diff --git a/doc/configuration.txt b/doc/configuration.txt index b02a8f7cb..af81b225b 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -1759,7 +1759,6 @@ The following keywords are supported in the "global" section : - lua-prepend-path - mworker-max-reloads - nbthread - - no-quic - node - numa-cpu-mapping - ocsp-update.disable @@ -1900,6 +1899,7 @@ The following keywords are supported in the "global" section : - tune.quic.frontend.max-tx-mem - tune.quic.frontend.stream-data-ratio - tune.quic.frontend.default-max-window-size + - tune.quic.listen - tune.quic.max-frame-loss - tune.quic.reorder-ratio - tune.quic.retry-threshold @@ -2927,11 +2927,6 @@ nbthread output of "haproxy -vv". Note that values set here or automatically detected are subject to the limit set by "thread-hard-limit" (if set). -no-quic - Disable QUIC transport protocol. All the QUIC listeners will still be created. - But they will not bind their addresses. Hence, no QUIC traffic will be - processed by haproxy. See also "quic_enabled" sample fetch. - numa-cpu-mapping When running on a NUMA-aware platform, this enables the "cpu-policy" directive to inspect the topology and figure the best set of CPUs to use and @@ -4826,6 +4821,17 @@ tune.quic.frontend.default-max-window-size See also the "quic-cc-algo" bind option. +tune.quic.listen { on | off } + Disable QUIC transport protocol on the frontend side. All the QUIC listeners + will still be created, but they won't listen for incoming datagrams. Hence, + no QUIC traffic will be processed by haproxy on the frontend side. + + The default value is "on". If an issue is suspected with QUIC traffic, this + option can be used to easily toggle QUIC listeners without messing with each + individual config lines. + + See also "quic_enabled" sample fetch. + tune.quic.max-frame-loss Sets the limit for which a single QUIC frame can be marked as lost. If exceeded, the connection is considered as failing and is closed immediately. @@ -22641,9 +22647,9 @@ queue([]) : integer also the "avg_queue", "be_conn", and "be_sess_rate" fetches. quic_enabled : boolean - Return true when the support for QUIC transport protocol was compiled and - if this protocol was not disabled by "no-quic" global option. See also "no-quic" - global option. + Return true when the support for QUIC transport protocol was compiled and if + QUIC listeners are not disabled by "tune.quic.listen" global option. See also + "tune.quic.listen" global option. rand([]) : integer Returns a random integer value within a range of possible values, diff --git a/include/haproxy/global-t.h b/include/haproxy/global-t.h index 710e3e421..2a56f4ef1 100644 --- a/include/haproxy/global-t.h +++ b/include/haproxy/global-t.h @@ -80,7 +80,7 @@ #define GTUNE_DISABLE_ACTIVE_CLOSE (1<<22) #define GTUNE_QUICK_EXIT (1<<23) /* (1<<24) unused */ -#define GTUNE_NO_QUIC (1<<25) +/* (1<<25) unused */ #define GTUNE_USE_FAST_FWD (1<<26) #define GTUNE_LISTENER_MQ_FAIR (1<<27) #define GTUNE_LISTENER_MQ_OPT (1<<28) diff --git a/include/haproxy/quic_tune-t.h b/include/haproxy/quic_tune-t.h index 931248bbf..d2093da7b 100644 --- a/include/haproxy/quic_tune-t.h +++ b/include/haproxy/quic_tune-t.h @@ -6,6 +6,8 @@ #error "Must define USE_OPENSSL" #endif +#define QUIC_TUNE_FE_LISTEN_OFF 0x00000001 + #define QUIC_TUNE_NO_PACING 0x00000001 #define QUIC_TUNE_NO_UDP_GSO 0x00000002 #define QUIC_TUNE_SOCK_PER_CONN 0x00000004 @@ -13,6 +15,7 @@ struct quic_tune { struct { + uint opts; /* QUIC_TUNE_FE_* options specific to FE side */ uint fb_opts; /* QUIC_TUNE_FB_* options shared by both side */ } fe; diff --git a/src/cfgparse-global.c