A Bit of Introduction to HTTP/3 Of course, an important difference of HTTP/3
is that it runs on the new QUIC transport protocol. QUIC is designed for heavy use of mobile devices on the internet, with people carrying smartphones that are constantly switching from one network to another throughout the day. When the first internet protocols were developed, this wasn't the case: devices were less portable and didn't switch between networks often.
In other words, QUIC will help fix some of the biggest drawbacks of HTTP/2:
-
Developing a solution to the problem of poor performance when switching a smartphone from Wi-Fi to cellular data (e.g., when leaving home or office)
-
Reducing the effects of packet loss - when one packet of information does not reach its destination, it no longer blocks all streams of information (a problem known as "linehead blocking").
By the way, the QUIC protocol was developed by Google back in 2012 and adopted by the Internet Engineering Task Force (IETF) — a vendor-agnostic standards organization — when they started creating the new HTTP/3 standard. After consulting with experts from around the world, the IETF made many changes to develop its own version of QUIC.
Enable HTTP/3 support in Nginx Support for QUIC and HTTP/3 protocols is available starting from version 1.25.0. Also, starting with 1.25.0, support is available in pre-built packages for Linux
.
QUIC and HTTP/3 support is experimental, so anything is possible.
Checking the nginx version:Making sure the version is correct:
nginx -v$ nginx version: nginx/1.25.3A QUIC-enabled SSL library such as BoringSSL, LibreSSL, or QuicTLS is recommended for building nginx. Otherwise, when using the OpenSSL library, the OpenSSL compatibility layer will be used, which does not support early data.
So, we have a standard nginx virtual host with HTTP/2:Now let's supplement it with directives to enable HTTP/3:Basically, that's it, if you have problems with the connection, make sure:
server
{
listen 443 ssl;
# включаем поддержку http2
http2 on;
ssl_protocols TLSv1.2;
ssl_certificate /path_certs/fullchain.pem;
ssl_certificate_key path_certs/privkey.pem;
...
}server
{
# для лучшей совместимости рекомендуется использовать один порт для quic и https
# указываем протокол quic и параметр reuseport для правильной работы с несколькими рабочими процессами
listen 443 quic reuseport;
listen 443 ssl;
# включаем поддержку http2
http2 on;
# включаем поддержку http3
http3 on;
# разрешаем GSO
quic_gso on;
# разрешаем проверку адреса
quic_retry on;
# Для работы QUIC требуется версия протокола TLSv1.3.
ssl_protocols TLSv1.2 TLSv1.3;
ssl_certificate /path_certs/fullchain.pem;
ssl_certificate_key path_certs/privkey.pem;
# для перенаправления браузеров в quic-порт
add_header Alt-Svc 'h3=":443";max=86400';
...
}
-
that nginx is built with the correct SSL library and version
-
that the client really supports working with QUIC
After making edits and rebooting the web server, you can check the HTTP/3 support through the service, or now you can immediately check the site below in the field.
