diff --git a/doc/configuration.txt b/doc/configuration.txt index a88a72391..8b2cee98f 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -17918,11 +17918,17 @@ check-proto fcgi : mode=HTTP side=BE mux=FCGI flags=HTX|HOL_RISK|NO_UPG h1 : mode=HTTP side=FE|BE mux=H1 flags=HTX|NO_UPG none : mode=TCP side=FE|BE mux=PASS flags=NO_UPG + quic : mode=HTTP side=FE|BE mux=QUIC flags=HTX|NO_UPG|FRAMED Idea behind this option is to bypass the selection of the best multiplexer's protocol for health-check connections established to this server. If not defined, the server one will be used, if set. + QUIC check configuration is not fully implemented yet. First, QUIC checks may + only be performed for QUIC servers. Second, if one or more check specific + connection parameters is specified on a QUIC server, check protocol will + fallback to TCP usage. + check-sni-auto May be used in the following contexts: tcp, http, log diff --git a/src/check.c b/src/check.c index 25b892099..ba15a7283 100644 --- a/src/check.c +++ b/src/check.c @@ -1876,6 +1876,14 @@ int init_srv_check(struct server *srv) ret |= ERR_ALERT | ERR_FATAL; } } + else { + if (srv->check.mux_proto == get_mux_proto(ist("quic"))) { + ha_alert("config: %s '%s': QUIC checks on non-QUIC server '%s' is not yet supported.\n", + proxy_type_str(srv->proxy), srv->proxy->id, srv->id); + ret |= ERR_ALERT | ERR_FATAL; + goto out; + } + } /* We need at least a service port, a check port or the first tcp-check * rule must be a 'connect' one when checking an IPv4/IPv6 server. diff --git a/src/tcpcheck.c b/src/tcpcheck.c index e353ef62d..815a84099 100644 --- a/src/tcpcheck.c +++ b/src/tcpcheck.c @@ -1411,9 +1411,21 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec *conn->dst = (is_addr(&connect->addr) ? connect->addr : (is_addr(&check->addr) ? check->addr : s->addr)); - proto = s ? - protocol_lookup(conn->dst->ss_family, s->addr_type.proto_type, s->alt_proto) : - protocol_lookup(conn->dst->ss_family, PROTO_TYPE_STREAM, 0); + + if (s && srv_is_quic(s) && tcpcheck_use_nondefault_connect(check, connect)) { + /* For QUIC servers, fallback to TCP checks if any specific + * check connection parameter is set. + */ + proto = protocol_lookup(conn->dst->ss_family, PROTO_TYPE_STREAM, 0); + /* Also reset MUX protocol if set to QUIC. */ + if (check->mux_proto == s->mux_proto) + check->mux_proto = NULL; + } + else { + proto = s ? + protocol_lookup(conn->dst->ss_family, s->addr_type.proto_type, s->alt_proto) : + protocol_lookup(conn->dst->ss_family, PROTO_TYPE_STREAM, 0); + } port = 0; if (connect->port)