Citrix ADC

HTTP/3 service discovery

HTTP protocol relies on using HTTP Alternative Services for origin server to advertise the availability of an equivalent service. HTTP/3 service discovery also uses the same principle. An alternative HTTP/3 endpoint can be advertised using any one of the following methods:

  • HTTP Alt-Svc response header
  • HTTP/2 Alt-Svc Frame in the response
  • Application Layer Protocol Negotiation (ALPN)

The alternative service advertises the usage of an HTTP Alt-Svc response header and the HTTP/2 Alt-Svc frame as HTTP/3 endpoint. Servers may serve HTTP/3 on any UDP port. An alternative service advertisement includes an explicit port, and URLs contain either an explicit port or a default port associated with the scheme.

Clients receiving alternate service headers or frames are not bound to use them. The client, if made aware of an alternate service and if it supports the alternate service mechanism should use the appropriate alternate service advertised. In other words, a HTTP/1.1 service or a HTTP/2 service may advertise an equivalent endpoint that supports HTTP/3 protocol. The client on receiving this alternate service information can choose to establish a QUIC connection with the specified alternate service and once available, this connection can be used for any subsequent requests. If the establishment of the connection with the selected alternate service fails, the client can fall back to the original endpoint. When the client starts using the alternate service advertised, will indicate this by including a Alt-Used header.

Citrix ADC supports advertising equivalent HTTP/3 endpoints on HTTP and SSL type virtual servers.

Configure HTTP/3 service discovery

Complete the following steps to configure HTTP/3 service discovery:

  1. Configure HTTP/3 alternative service endpoint by using an HTTP Alt-Svc Header
  2. Configure HTTP/3 alternative service endpoint by using an HTTP/2 Alt-Svc frame Configure HTTP/3 alternative service endpoint by using an HTTP Alt-Svc Header To advertise an HTTP/3 endpoint by using a HTTP Alt-Svc Header, type the following command:

Note: The main purpose of advertising alternative service is to let user know that HTTP/3 capability can be accessed on HTTP/1.1 or HTTP/2 service on a.b.c.d:443 also.

add ns httpProfile <name> -custom -altsvc [ ENABLED | DISABLED ]
<!--NeedCopy-->

Example:

add ns httpProfile http-profile -altsvc ENABLED -altSvcValue  "h3-29=\":443\"; ma=3600; persist=1"
<!--NeedCopy-->

or

set ns httpProfile http-custom -altsvc ENABLED -altSvcValue  "h3-29=\":443\"; ma=3600; persist=1"
<!--NeedCopy-->

Configure HTTP/3 alternative service endpoint by using an HTTP/2 Alt-Svc frame

To advertise an HTTP/3 endpoint by using a HTTP/2 Alt-svc frame, type the following command:

add ns httpProfile <name> -custom -altsvc [ ENABLED | DISABLED ] -http2AltSvcFrame [ ENABLED | DISABLED ]
<!--NeedCopy-->

Example:

add ns httpProfile http-custom -http2 ENABLED -http2Direct ENABLED -http2AltSvcFrame ENABLED -altsvc ENABLED -altSvcValue "h3-29=\":443\"; ma=3600; persist=1"

or

set ns httpProfile http-custom -http2 ENABLED -http2Direct ENABLED -http2AltSvcFrame ENABLED -altsvc ENABLED -altSvcValue "h3-29=\":443\"; ma=3600; persist=1"

Configure HTTP/3 alternative service with HTTP Alt-Svc header value by using GUI

  1. Navigate to System > Profiles > HTTP Profiles.
  2. Click Add.
  3. In Create HTTP Profile page, go to HTTP/3 section and select Alternative Service checkbox.
  4. The system displays the Alternative Service Value text box in the http2 section.
  5. Enter the alternative service value as “h3-29=":443"; ma=3600; persist=1”
  6. Click OK and Close.

Configure HTTP/3 alternative service with HTTP Alt-Svc header

HTTP/3 service discovery