While HTTP/3 downstream support is deemed ready for production use, improvements are ongoing, tracked in the area-quic tag.
HTTP/3 upstream support is fine for locally controlled networks, but is not ready for general internet use, and is missing some key latency features. See details below.
Hot restart is not gracefully handled for HTTP/3 yet.
See downstream HTTP/3 configuration for example configuration.
This example configuration includes both a TCP and a UDP listener, and the TCP
listener is advertising HTTP/3 support via an
By default the example configuration uses kernel UDP support, but for production performance use of BPF is strongly advised if Envoy is running with multiple worker threads.
Advertising HTTP/3 is not necessary for in-house deployments where HTTP/3 is explicitly configured, but is needed for internet facing deployments where TCP is the default, and clients such as Chrome will only attempt HTTP/3 if it is explicitly advertised.
Envoy will attempt to use BPF on Linux by default if multiple worker threads are configured,
but may require root, or at least
sudo setcap cap_bpf+ep).
If multiple worker threads are configured and BPF is unsupported on the platform, or is attempted and fails, Envoy will log a warning on start-up.
It is recommanded to monitor some UDP listener and QUIC connection stats:
- UDP listener downstream_rx_datagram_dropped
Non-zero means kernel’s UDP listen socket’s receive buffer isn’t large enough. In Linux, it can be configured via listener socket_options by setting prebinding socket option
- QUIC connection error codes and stream reset error codes
Refer to quic_error_codes.h for the meaning of each error code.
HTTP/3 upstream support is implemented, with support both for explicit HTTP/3 (for data center use) and automatic HTTP/3 (for internet use).
If you are in a controlled environment where UDP is unlikely to be blocked, you can configure it as the explicit protocol in http_protocol_options.
For internet use, configuring auto_config
will result in Envoy attempting to use HTTP/3 for endpoints which have explicitly advertised HTTP/3 support
When using auto_config with http3_protocol_options, Envoy will attempt to create a QUIC connection, then if the QUIC handshake is not complete after a short delay, will kick off a TCP connection, and will use whichever is established first.