Enabling HTTP/2 and HTTP/3 on Nginx v1.27.0

5 min

nginxfreebsd
language: ja bn en es hi pt ru zh-cn zh-tw

Hello, I'm incompetent.
I thought I had found a place in Tokyo once, but then it was back to square one, and lately, I feel like I've finally found a good property. Worst case, I'll just crash at some share house.

Lately, I'm grateful that my current project members said, "Let's have a farewell party!"
I truly feel blessed with the people in my life.

By the way, I sent a pull request to Deno the other day, and they set a milestone, so I can calmly just follow the source code without rushing. Finding the optimal solution for Deno's Rust code, which has become quite extensive, and trying to make as few changes as possible even for trivial features, is like the source code itself is the manual, so I'll just have to try various things.
If it doesn't work out, I'll think about it then.

Let's enable HTTP/2 and HTTP/3 on Nginx

While reading an interview with Rasmus Lerdorf, the creator of PHP, I saw him talking about feeling the future in HTTP/2, which made me wonder, "Hmm, what about my Nginx server?" and decided to enable it.
Apparently, HTTP/3 support for Nginx is available from v1.25 onwards, so I'll check the version.

# nginx -v
nginx version: nginx/1.27.0

It seems to be supported.
My Nginx was not installed via pkg but built by myself, so there might be differences even in the same FreeBSD environment.

Without overthinking it, I'll try to enable it for now.

Adding to the conf file

Since it's just an Nginx server running as a reverse proxy, I'll get this done quickly.

server {
    listen 443 ssl;
    listen 443 quic reuseport;
    listen [::]:443 quic reuseport;

    http2 on;
    http3 on;
    server_name soulminingrig.com www.soulminingrig.com;

I recall that HTTP/3 is something Google is trying to promote, and the QUIC protocol itself was created by Google.
Add the following to the header information:

        add_header Alt-Svc 'h3=":443"; ma=86400';
        add_header X-Content-Type-Options nosniff;

Then, test with nginx -t and if there are no issues, restart.
Since I'm working as a root user, execute with the following:

service nginx restart

And it seems that QUIC itself uses 443/UDP, so I need to open this port...
Chapter 3: Detailed HTTP/3 ~ How to utilize QUIC and achieve high-speed communication

Currently, many implementations seem to use UDP port 443 by default.

As seen above,

        add_header Alt-Svc 'h3=":443"; ma=86400';

Since the port set with this was 443, opening port 443 and using a different port if changing it seems fine.

vim /etc/pf.conf

Now add the following:

set skip on lo
exsrv1 = 167.179.75.206
~~~
# HTTP/3 Protocol
pass in inet proto udp from any to $exsrv1 port 443

Now, test with the -nf option, then apply with -f.

pfctl -nf /etc/pf.conf
pfctl -f /etc/pf.conf

Was it applied correctly?

There seems to be a way to check if it was applied using Curl, but usually, it's better to verify from a network unrelated to your own for proper testing, so I'll check from a browser.
HTTP/3 Check
Image
Yes, it worked!

Some people configure it more meticulously, but I think this much is fine for now.
That's all for now. See you next time.

Related Posts