Opened 3 months ago

#2263 new defect

Nginx-Quic - Only 1 quic domain possible on udp 443

Reported by: bertusdebruin@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.19.x
Keywords: Cc:
uname -a: Linux test102 5.10.0-9-amd64 #1 SMP Debian 5.10.70-1 (2021-09-30) x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.21.3 (test102)
built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL)
TLS SNI support enabled
configure arguments: --with-cc-opt='-I../boringssl/include -g -O2 -ffile-prefix-map=/home/roman/Desktop/nginx/nginx-quic-quic=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -fPIC' --with-ld-opt='-L../boringssl/build/ssl -L../boringssl/build/crypto' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_v2_hpack_enc --with-http_v3_module --with-http_quic_module --with-http_dav_module --with-http_slice_module --with-threads --with-zlib=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/zlib-cloudflare --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_quic_module --with-mail=dynamic --with-mail_ssl_module --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-auth-pam --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-dav-ext --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-echo --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-upstream-fair --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-brotli --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-vhost-traffic-status --add-dynamic-module=/home/roman/Desktop/nginx/nginx-quic-quic/debian/modules/http-subs-filter

Description

Seems as it is only possible to connect 1 Quic domain with Nginx-Quic on the same udp port.
All the other domains on the same Quic port are failed to connect using the Quic connection.

Tested with the default udp 443 port and http/3 curl + chrome,firefox,edge.
with the example configuration as suggested at https://quic.nginx.org/readme.html.

Workaround use another udp port:
For example domain1 udp port 443 and domain2 udp port 8443 and the problem is gone in 60 seconds.

Is this a known nginx-quic bug?
It would be very nice if all domains are accessible via the same Quic on udp port 443.

Thanks.

Change History (0)

Note: See TracTickets for help on using tickets.