How can I enable HTTP/3 ?

remics

New Member
#1
Hello! Port 443 is open in my firewall but HTTP/3 with QUIC doesn't work.
site: https://www.montarumnegocio.com/

I'm using https://http3check.net/ to test.
Screenshot_40.png

Openlitespeed version:
Code:
LiteSpeed/1.7.3 Open
        module versions:
        modgzip 1.1
        cache 1.62
        modinspector 1.1
        uploadprogress 1.1
        mod_security 1.3
 (built: Wed Jul  8 21:33:42 UTC 2020)
        module versions:
        modgzip 1.1
        cache 1.62
        modinspector 1.1
        uploadprogress 1.1
        mod_security 1.3
 

remics

New Member
#4
Hello!
Thanks so much. I did everything but doesn't work.

I executed this command on the remote server:
nc -v -u www.montarumnegocio.com 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 187.45.181.66:443.
^C

I executed this command in my server
nc -v -u www.google.com 443
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 172.217.172.132:443.
^C

I disabled LF_SPI e UDPFLOOD in CSF Firewall.

I'm using DirectAdmin + CSF.
 

gilles

Active Member
#9
Sorry to hijack this thread. I am using OLS v1.7.5 and HTTP/3 does not work on my site: https://swinginatthesavoy.com/
even though I have QUIC enabled. I am using Cloudflare for DNS only (reverse proxy is disabled). Would appreciate getting some help to figure it out.
 

gilles

Active Member
#11
I did run each command successfully:
> netstat -lupn | grep 443
udp 0 0 0.0.0.0:443 0.0.0.0:* 159001/openlitespee
udp 0 0 0.0.0.0:443 0.0.0.0:* 159001/openlitespee
> nc -v -u www.google.com 443
Connection to www.google.com 443 port [udp/*] succeeded!
> nc -v -u swinginatthesavoy.com 443
Connection to swinginatthesavoy.com port 443 [udp/https] succeeded!
and also went through the checklist. No related errors that I can see in the logs.
 

Pong

Administrator
#12
alt-svc:

quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-30=":443"; ma=2592000

I can see your Quic ok https://prnt.sc/vcvlur
 

gilles

Active Member
#13
Thank you. Turns out the mod_security.so library was missing from the /usr/local/lsws/modules directory and that was probably causing a lot of issues. Now I don't see cache.so either, is that normal? I see the following:
-rwxr-xr-x 1 root root 954816 Oct 8 2019 cache.so-1.5.6
-rwxr-xr-x 1 root root 65657080 Oct 8 2019 mod_security.so-1.5.6
-rwxr-xr-x 1 root root 18252760 Oct 8 2019 modpagespeed.so-1.5.6
lrwxrwxrwx 1 root www-data 14 Oct 8 2019 cache.so.old -> cache.so-1.6.1
lrwxrwxrwx 1 root www-data 21 Oct 8 2019 modpagespeed.so.old -> modpagespeed.so-1.6.1
lrwxrwxrwx 1 root www-data 21 Oct 8 2019 mod_security.so.old -> mod_security.so-1.6.1
-rwxr-xr-x 1 root root 739528 Oct 8 2019 cache.so-1.6.1
-rwxr-xr-x 1 root root 66699976 Sep 9 20:30 mod_security.so-1.6.1
-rwxr-xr-x 1 root root 18253264 Sep 17 17:52 modpagespeed.so-1.6.1
-rw-r--r-- 1 root root 117832 Oct 15 01:43 uploadprogress.so
-rw-r--r-- 1 root root 7907312 Oct 15 01:43 mod_security.so
-rw-r--r-- 1 root root 113704 Oct 15 01:43 modreqparser.so
-rw-r--r-- 1 root root 12719008 Oct 15 01:43 modpagespeed.so
-rw-r--r-- 1 root root 121888 Oct 15 01:43 mod_js.so
-rw-r--r-- 1 root root 10712 Oct 15 01:43 modinspector.so
-rw-r--r-- 1 root root 273 Nov 2 11:21 modpagespeed.def
-rw-r--r-- 1 root root 301 Nov 3 13:32 mod_security.def
-rw-r--r-- 1 root root 152 Nov 3 13:32 moddecompress.def
-rw-r--r-- 1 root root 149 Nov 3 13:32 modcompress.def
-rw-r--r-- 1 root root 708 Nov 3 13:32 cache.def
even though the cache version is supposed to be 1.6.2.
 

Pong

Administrator
#14
seems a different questions than http3? should be seperate thread?

anyway, in the latest version cache.so builtinto OLS already. no separate cache.so file anymore.
 

gilles

Active Member
#15
Coming back to the QUIC & HTTP/3, it only works if I set 'Enable QUIC' to Yes at the vhost level. If I select 'Not Set', it does not work. Which is contrary to what the help message says, i.e. default is 'Yes'.

So either the documentation is incorrect, or it's not behaving as expected.
 

gilles

Active Member
#16
After further testing, I confirm it does not work for me unless I set 'Enable QUIC' explicitly to 'Yes'.
It also appears that setting 'Enable ECDH Key Exchange' to 'Yes' sometimes causes issues too.
 
Last edited:

gilles

Active Member
#18
And now it's back. This is puzzling. I should retract my statement about not changing anything on the server config. I deleted a directory that another vhost was pointing to (because I didn't need it). Is it possible that created an error that killed HTTP/3? Seems unlikely but I guess I don't know how this is all coded.
 

gilles

Active Member
#20
I would appreciate help to figure out why HTTP/3 works if I restart the server but then disappears after some time (most likely when new lsphp processes get created).
 
Top