Hello,
I am using caddy v0.11.1 and I succeed to connect it with QUIC using Chrome on unprivileged port (:11443). It shows in headers proper information:
Alt-Svc: quic=":11443"; ma=2592000; v="44,43,39"
The problem I am facing is that I am using iptables to redirect tcp:443
to tcp:11443
, and allowing access to udp:11443
, as QUIC is advertised. It works perfectly for the HTTPS over TCP, but it does not work with QUIC.
I did two additional tricks with iptables:
- redirected
udp:443
toudp:11443
- opened
tcp:11443
With Lucas’ quic clients I can connect to my site just by doing: client-linux-debug --host=<localip> https://example.com/
and also with using port directly with --port
, be it 443
or 11443
.
But Chrome does not work when connecting to tcp:443
(as quic is advertised with udp:11443
I expect chrome to connect there), I have to force it to connect to tcp:11443
(like https://example.com:11443/), then it connects correctly to udp:11443
.
My certificates are valid.
Gah, I hope I explained my problem well.
So the question is: Despite of advertising QUIC on port :11443, when connecting to :443 is it required by Chrome/SPEC to serve QUIC on same port as tcp?
Regards,
Łukasz