Hello,
I am using caddy v0.11.1 and I succeed to connect it with QUIC using Chrome on unprivileged port (:11443). It shows in headers proper information:
Alt-Svc: quic=":11443"; ma=2592000; v="44,43,39"
The problem I am facing is that I am using iptables to redirect tcp:443 to tcp:11443, and allowing access to udp:11443, as QUIC is advertised. It works perfectly for the HTTPS over TCP, but it does not work with QUIC.
I did two additional tricks with iptables:
- redirected
udp:443toudp:11443 - opened
tcp:11443
With Lucas’ quic clients I can connect to my site just by doing: client-linux-debug --host=<localip> https://example.com/ and also with using port directly with --port, be it 443 or 11443.
But Chrome does not work when connecting to tcp:443 (as quic is advertised with udp:11443 I expect chrome to connect there), I have to force it to connect to tcp:11443 (like https://example.com:11443/), then it connects correctly to udp:11443.
My certificates are valid.
Gah, I hope I explained my problem well.
So the question is: Despite of advertising QUIC on port :11443, when connecting to :443 is it required by Chrome/SPEC to serve QUIC on same port as tcp?
Regards,
Łukasz