Marten Seemann edited this page Jun 11, 2017 · 18 revisions

Caddy 0.9 has experimental QUIC support, powered by lucas-clemente/quic-go. To try it, run caddy with the -quic flag:

$ caddy -quic

Sites that you serve with TLS will be shuttled over the wire with QUIC if the client supports it.

Client Support

Chrome 52+ supports QUIC without needing a whitelist, but make sure that the #enable-quic flag is set to Enabled (you can also use the command-line flag --enable-quic). Then just open Chrome to your site and it should be served over QUIC! You can verify this by opening the inspector tools and going to the Security tab. Reload the page and click to view connection details:

If you run an older version of Chrome and don't like pain, just upgrade.

If you like pain, however: you'll need to run Chrome with special parameters. On a Mac (replace both occurrences of YOUR_SITE with your site's hostname):

$ /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome \
    --user-data-dir=/tmp/chrome \
    --no-proxy-server \
    --enable-quic \
    --quic-host-whitelist="YOUR_SITE" "YOUR_SITE"

Benefits of QUIC

QUIC is reliable transport for TLS+HTTP based on UDP. It accelerates TLS handshakes to just 1 round trip, avoids TCP slow start, and offers reliability when switching networks. Sites load faster and more reliably with QUIC!

However the initial connection will still happen over TCP untill the first HTTP response is received by the client after which it knows it can switch to QUIC. To force an initial connection over QUIC (and to profit from the faster connection setup), Chrome has to be started with the --origin-to-force-quic-on=<host>:<port> option.

Troubleshooting

First, make sure your domain name is properly set in your Caddyfile and the command to launch Chrome in all places.

Next, your site must use a trusted certificate as QUIC requires encryption. You can create a CA yourself an add it to your CA-database. When using this self-signed certificate, your site must have a hostname with top-level domain, eg. foo.bar, for Chromium to correctly send a QUIC ClientHello message. For testing over localhost you can add an entry to /etc/hosts or run Chrome with the host-resolver-rules option: --host-resolver-rules='MAP foo.bar:<port> 127.0.0.1:<local_port>'

If that's all good and you need more detailed output, launch caddy with the environment variable QUIC_GO_LOG_LEVEL=DEBUG and with -log stdout or similar.

When you go to chrome://net-internals/#events you should see some QUIC events marked in red.

These tips are taken from https://github.com/mholt/caddy/pull/857 - but please do not use that thread as a support forum!

If you still have troubles, report the issue at https://github.com/lucas-clemente/quic-go/issues. Thanks!

Feedback and Contribute

As this is an experiment that we really want to see succeed, please let us know of any bugs/questions/suggestions - get involved! If your feedback is QUIC-related, please take that up in the quic-go repo.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.