mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 15:47:01 +02:00
Code Issues Projects Releases Wiki Activity

DOC: config: mention uid dependency on the tune.quic.socket-owner option

Browse Source 
This option defaults to "connection" but is also dependent on the user
being allowed to bind the specified port. Since QUIC can easily run on
non-privileged ports, usually this is not a problem, but if bound to port
443 it will usually fail. Let's mention this.
This commit is contained in:
Willy Tarreau 2023-08-29 10:22:46 +02:00
parent e64bccab20
commit 4d5f7d94b9
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/configuration.txt
View File

@ -3422,7 +3422,9 @@ tune.quic.socket-owner { listener | connection }
and cases of transient errors during sendto() operation are handled and cases of transient errors during sendto() operation are handled
efficiently. However, this relies on some advanced features from the UDP efficiently. However, this relies on some advanced features from the UDP
network stack. If your platform is deemed not compatible, haproxy will network stack. If your platform is deemed not compatible, haproxy will
automatically switch to "listener" mode on startup. automatically switch to "listener" mode on startup. Please note that QUIC
listeners running on privileged ports may require to run as uid 0, or some
OS-specific tuning to permit the target uid to bind such ports.
The "listener" value indicates that QUIC transfers will occur on the shared The "listener" value indicates that QUIC transfers will occur on the shared
listener socket. This option can be a good compromise for small traffic as it listener socket. This option can be a good compromise for small traffic as it