Mercurial > hg > nginx
comparison README @ 9073:3c33d39a51d3 quic
README: updated building from sources, added directives reference.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 08 Feb 2023 12:47:35 +0400 |
parents | 79cd6993a3e3 |
children | 93876a4c3b27 |
comparison
equal
deleted
inserted
replaced
9072:def8e398d7c5 | 9073:3c33d39a51d3 |
---|---|
49 subsequently reference them from header blocks | 49 subsequently reference them from header blocks |
50 + Version Negotiation packet is sent to client with unknown version | 50 + Version Negotiation packet is sent to client with unknown version |
51 + Lost packets are detected and retransmitted properly | 51 + Lost packets are detected and retransmitted properly |
52 + Clients may migrate to new address | 52 + Clients may migrate to new address |
53 | 53 |
54 2. Installing | 54 2. Building from sources |
55 | |
56 The build is configured using the configure command. | |
57 Refer to http://nginx.org/en/docs/configure.html for details. | |
58 | |
59 When configuring nginx, it's possible to enable QUIC and HTTP/3 | |
60 using the following new configuration options: | |
61 | |
62 --with-http_v3_module - enable QUIC and HTTP/3 | |
63 --with-stream_quic_module - enable QUIC in Stream | |
55 | 64 |
56 A library that provides QUIC support is required to build nginx, there | 65 A library that provides QUIC support is required to build nginx, there |
57 are several of those available on the market: | 66 are several of those available on the market: |
58 + BoringSSL [4] | 67 + BoringSSL [4] |
59 + LibreSSL [5] | 68 + LibreSSL [5] |
82 of LibreSSL [7] | 91 of LibreSSL [7] |
83 | 92 |
84 $ ./auto/configure --with-debug --with-http_v3_module \ | 93 $ ./auto/configure --with-debug --with-http_v3_module \ |
85 --with-cc-opt="-I../libressl/build/include" \ | 94 --with-cc-opt="-I../libressl/build/include" \ |
86 --with-ld-opt="-L../libressl/build/lib" | 95 --with-ld-opt="-L../libressl/build/lib" |
87 | |
88 When configuring nginx, it's possible to enable QUIC and HTTP/3 | |
89 using the following new configuration options: | |
90 | |
91 --with-http_v3_module - enable QUIC and HTTP/3 | |
92 --with-stream_quic_module - enable QUIC in Stream | |
93 | 96 |
94 3. Configuration | 97 3. Configuration |
95 | 98 |
96 The HTTP "listen" directive got a new option "http3" which enables | 99 The HTTP "listen" directive got a new option "http3" which enables |
97 HTTP/3 over QUIC on the specified port. | 100 HTTP/3 over QUIC on the specified port. |
172 add_header Alt-Svc 'h3=":8443"; ma=86400'; | 175 add_header Alt-Svc 'h3=":8443"; ma=86400'; |
173 } | 176 } |
174 } | 177 } |
175 } | 178 } |
176 | 179 |
177 4. Clients | 180 4. Directives |
181 | |
182 Syntax: quic_bpf on | off; | |
183 Default: quic_bpf off; | |
184 Context: main | |
185 | |
186 Enables routing of QUIC packets using eBPF. | |
187 When enabled, this allows to support QUIC connection migration. | |
188 The directive is only supported on Linux 5.7+. | |
189 | |
190 | |
191 Syntax: quic_retry on | off; | |
192 Default: quic_retry off; | |
193 Context: http | stream, server | |
194 | |
195 Enables the QUIC Address Validation feature. This includes: | |
196 - sending a new token in a Retry packet or a NEW_TOKEN frame | |
197 - validating a token received in the Initial packet | |
198 | |
199 | |
200 Syntax: quic_gso on | off; | |
201 Default: quic_gso off; | |
202 Context: http | stream, server | |
203 | |
204 Enables sending in optimized batch mode using segmentation offloading. | |
205 Optimized sending is only supported on Linux featuring UDP_SEGMENT. | |
206 | |
207 | |
208 Syntax: quic_mtu size; | |
209 Default: quic_mtu 65527; | |
210 Context: http | stream, server | |
211 | |
212 Sets the QUIC max_udp_payload_size transport parameter value. | |
213 This is the maximum UDP payload that we are willing to receive. | |
214 | |
215 | |
216 Syntax: quic_host_key file; | |
217 Default: - | |
218 Context: http | stream, server | |
219 | |
220 Specifies a file with the secret key used to encrypt stateless reset and | |
221 address validation tokens. By default, a randomly generated key is used. | |
222 | |
223 | |
224 Syntax: quic_active_connection_id_limit number; | |
225 Default: quic_active_connection_id_limit 2; | |
226 Context: http | stream, server | |
227 | |
228 Sets the QUIC active_connection_id_limit transport parameter value. | |
229 This is the maximum number of connection IDs we are willing to store. | |
