After seeing http/3 (orange lightning bolt with the HTTP Version
Indicator extension) talking to a lot of websites, I had thought the
standard was further along than it is. I see that the openssl team is
discussing it, and plans to fully embrace it, but hasn't actually
started putting QUIC code in openssl yet, and it may be quite some time
before something usable shows up even in their master branch.
It's been fun fiddling with it using haproxy with quictls, and I hope I
can provide useful information to stabilize the implementation.
I'd like to say thank you to Willy and all the other people who make
haproxy one of the best things in my problem-solving arsenal. It
handles the internet side of all my web deployments. I haven't yet put
other services behind it. At a previous $DAYJOB I had been testing FTP
load-balancing, which I did get working, but didn't actually get to the
deployment stage.
At the moment, I am experiencing two problems with http3. The second
problem might actually just be another instance of the first problem.
First problem: If I do enough fiddling with an HTTP3 page, in either
Firefox or Chrome, eventually that page will stop loading and the only
way I've found to fix it is to completely close the browser and reopen
it. Restarting haproxy or Apache doesn't seem to help.
Second problem: If I try pasting a REALLY large block of text into my
paste website at the following URL while I have it configured to use
HTTP/3, it won't work. The page never loads. I can't tell if this is a
separate problem from the one above, or just another occurrence of it
that triggers more readily because there is more data transferred. The
reason I think it might be actually the first problem is that if I open
another tab, I can't get to the website ... but if I close the browser
and reopen it, then I can get to the website again.
https://paste.elyograg.org/
If I remove the paste website from the http3 ACL so it doesn't send the
alt-svc header, then everything works once I can convince the browser to
stop using HTTP/3.
I don't have these issues talking to other sites using HTTP/3
extensively, like facebook and google.
Thanks,
Shawn