Http3 only works on ipv6

egorka · February 16, 2024, 8:04pm

strange problem. the site opens perfectly on http3 if you access it using ip6, but stubbornly remains on http2 if you leave only ip4.

in the config I tried different combinations and options that I found on Google:

server {
listen 82.202..:443 quic;# reuseport;
listen 82.202..:443 ssl;

    #listen      [2a00:ab00:1103:*::*]:443 quic reuseport;
    #listen      [2a00:ab00:1103:*::*]:443 ssl;

    http3 on;
    # http3_hq on; ???
    quic_retry on;
    quic_gso on;
    # ssl_early_data on; already in the main config

    # required for browsers to direct them to quic port
    # from location / {
    add_header Alt-Svc 'h3-28=":443"; ma=604800';
    add_header Alt-Svc 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000';
    add_header x-quic 'h3';
    add_header X-protocol $server_protocol always;
    server_name *.* www.*.*;

instead of asterisks - numbers and domains.

the essence of the problem: on IP6 everything is fine, in chrome you can immediately see h3. Doesn’t work on IP4.

I suspect that somewhere Hestia automatically does something for ip4, but I didn’t find anything

egorka · February 16, 2024, 9:05pm

UDP 443 in firewall ))

This is an important step, but not a solution to the problem ((

I tried stopping iptables - it didn’t help

egorka · February 17, 2024, 2:54pm

I made different domains, on different IPs, so as not to confuse anything.

I can’t imagine how this is possible, but:

if the domain in the dns only has IP4, then everything works

If the domain has IP4 and IP6 in the dns, then http3 on IP4 does not work for it.

egorka · February 17, 2024, 3:22pm

The feature is not related to the panel, Nginx version or ssl library. it’s like this:
if the client has IP6, the domain DNS has IP6, but the IP6 server does not listen, then the browser (Chrome) will not switch to http3

system · March 18, 2024, 3:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.