On 4/10/2022 4:48 PM, Shawn Heisey wrote:
I think that's probably a bug. A workaround could maybe be found, if there is another condition I can use for the redirect that will redirect tcp/80 connections but not tcp/443 or udp/443.
I did think of a workaround. I can set up another frontend that's mostly like the first one, missing the https redirect, and move the quic bind to that. My frontend on that server is 141 lines, though ... and it's not as big as the other server where I now have two haproxy instances. That's a lot of config duplication. I'd rather have ssl_fc set appropriately. But I can do the frontend duplication as a temporary measure.
All the fiddling has revealed that Chrome is a lot better at HTTP/3 than Firefox. Firefox seems to completely ignore the alt-svc header most of the time. Then suddenly it will work, with no idea why the behavior changed.
A lot of the requests (even from Chrome) are still reaching the server as HTTP/2 though, and never handled by the haproxy 2.6 instance. I can't tell if the problem is the browser or something in my haproxy config.
Thanks, Shawn
