Will there be support for http3?

http3 is already a stable content in nginx, in the latest version, you only need to modify the configuration file to use http3, when will hestiacp provide http3 support?

1 Like

I tried inserting the following 2 lines in line 8 of /home/admin/conf/[domain]/nginx.ssl.conf

listen 10.0.8.40:443 quic reuseport;
add_header Alt-Svc 'h3=":443"; ma=86400';

Then restart the server

UDP443 is allowed in the firewall rule, and HTTP3 is successfully enabled

2 Likes

This configuration works for me, because if I add reuseport, nginx does not want to restart, showing an error.

image

server {
    listen      %ip%:%proxy_ssl_port% quic; #  HTTP/3
    listen      %ip%:%proxy_ssl_port% ssl; # http2

    server_name %domain_idn% %alias_idn%;
    error_log   /var/log/%web_system%/domains/%domain%.error.log error;

    ssl_certificate     %ssl_pem%;
    ssl_certificate_key %ssl_key%;
    ssl_stapling        on;
    ssl_stapling_verify on;

   # HTTP/3
    http3 on;
    quic_retry on;
    ssl_early_data on;
    quic_gso on;
[...]

reuseport should only be used once in a server, you should remove reuseport for the the other ones and nginx will use reuseport for all of them.

1 Like

Nginx doesn’t say that: https://nginx.org/en/docs/quic.html

Support for QUIC and HTTP/3 protocols is available since 1.25.0. Also, since 1.25.0, the QUIC and HTTP/3 support is available in Linux binary packages.

The QUIC and HTTP/3 support is experimental, caveat emptor applies.

I don’t have reuseport used in any nginx template, nor in the main nginx.conf file :frowning:

Update :slight_smile: interesting, because I just wrote it and there is no nginx error, so everything is OK. Not always one browser uses http3, only http2, even though it has quic enabled and is the latest. I just can’t understand this.

when I have apache + nginx, everything works fine, no quic appears in nginx itself, what could be the reason?

I don’t use http3 but I’ve configured one site to use it and I see no problem, I’ve tested it with Firefox and inspector console with disabled cache and I always see http3 as protocol, if I switch cache to enabled, then I see some protocol as http2 but that is a browser cache issue.

I’ve no idea what you mean.

I also meant that it works for me with apache + nginx, but not in nginx alone, strange. Same steps, thigh port unlocked, same changes but it doesn’t work…

I’m using only nginx. Did you open port 443 UDP?

yes, of course :slight_smile:

and

annd this:

server {
        listen      %ip%:%web_ssl_port% ssl;
        listen      %ip%:%web_ssl_port% quic; # http3
        server_name %domain_idn% %alias_idn%;
        root        %sdocroot%;
        index       index.php index.html index.htm;
        access_log  /var/log/nginx/domains/%domain%.log combined;
        access_log  /var/log/nginx/domains/%domain%.bytes bytes;
        error_log   /var/log/nginx/domains/%domain%.error.log error;

# HTTP/3
    http3 on;
    quic_retry on;
    ssl_early_data on;
    quic_gso on;

    add_header alt-svc 'h3=":443"; ma=86400';
    add_header Alt-Svc 'h3-23=":443"; ma=86400'; # Advertise that HTTP/3 is available
    add_header Alt-Svc 'h3-29=":443"; ma=86400'; # Another version of HTTP/3

I’m using this conf and it works fine:

server {
        listen      203.0.113.1:443 quic reuseport;
        listen      203.0.113.1:443 ssl;
        server_name example.net www.example.net;
        root        /home/user/web/example.net/public_html;
        index       index.php index.html index.htm;
        access_log  /var/log/nginx/domains/example.net.log combined;
        access_log  /var/log/nginx/domains/example.net.bytes bytes;
        error_log   /var/log/nginx/domains/example.net.error.log error;

        ssl_certificate     /home/user/conf/web/example.net/ssl/example.net.pem;
        ssl_certificate_key /home/user/conf/web/example.net/ssl/example.net.key;
        ssl_stapling        on;
        ssl_stapling_verify on;

        # TLS 1.3 0-RTT anti-replay
        if ($anti_replay = 307) { return 307 https://$host$request_uri; }
        if ($anti_replay = 425) { return 425; }
        add_header Alt-Svc 'h3=":$server_port"; ma=86400';
        include /home/user/conf/web/example.net/nginx.hsts.conf*;
[...]

Remember quic reuseport only in one server block, for the other domains, only quic


when I test it, the website is green http3 is enabled and it seems to work properly, but I have never seen a connection in a Chrome or Firefox browser using http3, I always have http2.
I only have a problem with this domain.

1 Like

as possible, I clear the cache, restart nginx, and I still see http2. How to do it effectively? Have I missed something in the browser cache? on my phone, when I log in, I have http2.

I’m testing with Firefox in Windows and Linux and the only thing I do in inspector is disable cache, nothing else.

I will analyze it further, thank you very much :+1::blush::blush:

1 Like