230 | |
231 | |
232 Syntax: quic_timeout time; | |
233 Default: quic_timeout 60s; | |
234 Context: stream, server | |
235 | |
236 Defines a timeout used to negotiate the QUIC idle timeout. | |
237 In the http module, it is taken from the keepalive_timeout directive. | |
238 | |
239 | |
240 Syntax: quic_stream_buffer_size size; | |
241 Default: quic_stream_buffer_size 64k; | |
242 Context: stream, server | |
243 | |
244 Syntax: http3_stream_buffer_size size; | |
245 Default: http3_stream_buffer_size 64k; | |
246 Context: http, server | |
247 | |
248 Sets buffer size for reading and writing of the QUIC STREAM payload. | |
249 The buffer size is used to calculate initial flow control limits | |
250 in the following QUIC transport parameters: | |
251 - initial_max_data | |
252 - initial_max_stream_data_bidi_local | |
253 - initial_max_stream_data_bidi_remote | |
254 - initial_max_stream_data_uni | |
255 | |
256 | |
257 Syntax: http3_max_concurrent_pushes number; | |
258 Default: http3_max_concurrent_pushes 10; | |
259 Context: http, server | |
260 | |
261 Limits the maximum number of concurrent push requests in a connection. | |
262 | |
263 | |
264 Syntax: http3_max_concurrent_streams number; | |
265 Default: http3_max_concurrent_streams 128; | |
266 Context: http, server | |
267 | |
268 Sets the maximum number of concurrent HTTP/3 streams in a connection. | |
269 | |
270 | |
271 Syntax: http3_push uri | off; | |
272 Default: http3_push off; | |
273 Context: http, server, location | |
274 | |
275 Pre-emptively sends (pushes) a request to the specified uri along with | |
276 the response to the original request. Only relative URIs with absolute | |
277 path will be processed, for example: | |
278 | |
279 http3_push /static/css/main.css; | |
280 | |
281 The uri value can contain variables. | |
282 | |
283 Several http3_push directives can be specified on the same configuration | |
284 level. The off parameter cancels the effect of the http3_push directives | |
285 inherited from the previous configuration level. | |
286 | |
287 | |
288 Syntax: http3_push_preload on | off; | |
289 Default: http3_push_preload off; | |
290 Context: http, server, location | |
291 | |
292 Enables automatic conversion of preload links specified in the “Link” | |
293 response header fields into push requests. | |
294 | |
295 | |
296 Syntax: http3_hq on | off; | |
297 Default: http3_hq off; | |
298 Context: http, server | |
299 | |
300 Enables HTTP/0.9 protocol negotiation used in QUIC interoperability tests. | |
301 | |
302 5. Clients | |
178 | 303 |
179 * Browsers | 304 * Browsers |
180 | 305 |
181 Known to work: Firefox 90+ and Chrome 92+ (QUIC version 1) | 306 Known to work: Firefox 90+ and Chrome 92+ (QUIC version 1) |
182 | 307 |
199 | 324 |
200 127.0.0.1 - - [24/Apr/2020:11:27:29 +0300] "GET / HTTP/3" 200 805 "-" | 325 127.0.0.1 - - [24/Apr/2020:11:27:29 +0300] "GET / HTTP/3" 200 805 "-" |
201 "nghttp3/ngtcp2 client" "quic" | 326 "nghttp3/ngtcp2 client" "quic" |
202 | 327 |
203 | 328 |
204 5. Troubleshooting | 329 6. Troubleshooting |
205 | 330 |
206 Here are some tips that may help to identify problems: | 331 Here are some tips that may help to identify problems: |
207 | 332 |
208 + Ensure nginx is built with proper SSL library that supports QUIC | 333 + Ensure nginx is built with proper SSL library that supports QUIC |
209 | 334 |
229 #define NGX_QUIC_DEBUG_PACKETS | 354 #define NGX_QUIC_DEBUG_PACKETS |
230 #define NGX_QUIC_DEBUG_FRAMES | 355 #define NGX_QUIC_DEBUG_FRAMES |
231 #define NGX_QUIC_DEBUG_ALLOC | 356 #define NGX_QUIC_DEBUG_ALLOC |
232 #define NGX_QUIC_DEBUG_CRYPTO | 357 #define NGX_QUIC_DEBUG_CRYPTO |
233 | 358 |
234 6. Contributing | 359 7. Contributing |
235 | 360 |
236 Please refer to | 361 Please refer to |
237 http://nginx.org/en/docs/contributing_changes.html | 362 http://nginx.org/en/docs/contributing_changes.html |
238 | 363 |
239 7. Links | 364 8. Links |
240 | 365 |
241 [1] https://datatracker.ietf.org/doc/html/rfc9000 | 366 [1] https://datatracker.ietf.org/doc/html/rfc9000 |
242 [2] https://datatracker.ietf.org/doc/html/rfc9114 | 367 [2] https://datatracker.ietf.org/doc/html/rfc9114 |
243 [3] https://mailman.nginx.org/mailman3/lists/nginx-devel.nginx.org/ | 368 [3] https://mailman.nginx.org/mailman3/lists/nginx-devel.nginx.org/ |
244 [4] https://boringssl.googlesource.com/boringssl/ | 369 [4] https://boringssl.googlesource.com/boringssl/ |