How to enable QUIC

desfire

Verified User
Joined
Sep 19, 2019
Messages
29
Hi,

I'd like to know how to enable QUIC on OpenLiteSpeed, webadmin is read-only and I can't seem to find QUIC on OpenLiteSpeed configuration file.
 

vlijmenlive

Verified User
Joined
Nov 13, 2013
Messages
73
Location
Belgium
It's should be enabled by default.
Just make sure that if you use a firewall (for example CSF) make sure that port 443 in UDP is open.
 

alect

Verified User
Joined
Jan 12, 2011
Messages
25
it should be enabled by default.
but you can also change the file usr/local/lsws/conf/listeners.conf and add the following to the file.
Code:
 renegProtection         1
 sslSessionCache         1
 sslSessionTickets       1
 enableSpdy              15
 enableQuic              1

I have wrote an article about this in Chinese. https://git.69cdn.com/post/openlitespeed-use-http2-http3-spdy-quic/

And it seems that the new version of ols have bug , quic is not working properly.
 

gdp01

Verified User
Joined
Oct 7, 2019
Messages
17
Code:
 renegProtection         1
sslSessionCache         1
sslSessionTickets       1
enableSpdy              15
enableQuic              1

I have wrote an article about this in Chinese. https://git.69cdn.com/post/openlitespeed-use-http2-http3-spdy-quic/


Hello, I am trying to activate quic according to the guide, but when doing the check it tells me that it is not valid.

HTTP/3 Check could not get the server's advertised QUIC versions due to the error given below.

Server does not advertise any alternative services.

This is the port added to the CSF, and netstats shows that it is listening.
 

gdp01

Verified User
Joined
Oct 7, 2019
Messages
17
Did you restart OLS and CSF after making the changes?

Yes, the services were restarted, checking for netstats and the UDP port is listed, I have disabled the CSF so that it does not block anything but it is not shown that QUIC is being used in the check.
 

gdp01

Verified User
Joined
Oct 7, 2019
Messages
17
Configuration verified and everything seems correct.


88.png

puertos.JPG


udpflood.JPG


[root@####### ~]# nc -v -u XXXX.com 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to XX.XXX.XXX.XXX:443.


[root@####### ~]# nc -v -u www.google.com 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 2a00:1450:4007:810::2004:443.
 
Last edited:

bcx

Verified User
Joined
Dec 11, 2015
Messages
26
Same Issue.

I tooked the step to go from Apache to OpenLiteSpeed.
For serval reasons like HTTP/3

https://gf.dev/http3-test on this website my (staging site it says:)

I'm Using Debian 10 and the latest version of DirectAdmin
Couldn’t connect over HTTP/3. Take advantage of the latest protocol HTTP/3 for better performance.
 

bcx

Verified User
Joined
Dec 11, 2015
Messages
26
Can someone assist us?

Just had a fresh server install, and the outcome on https://gf.dev/http3-test is still
Couldn’t connect over HTTP/3. Take advantage of the latest protocol HTTP/3 for better performance.
 

bcx

Verified User
Joined
Dec 11, 2015
Messages
26
update: in the OLS web admin. I see http/3 is now activated.
This was not before, I checked it.

However, a test on https://gf.dev/http3-test is still negative.
Does it have to do something that I'm using Cloudflare?
 

gdp01

Verified User
Joined
Oct 7, 2019
Messages
17
Going back to a stable version of openlitespeed QUIC seems to work again.

Change version Openlitespeed 1.6.13 in /usr/local/directadmin/custombuild/versions.txt
./build openlitespeed
 
Last edited:

bcx

Verified User
Joined
Dec 11, 2015
Messages
26
In the version.txt

1. Do I only need to change the number 1.7.1 to 1.6.17?
2. Where did you found the versions? As the changelog on their website doesn't have that version

openlitespeed:1.7.1 (long number)
openlitespeed_src:1.7.1(long number)

@smtalk is this a bug in DirectAdmin or do we need to inform OpenLiteSpeed for this?
@gdp01 thanks for sharing!
 

bcx

Verified User
Joined
Dec 11, 2015
Messages
26
Thanks, @gdp01 - I also made a thread on the openlitespeed forum so that they are aware of it.

So you changed the version.
And then only did

./build openlitespeed


No other commands needed?
 
Top