Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:lslb:function [2017/06/26 14:51] Eric Leu |
litespeed_wiki:lslb:function [2017/07/17 13:11] Jackson Zhang [How to enable QUIC] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== How to enable QUIC ====== | + | ====== How to enable QUIC on ADC ====== |
- | Create listeners with secure: | + | ===== Requirements ===== |
- | * Create Listensers: ''WebAdmin Console>Configuration>Listensers>click **Add** button>Choose HTTP then click **Next** button'' | + | * Must have QUIC enabled in GUI/conf |
- | * Set Listener Name: LS-443 | + | * Must use either Chrome or Opera with QUIC enabled |
- | * Port: 443 | + | * Must **not** use self-signed certificates |
- | * Secure: Yes | + | * QUIC will **not** work with a proxy front end like CloudFlare |
- | * Click **Save** button | + | ===== Create a listener with security enabled ===== |
- | * Click tab **SSL** | + | * Navigate to **WebAdmin Console > Configuration > Listeners** and press the **Add** button. |
- | Upload your any **Public** SSL private Key & Certificate: | + | * Choose ''HTTP'' then press the **Next** button. |
- | * Point Private Key File, Certificate File and CA Certificate File to your cert file location | + | * Set **Listener Name** to ''LS-443''. |
- | Enable QUIC function: | + | * Set **Port** to ''443''. |
- | * ''Listensers>SSL>Security Festures> Enable QUIC set to **Yes**'' | + | * Set **Secure** to ''Yes''. |
+ | * Press the **Save** button. | ||
+ | |||
+ | ===== Configure your Public SSL Private Key & Certificate ===== | ||
+ | * While still in Listener Configuration, select the **SSL** tab. | ||
+ | * Point **Private Key File**, **Certificate File** and **CA Certificate File** to your certificate file location. | ||
+ | |||
+ | ===== Enable the QUIC function ===== | ||
+ | * On the same page, scroll down to **Security Features** | ||
+ | * Set **Enable QUIC** to ''Yes'' | ||
{{:litespeed_wiki:lslb:quic.png?|}} | {{:litespeed_wiki:lslb:quic.png?|}} | ||
- | **Firewall** | + | ===== Firewall Configuration ===== |
- | + | ||
- | [[https://en.wikipedia.org/wiki/QUIC|QUIC]] (Quick UDP Internet Connections) protocol runs a stream multiplexing protocol over Transport Layer Security (TLS) on top of UDP instead of TCP. So you need to enable port not only with TCP but also UDP. | + | |
- | + | ||
- | **How to verify QUIC enabled:** | + | |
- | + | ||
- | - Open browser Chrome | + | |
- | - There’s a Chrome extension which will allow you to see the protocols at work on your favorite websites: [[https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/mpbpobfflnpcgagjijhmgnchggcjblin|HTTP/2 and SPDY indicator]]. Install it, and keep an eye on the little lightning bolt in the Chrome toolbar. Blue indicates HTTP/2 is enabled. Green indicates HTTP/2 + QUIC. And if you hover your cursor over the lightning bolt, you can see a list of enabled protocols for yourself. | + | |
+ | [[https://en.wikipedia.org/wiki/QUIC|QUIC]] (Quick UDP Internet Connections) runs a stream-multiplexing protocol over Transport Layer Security (TLS) on top of UDP instead of TCP. Be sure you've enabled the port with both TCP //and// UDP. | ||
+ | ====== How to verify QUIC is enabled ====== | ||
+ | There’s a Chrome extension which will allow you to see the protocols at work on any website. | ||
+ | Install [[https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/mpbpobfflnpcgagjijhmgnchggcjblin|HTTP/2 and SPDY indicator]], and you will see a lightning bolt in the Chrome toolbar. Blue indicates HTTP/2 is enabled. Green indicates HTTP/2 + QUIC. Hover over the lightning bolt to see a more detailed list of protocols in action. | ||