参照:
https://github.com/cloudflare/quiche/tree/master/extras/nginx
https://vqiu.cn/nginx-ti-yan-http-3-0-cloudflarebu-ding/
https://github.com/cloudflare/quiche
1、升级cmake
参照:https://www.jianshu.com/p/d5dd6514526a
yum remove cmake
cd /opt
wget https://github.com/Kitware/CMake/releases/download/v3.14.5/cmake-3.14.5-Linux-x86_64.tar.gz
tar zxvf cmake-3.14.5-Linux-x86_64.tar.gz
编辑:/etc/profile.d/cmake.sh
1 2 |
export CMAKE_HOME=/opt/cmake-3.14.5-Linux-x86_64 export PATH=$PATH:$CMAKE_HOME/bin |
source /etc/profile
cmake -version
2、安装golang等
yum install go -y
yum install cargo -y
yum install openssl openssl-devel -y
yum install 一些别的需要用到的组件,比如:gcc编译环境等
3、编译安装nginx
来源:https://blog.cloudflare.com/experiment-with-http-3-using-nginx-and-quiche/
curl -O https://nginx.org/download/nginx-1.16.1.tar.gz
tar xvzf nginx-1.16.1.tar.gz
git clone –recursive https://github.com/cloudflare/quiche
cd nginx-1.16.1
patch -p01 < ../quiche/extras/nginx/nginx-1.16.patch
% ./configure \
–prefix=$PWD \
–with-http_ssl_module \
–with-http_v2_module \
–with-http_v3_module \
–with-openssl=../quiche/deps/boringssl \
–with-quiche=../quiche
% make
这里需要注意一个事项,就是编译的过程中会找一些依赖,需要科学上网一下才行。不然对应的依赖拉不下来【或者直接在国外的服务器上面进行编译也可以】
4、配置启动
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
events { worker_connections 1024; } http { server { # Enable QUIC and HTTP/3. listen 443 quic reuseport; # Enable HTTP/2 (optional). listen 443 ssl http2; ssl_certificate cert.crt; ssl_certificate_key cert.key; # Enable all TLS versions (TLSv1.3 is required for QUIC). ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Add Alt-Svc header to negotiate HTTP/3. add_header alt-svc 'h3-23=":443"; ma=86400'; } } |
5、测试验证
参照:https://halfrost.com/quic_start/#1
curl客户端:https://github.com/curl/curl/blob/master/docs/HTTP3.md#quiche-version
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
[root@tyumen-test curl]# ./src/curl -vo /dev/null https://quic.tyumen.cn/css/litespeed.min-010419.css --http3 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 10.10.10.15:443... * Sent QUIC client Initial, ALPN: h3-25h3-24h3-23 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* h3 [:method: GET] * h3 [:path: /css/litespeed.min-010419.css] * h3 [:scheme: https] * h3 [:authority: quic.tyumen.cn] * h3 [user-agent: curl/7.69.0-DEV] * h3 [accept: */*] * Using HTTP/3 Stream ID: 0 (easy handle 0x1a7d320) > GET /css/litespeed.min-010419.css HTTP/3 > Host: quic.tyumen.cn > user-agent: curl/7.69.0-DEV > accept: */* > < HTTP/3 200 < server: nginx < date: Sat, 04 Apr 2020 14:39:34 GMT < content-type: text/css < content-length: 200229 < last-modified: Wed, 19 Feb 2020 10:38:14 GMT < vary: Accept-Encoding < etag: "5e4d1016-30e25" < expires: Sat, 04 Apr 2020 14:39:44 GMT < cache-control: max-age=10 < alt-svc: h3-25=":443"; ma=86400 < accept-ranges: bytes < { [6142 bytes data] 100 195k 100 195k 0 0 560k 0 --:--:-- --:--:-- --:--:-- 558k * Connection #0 to host quic.tyumen.cn left intact |
上面的报文回应能够看到响应头的协议是HTTP/3了。然后抓包查看发现传输的数据通过udp进行的数据传输,比如:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
22:51:54.682129 IP (tos 0x0, ttl 53, id 12067, offset 0, flags [DF], proto UDP (17), length 1228) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 1200 22:51:54.684362 IP (tos 0x0, ttl 64, id 57217, offset 0, flags [DF], proto UDP (17), length 227) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x5a3c -> 0x7c1c!] UDP, length 199 22:51:54.684391 IP (tos 0x0, ttl 64, id 57218, offset 0, flags [DF], proto UDP (17), length 1224) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x5e21 -> 0x16a7!] UDP, length 1196 22:51:54.684403 IP (tos 0x0, ttl 64, id 57219, offset 0, flags [DF], proto UDP (17), length 1225) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x5e22 -> 0x26db!] UDP, length 1197 22:51:54.684410 IP (tos 0x0, ttl 64, id 57220, offset 0, flags [DF], proto UDP (17), length 906) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x5ce3 -> 0xb494!] UDP, length 878 22:51:54.689627 IP (tos 0x0, ttl 53, id 12069, offset 0, flags [DF], proto UDP (17), length 1228) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 1200 22:51:54.689634 IP (tos 0x0, ttl 53, id 12070, offset 0, flags [DF], proto UDP (17), length 138) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 110 22:51:54.689636 IP (tos 0x0, ttl 53, id 12071, offset 0, flags [DF], proto UDP (17), length 89) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 61 22:51:54.689812 IP (tos 0x0, ttl 64, id 57223, offset 0, flags [DF], proto UDP (17), length 98) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x59bb -> 0xb0fd!] UDP, length 70 22:51:54.689831 IP (tos 0x0, ttl 64, id 57224, offset 0, flags [DF], proto UDP (17), length 527) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x5b68 -> 0x707a!] UDP, length 499 22:51:54.689836 IP (tos 0x0, ttl 64, id 57225, offset 0, flags [DF], proto UDP (17), length 71) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x59a0 -> 0x79fa!] UDP, length 43 22:51:54.689841 IP (tos 0x0, ttl 64, id 57226, offset 0, flags [DF], proto UDP (17), length 71) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x59a0 -> 0xac17!] UDP, length 43 22:51:54.689847 IP (tos 0x0, ttl 64, id 57227, offset 0, flags [DF], proto UDP (17), length 96) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x59b9 -> 0x9ba3!] UDP, length 68 22:51:54.689874 IP (tos 0x0, ttl 64, id 57228, offset 0, flags [DF], proto UDP (17), length 71) 10.10.10.15.https > 10.0.2.6.42136: [bad udp cksum 0x59a0 -> 0xf67c!] UDP, length 43 22:51:54.690071 IP (tos 0x0, ttl 53, id 12072, offset 0, flags [DF], proto UDP (17), length 71) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 43 22:51:54.690077 IP (tos 0x0, ttl 53, id 12073, offset 0, flags [DF], proto UDP (17), length 71) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 43 22:51:54.690078 IP (tos 0x0, ttl 53, id 12074, offset 0, flags [DF], proto UDP (17), length 167) 10.0.2.6.42136 > 10.10.10.15.https: [udp sum ok] UDP, length 139 22:51:54.690097 IP (tos 0x0, ttl 64, id 57229, offset 0, flags [DF], proto UDP (17), length 71) |
原理:https://www.cnblogs.com/mod109/p/7372577.html
ats的quic版本:https://github.com/apache/trafficserver/tree/quic-latest