and chromium's console clients:
-
-        $ examples/client 127.0.0.1 8443 https://example.com:8443/index.html
-
-        $ ./neqo-client https://127.0.0.1:8443/
-
-        $ chromium-build/out/my_build/quic_client http://example.com:8443
-
-
-   In case everyhing is right, the access log should show something like:
-
-   127.0.0.1 - - [24/Apr/2020:11:27:29 +0300] "GET / HTTP/3" 200 805 "-"
-                                         "nghttp3/ngtcp2 client" "quic"
-
-
-6. Troubleshooting
-
-    Here are some tips that may help to identify problems:
-
-    + Ensure nginx is built with proper SSL library that supports QUIC
-
-    + Ensure nginx is using the proper SSL library in runtime
-      (`nginx -V` shows what it's using)
-
-    + Ensure a client is actually sending requests over QUIC
-      (see "Clients" section about browsers and cache)
-
-      We recommend to start with simple console client like ngtcp2
-      to ensure the server is configured properly before trying
-      with real browsers that may be very picky with certificates,
-      for example.
-
-    + Build nginx with debug support [9] and check the debug log.
-      It should contain all details about connection and why it
-      failed. All related messages contain "quic " prefix and can
-      be easily filtered out.
-
-    + For a deeper investigation, please enable additional debugging
-      in src/event/quic/ngx_event_quic_connection.h:
-
-        #define NGX_QUIC_DEBUG_PACKETS
-        #define NGX_QUIC_DEBUG_FRAMES
-        #define NGX_QUIC_DEBUG_ALLOC
-        #define NGX_QUIC_DEBUG_CRYPTO
-
-7. Contributing
-
-    Please refer to
-    http://nginx.org/en/docs/contributing_changes.html
-
-8. Links
-
-    [1] https://datatracker.ietf.org/doc/html/rfc9000
-    [2] https://datatracker.ietf.org/doc/html/rfc9114
-    [3] https://mailman.nginx.org/mailman/listinfo/nginx-devel
-    [4] https://boringssl.googlesource.com/boringssl/
-    [5] https://www.libressl.org/
-    [6] https://github.com/quictls/openssl
-    [7] https://github.com/libressl-portable/portable/releases/tag/v3.6.0
-    [8] https://nginx.org/en/docs/http/ngx_http_core_module.html#listen
-    [9] https://nginx.org/en/docs/debugging_log.html
-    [10] http://vger.kernel.org/lpc_net2018_talks/willemdebruijn-lpc2018-udpgso-paper-DRAFT-1.pdf


More information about the nginx-devel mailing list