QUIC oddity (gets h2 the first time around, subsequent retrievals are h3)

Eric Germann ekgermann at semperen.com
Wed Mar 29 21:09:45 UTC 2023 

Wondering if anyone can explain this.  With Chrome and Curl, it seems like the first connect from a restarted client, seems to return data over HTTP/2.  Subsequent rounds return HTTP/3.

Here’s some output showing it

 curl --http3 https://noc2.semperen.com/lslr.b64 -I
HTTP/2 200
server: nginx/1.23.4
date: Wed, 29 Mar 2023 21:03:34 GMT
content-type: application/octet-stream
content-length: 40832805
last-modified: Wed, 22 Mar 2023 01:11:00 GMT
etag: "641a55a4-26f0f25"
x-cache-debug: /lslr.b64
accept-ranges: bytes
alt-svc: h3=":443"; ma=60, h2=":443"; ma=60
alt-svc: h2=":443"; ma=86400;
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31104000; includeSubdomains

opt/curl/bin on  stable on ☁️  (us-east-2)
➜ curl --http3 https://noc2.semperen.com/lslr.b64 -I
HTTP/3 200
server: nginx/1.23.4
date: Wed, 29 Mar 2023 21:03:41 GMT
content-type: application/octet-stream
content-length: 40832805
last-modified: Wed, 22 Mar 2023 01:11:00 GMT
etag: "641a55a4-26f0f25"
x-cache-debug: /lslr.b64
accept-ranges: bytes
alt-svc: h3=":443"; ma=60, h2=":443"; ma=60
alt-svc: h2=":443"; ma=86400;
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31104000; includeSubdomains


notice the HTTP/2 and HTTP/3 headers.

Changing the ma on the alt-sec-header seemed to make it reproducible, but not now.  It seems to do it randomly, in Chrome and now curl.  FF always has a h3 session the first hit to the site.

Thoughts?


--
Eric Germann
ekgermann {at} semperen {dot} com || ekgermann {at} gmail {dot} com
LinkedIn: https://www.linkedin.com/in/ericgermann
Medium: https://ekgermann.medium.com <https://ekgermann.medium.com/>
Twitter: @ekgermann
Telegram || Signal || Skype || WhatsApp || Phone +1 {dash} 419 {dash} 513 {dash} 0712

GPG Fingerprint: 89ED 36B3 515A 211B 6390  60A9 E30D 9B9B 3EBF F1A1







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230329/789a2ae1/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230329/789a2ae1/attachment-0001.bin>

More information about the nginx mailing list