Opened 6 months ago
Last modified 6 months ago
#2641 new defect
Q:Does NGINX QUIC Support KTLS?
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | trivial | Milestone: | |
| Component: | http/3 | Version: | 1.25.x |
| Keywords: | Cc: | ||
| uname -a: | Linux ubuntu 5.15.0-107-generic #117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.25.5
built by gcc 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04) built with OpenSSL 3.0.13 30 Jan 2024 TLS SNI support enabled configure arguments: --with-debug --prefix=/usr/local --conf-path=/usr/local/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-openssl=../openssl-3.0.13 --with-openssl-opt=enable-ktls --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' --with-http_v3_module |
||
Description
I configured my nginx to port 8443 which supports both quic and h2.
When i tried downloading file using quic, nginx seems to be not using quic while h2 i using KTLS
Am i missing anything here?
Note:
See TracTickets
for help on using tickets.
This is with h2
`{ [249 bytes data]
{ [5 bytes data]
< HTTP/2 200
< server: nginx/1.25.5
< date: Fri, 17 May 2024 17:33:50 GMT
< content-type: application/pdf
< content-length: 30182355
< last-modified: Fri, 17 May 2024 07:35:03 GMT
< etag: "664708a7-1cc8bd3"
< alt-svc: h3=":8443"; ma=86400
< x-protocol: HTTP/2.0
< accept-ranges: bytes
<
} [5 bytes data]
############################# 23.3%C
root@ubuntu:~# grep BIO /var/log/nginx/error.log
2024/05/17 17:33:50 [debug] 141978#141978: *1 BIO_get_ktls_send(): 1
root@ubuntu:~#
root@ubuntu:~# grep SSL_sendfile /var/log/nginx/error.log
2024/05/17 17:33:50 [debug] 141978#141978: *1 SSL_sendfile: 8192
2024/05/17 17:33:50 [debug] 141978#141978: *1 SSL_sendfile: 8192
2024/05/17 17:33:50 [debug] 141978#141978: *1 SSL_sendfile: 8192
`Below is with h3
As we can see File started downloading but not with KTLS
`< HTTP/3 200
< server: nginx/1.25.5
< date: Fri, 17 May 2024 17:35:00 GMT
< content-type: application/pdf
< content-length: 30182355
< last-modified: Fri, 17 May 2024 07:35:03 GMT
< etag: "664708a7-1cc8bd3"
< alt-svc: h3=":8443"; ma=86400
< x-protocol: HTTP/3.0
< accept-ranges: bytes
<
{ [415 bytes data]
########################## 21.3%C
root@ubuntu:~# grep BIO /var/log/nginx/error.log
2024/05/17 17:33:50 [debug] 141978#141978: *1 BIO_get_ktls_send(): 1
root@ubuntu:~#
`