Welcome! Log In Create A New Profile

Advanced

Re: [nginx-quic]

Vladimir Homutov
June 14, 2021 01:02PM
14.06.2021 19:43, Lucas Cuminato пишет:
> Hi, Vladimir, thanks for replying.
>
> I'm not using any protocol over QUIC, just using QUIC to send/receive
> raw data to/from my application and the server, and having nginx proxy
> it to a TCP server.
> I do have a proxy_pass configured in my setup. I just omitted for
> simplicity.
>
> R,
> Lucas.

Ok, so you have custom backend that knows what to do with QUIC streams?
And you backend is TCP-based? Sounds quite interesting. Or does it deal
with single stream only?

Anyway, right now it fails at ALPN stage. Probably, in future, we may
introduce some configuration directive to control it. It is not yet
absolutely clear how the stream module should deal with quic.

Yoy may want to try to copy the code wich sets ALPN callback from
http_quic module and provides some meaningful value for protocol.

>
>
> On Mon, Jun 14, 2021 at 11:35 AM Vladimir Homutov <vl@nginx.com
> <mailto:vl@nginx.com>> wrote:
>
> 14.06.2021 18:08, Lucas Cuminato пишет:
> > Hello,
> >
> > Not sure If this is a bug in nginx-quic or if I'm not configuring
> > it correctly but when trying to use nginx-quic with the following
> settings.
> >
> > stream {
> >      server {
> >          listen 5555 quic reuseport;
> >          ssl_session_cache off;
> >          ssl_client_certificate ca.pem
> >          ssl_verify_client on;
> >          ssl_session_tickets off;
> >          ssl_certificate         cert.pem
> >          ssl_certificate_key    key.pem;
> >          ssl_protocols       TLSv1.3;
> >      }
> > }
> >
> > and using a standalone application that uses ngtcp2 to try to
> connect to
> > nginx-quic, I get a TLS alert saying that "No application protocol".
> > I've tracked this down and it seems like nginx-quic is not
> setting any
> > ALPN for the SSL context when using QUIC as a stream (in
> > ngx_stream_ssl_module.c).
> > It does it set it when using QUIC as HTTP
> (in ngx_http_ssl_module.c).
> > Now, I believe ALPN is mandatory for QUIC according to the
> > QUIC-TRANSPORT draft, so this might be a bug.
> > By copying the code done in ngx_http_ssl_module.c for setting the
> ALPN
> > and using it in ngx_stream_ssl_module.c, I was able to make my
> > standalone app connect and transfer data, but not sure
> > if this is the right fix.
> >
> > R,
> > Lucas.
> >
> Hello,
> this is expected with stream module.
> ALPN is required, but is not clear what protocol (http3? other protocol
> over quic?) is going to be used.
> Can you please elaborate your use case? What are you going to achieve?
> Also, the suggested configuration is not going to work, since you don't
> have any content handling module (i.e. proxy_pass or return).
>
>


_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx-quic]

Lucas Cuminato 228 June 14, 2021 11:10AM

Re: [nginx-quic]

Vladimir Homutov 98 June 14, 2021 12:36PM

Re: [nginx-quic]

Lucas Cuminato 141 June 14, 2021 12:46PM

Re: [nginx-quic]

Vladimir Homutov 156 June 14, 2021 01:02PM

Re: [nginx-quic]

Lucas Cuminato 114 June 14, 2021 01:20PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 72
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready