Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:lslb:function [2017/06/26 14:38] Eric Leu |
litespeed_wiki:lslb:function [2017/07/17 13:11] (current) Jackson Zhang [How to enable QUIC] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== How to enable QUIC in Load Balance====== | + | ====== How to enable QUIC on ADC ====== |
| - | Create listeners with secure: | + | ===== Requirements ===== |
| - | * Create Listensers: ''WebAdmin Console>Configuration>Listensers>click **Add** button>Choose HTTP then click **Next** button'' | + | * Must have QUIC enabled in GUI/conf |
| - | * Set Listener Name: LS-443 | + | * Must use either Chrome or Opera with QUIC enabled |
| - | * Port: 443 | + | * Must **not** use self-signed certificates |
| - | * Secure: yes | + | * QUIC will **not** work with a proxy front end like CloudFlare |
| - | * Click **Save** button | + | ===== Create a listener with security enabled ===== |
| - | * Click tab **SSL** | + | * Navigate to **WebAdmin Console > Configuration > Listeners** and press the **Add** button. |
| - | Upload your **public** SSL private Key & Certificate: | + | * Choose ''HTTP'' then press the **Next** button. |
| - | * Point Private Key File, Certificate File and CA Certificate File to your cert file location | + | * Set **Listener Name** to ''LS-443''. |
| - | Enable QUIC function | + | * Set **Port** to ''443''. |
| + | * Set **Secure** to ''Yes''. | ||
| + | * Press the **Save** button. | ||
| + | ===== Configure your Public SSL Private Key & Certificate ===== | ||
| + | * While still in Listener Configuration, select the **SSL** tab. | ||
| + | * Point **Private Key File**, **Certificate File** and **CA Certificate File** to your certificate file location. | ||
| + | | ||
| + | ===== Enable the QUIC function ===== | ||
| + | * On the same page, scroll down to **Security Features** | ||
| + | * Set **Enable QUIC** to ''Yes'' | ||
| {{:litespeed_wiki:lslb:quic.png?|}} | {{:litespeed_wiki:lslb:quic.png?|}} | ||
| - | **Firewall** | + | ===== Firewall Configuration ===== |
| - | + | ||
| - | [[https://en.wikipedia.org/wiki/QUIC|QUIC]] (Quick UDP Internet Connections) protocol runs a stream multiplexing protocol over Transport Layer Security (TLS) on top of UDP instead of TCP. So you need to enable port not only with TCP but also UDP. | + | |
| - | + | ||
| - | **How to verify QUIC enabled:** | + | |
| - | + | ||
| - | - Open browser Chrome | + | |
| - | - There’s a Chrome extension which will allow you to see the protocols at work on your favorite websites: [[https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/mpbpobfflnpcgagjijhmgnchggcjblin|HTTP/2 and SPDY indicator]]. Install it, and keep an eye on the little lightning bolt in the Chrome toolbar. Blue indicates HTTP/2 is enabled. Green indicates HTTP/2 + QUIC. And if you hover your cursor over the lightning bolt, you can see a list of enabled protocols for yourself. | + | |
| + | [[https://en.wikipedia.org/wiki/QUIC|QUIC]] (Quick UDP Internet Connections) runs a stream-multiplexing protocol over Transport Layer Security (TLS) on top of UDP instead of TCP. Be sure you've enabled the port with both TCP //and// UDP. | ||
| + | ====== How to verify QUIC is enabled ====== | ||
| + | There’s a Chrome extension which will allow you to see the protocols at work on any website. | ||
| + | Install [[https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/mpbpobfflnpcgagjijhmgnchggcjblin|HTTP/2 and SPDY indicator]], and you will see a lightning bolt in the Chrome toolbar. Blue indicates HTTP/2 is enabled. Green indicates HTTP/2 + QUIC. Hover over the lightning bolt to see a more detailed list of protocols in action. | ||