Welcome! Log In Create A New Profile

Re: Nginx QUIC configuration file

Forum List Message List New Topic Print View

Manuel

October 11, 2020 07:08PM

Hi,

please recompile nginx with the latest version of boring and nginx. Probably also with minus minus prefix set to /etc/nginx
2nd step would be to find out which exact nginx binary the cmd 'service nginx restart' is executing. Alternative would be to execute the compiled binary directly.

I tried it out today and so far nginx and Google Chrome Canary with enabled quic h3-29 draft are talking http3 via quic.

This is the config:

events {}
http {
log_format quic '$remote_addr - $remote_user [$time_local] '

'"$request" $status $body_bytes_sent '

'"$http_referer" "$http_user_agent" "$quic" "$http3"';

access_log logs/access.log quic;
error_log logs/error.log debug;

server {
root /var/www/html;

server_name xyz ;

# for better compatibility it's recommended

# to use the same port for quic and https
listen 443 http3 reuseport;
listen 443 ssl;
ssl_protocols TLSv1.3;

ssl_certificate ...
ssl_certificate_key ...
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

location / {
# required for browsers to direct them into quic port

add_header X-http3-status "http3 is $http3";
add_header X-quic-status "quic is $quic";
add_header Alt-Svc '$http3=":443"; ma=86400';
# add_header Alt-Svc 'quic=":443"';
}
}
}

> Am 10.10.2020 um 15:23 schrieb HARISH KUMAR Ivaturi <harishkumarivaturi@gmail.com>:
>
> Hi Manuel
>
> I am not sure if you remember but with your help i have installed Nginx with HTTP/3 by installing boringssl.
> After all the process done you have suggested me to do
> sudo cp objs/nginx /usr/local/bin/
>
> So now.
>
>
> $ nginx -V
> nginx version: nginx/1.19.1
> built by gcc 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)
> built with OpenSSL 1.1.0 (compatible; BoringSSL) (running with BoringSSL)
> TLS SNI support enabled
> configure arguments: --with-debug --with-http_v3_module --with-cc-opt=-I.../boringssl/include --with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto'
>
>> On Sat, Oct 10, 2020 at 5:18 PM Manuel <manuel.baesler@gmail.com> wrote:
>> Hi,
>>
>> can you verify that the nginx binary that is using the http3 config is the nginx that can do http3?
>> For this you have to locate the systemd file that starts the nginx server and then look into the file to which path the executable point. Then run minus minus version on the binary.
>>
>>> Am 10.10.2020 um 15:04 schrieb HARISH KUMAR Ivaturi <harishkumarivaturi@gmail.com>:
>>>
>>> Hi
>>>
>>> I have installed nginx with http/3 with mercurial.
>>> I just need a proper default.conf which is located in /etc/nginx/conf.d and in default.conf
>>>
>>> BR
>>> Harish Kumar
>>>
>>>> On Sat, Oct 10, 2020 at 5:00 PM Maxim Konovalov <maxim@nginx.com> wrote:
>>>> On 10.10.2020 17:56, HARISH KUMAR Ivaturi wrote:
>>>> > Hi
>>>> >
>>>> > Sorry, this is my final default.conf
>>>> >
>>>> > server {
>>>> > listen 443 ssl; # TCP listener for HTTP/1.1
>>>> > listen 443 http3 reuseport; # UDP listener for QUIC+HTTP/3
>>>> > server_name localhost;
>>>> > ssl_protocols TLSv1.3; # QUIC requires TLS 1.3
>>>> > ssl_certificate cert.crt;
>>>> > ssl_certificate_key cert.key;
>>>> >
>>>> > add_header Alt-Svc 'quic=":443"'; # Advertise that QUIC is available
>>>> > add_header QUIC-Status $quic; # Sent when QUIC was used
>>>> > }
>>>> >
>>>> > after this i run
>>>> > curl -k --http3 -v "https://127.0.0.1:443"
>>>> >
>>>> > And in another terminal i have my
>>>> > sudo tail -f /var/log/nginx/error.log
>>>> >
>>>> > 2020/10/10 14:45:24 [emerg] 25485#25485: invalid parameter "http3" in
>>>> > /etc/nginx/conf.d/default.conf:3
>>>> >
>>>> > Help me with this issue.
>>>> >
>>>> You probably complied nginx from the vanilla repo while you should take
>>>> it from this one:
>>>>
>>>> https://hg.nginx.org/nginx-quic/file/quic
>>>>
>>>> See https://quic.nginx.org/ for more information.
>>>>
>>>> --
>>>> Maxim Konovalov
>>> _______________________________________________
>>> nginx-devel mailing list
>>> nginx-devel@nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>> _______________________________________________
>> nginx-devel mailing list
>> nginx-devel@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
> _______________________________________________
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
Nginx QUIC configuration file	HARISH KUMAR Ivaturi	2687	October 10, 2020 07:22AM
Re: Nginx QUIC configuration file	Manuel	1282	October 10, 2020 09:28AM
Re: Nginx QUIC configuration file	HARISH KUMAR Ivaturi	496	October 10, 2020 10:50AM
Re: Nginx QUIC configuration file	HARISH KUMAR Ivaturi	421	October 10, 2020 10:58AM
Re: Nginx QUIC configuration file	Maxim Konovalov	379	October 10, 2020 11:02AM
Re: Nginx QUIC configuration file	HARISH KUMAR Ivaturi	306	October 10, 2020 11:06AM
Re: Nginx QUIC configuration file	Manuel	280	October 10, 2020 11:20AM
Re: Nginx QUIC configuration file	HARISH KUMAR Ivaturi	277	October 10, 2020 11:24AM
Re: Nginx QUIC configuration file	Manuel	414	October 11, 2020 07:08PM
Re: Nginx QUIC configuration file	HARISH KUMAR Ivaturi	528	October 11, 2020 07:18PM
Re: Nginx QUIC configuration file	Manuel	449	October 12, 2020 02:04AM
Re: Nginx QUIC configuration file	Manuel	333	October 10, 2020 11:22AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 187

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018