b/src/cfgparse-global.c index 4a9bcf000..6ad44e6a8 100644 --- a/src/cfgparse-global.c +++ b/src/cfgparse-global.c @@ -45,7 +45,7 @@ static const char *common_kw_list[] = { "log-tag", "spread-checks", "max-spread-checks", "cpu-map", "strict-limits", "numa-cpu-mapping", "defaults", "listen", "frontend", "backend", - "peers", "resolvers", "cluster-secret", "no-quic", "limited-quic", + "peers", "resolvers", "cluster-secret", "limited-quic", "stats-file", NULL /* must be last */ }; @@ -80,12 +80,6 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm) global.tune.options |= GTUNE_LIMITED_QUIC; } - else if (strcmp(args[0], "no-quic") == 0) { - if (alertif_too_many_args(0, file, linenum, args, &err_code)) - goto out; - - global.tune.options |= GTUNE_NO_QUIC; - } else if (strcmp(args[0], "busy-polling") == 0) { /* "no busy-polling" or "busy-polling" */ if (alertif_too_many_args(0, file, linenum, args, &err_code)) goto out; diff --git a/src/cfgparse-quic.c b/src/cfgparse-quic.c index e2976caf2..64b7fa2b8 100644 --- a/src/cfgparse-quic.c +++ b/src/cfgparse-quic.c @@ -412,6 +412,12 @@ static int cfg_parse_quic_tune_on_off(char **args, int section_type, struct prox } suffix = args[0] + prefix_len; + if (strcmp(suffix, "listen") == 0 ) { + if (on) + quic_tune.fe.opts &= ~QUIC_TUNE_FE_LISTEN_OFF; + else + quic_tune.fe.opts |= QUIC_TUNE_FE_LISTEN_OFF; + } if (strcmp(suffix, "zero-copy-fwd-send") == 0 ) { if (on) global.tune.no_zero_copy_fwd &= ~NO_ZERO_COPY_FWD_QUIC_SND; @@ -429,6 +435,7 @@ static int cfg_parse_quic_tune_on_off(char **args, int section_type, struct prox } static struct cfg_kw_list cfg_kws = {ILH, { + { CFG_GLOBAL, "tune.quic.listen", cfg_parse_quic_tune_on_off }, { CFG_GLOBAL, "tune.quic.socket-owner", cfg_parse_quic_tune_socket_owner }, { CFG_GLOBAL, "tune.quic.cc-hystart", cfg_parse_quic_tune_on_off }, { CFG_GLOBAL, "tune.quic.cc.cubic.min-losses", cfg_parse_quic_tune_setting }, diff --git a/src/cfgparse.c b/src/cfgparse.c index a36e88983..b7cbdbd95 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -4312,7 +4312,7 @@ init_proxies_list_stage2: # ifdef USE_QUIC_OPENSSL_COMPAT /* store the last checked bind_conf in bind_conf */ - if (!(global.tune.options & GTUNE_NO_QUIC) && + if (!(global.tune.options & GTUNE_QUIC_LISTEN_OFF) && !(global.tune.options & GTUNE_LIMITED_QUIC) && listener->bind_conf != bind_conf) { bind_conf = listener->bind_conf; diff --git a/src/protocol.c b/src/protocol.c index edf1c22ad..b42346090 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include @@ -126,9 +127,7 @@ int protocol_supports_flag(struct protocol *proto, uint flag) */ static inline int protocol_may_bind_quic(struct listener *l) { - if (global.tune.options & GTUNE_NO_QUIC) - return 0; - return 1; + return !(quic_tune.fe.opts & QUIC_TUNE_FE_LISTEN_OFF); } #endif diff --git a/src/sample.c b/src/sample.c index 78614d846..ce9dd9301 100644 --- a/src/sample.c +++ b/src/sample.c @@ -39,6 +39,7 @@ #include #include #include +#include #include #include #include @@ -5226,13 +5227,13 @@ smp_fetch_uptime(const struct arg *args, struct sample *smp, const char *kw, voi } -/* Check if QUIC support was compiled and was not disabled by "no-quic" global option */ +/* Check if QUIC support was compiled and was not disabled by "tune.quic.listen" global option */ static int smp_fetch_quic_enabled(const struct arg *args, struct sample *smp, const char *kw, void *private) { smp->data.type = SMP_T_BOOL; smp->flags = 0; #ifdef USE_QUIC - smp->data.u.sint = !(global.tune.options & GTUNE_NO_QUIC); + smp->data.u.sint = !(quic_tune.fe.opts & QUIC_TUNE_FE_LISTEN_OFF); #else smp->data.u.sint = 0; #endif