#2504 closed defect (invalid)

duplicate listen options for 0.0.0.0:443 if QUIC used

Reported by: reborns@… Owned by:
Priority: minor Milestone:
Component: documentation Version:
Keywords: Cc:
uname -a: Linux aasa 5.10.0-23-amd64 #1 SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.25.0
built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
built with LibreSSL 3.7.2
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_v3_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-pcre-jit --with-compat --with-file-aio --with-threads --with-openssl=/nginx/modules/libressl-3.7.2 --with-openssl-opt='threads -fPIC' --add-module=/nginx/modules/nginx_headers_more_module --add-module=/nginx/modules/nginx_dav_ext_module --add-module=/nginx/modules/nginx_sticky_module --add-dynamic-module=/nginx/modules/nginx_brotli --add-dynamic-module=/nginx/modules/nginx_passenger --add-dynamic-module=/nginx/modules/nginx_module_vts --add-dynamic-module=/nginx/modules/nginx_njs/nginx --add-dynamic-module=/nginx/modules/nginx_http_geoip2_module --with-cc-opt='-g -O2 -ffile-prefix-map=/nginx/nginx-1.25.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'

Description (last modified by reborns@…)

Hello, I don't know this is bug or configuration misunderstanding but ..

I compiled nginx 1.25 with LibreSSL but QUIC only works for one server_name. if I try to add another server_name, then nginx gives an error.

## Config

server {

server_name domain1.example.net;
listen 443 quic reuseport;
listen 443 ssl;

ssl_certificate /etc/ssl/fullchain.cer;
ssl_certificate_key /etc/ssl/private.key;

location / {

add_header Alt-Svc 'h3=":443"; ma=86400';

}

}
server {

server_name domain2.example.net;
listen 443 quic reuseport;
listen 443 ssl;

ssl_certificate /etc/ssl/fullchain.cer;
ssl_certificate_key /etc/ssl/private.key;

location / {

add_header Alt-Svc 'h3=":443"; ma=86400';

}

}

## Error

nginx: [emerg] duplicate listen options for 0.0.0.0:443 in /etc/nginx/sites-enabled/01-test.conf:17
nginx: configuration file /etc/nginx/nginx.conf test failed

So, when I remove QUIC for domain2 error is gone but only domain1 works with http3

How to use http3 for all domains ?

Change History (5)

comment:1 by reborns@…, 10 months ago

Description: modified (diff)

comment:2 by reborns@…, 10 months ago

Description: modified (diff)

comment:3 by Roman Arutyunyan, 10 months ago

Hello. This has nothing to do with QUIC. You need to remove reuseport from the second listen. It will be inherited from the first one.

in reply to:  3 comment:4 by reborns@…, 10 months ago

Replying to Roman Arutyunyan:

Hello. This has nothing to do with QUIC. You need to remove reuseport from the second listen. It will be inherited from the first one.

Thank you . problem solved :)

comment:5 by Sergey Kandaurov, 10 months ago

Resolution: invalid
Status: newclosed

Thanks for the update, closing this.

Note: See TracTickets for help on using tickets.