feat(uc/caddy): expose 443/udp port for HTTP3#204
feat(uc/caddy): expose 443/udp port for HTTP3#204psviderski merged 2 commits intopsviderski:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds UDP port 443 exposure to the Caddy deployment configuration to enable HTTP/3 support, which is enabled by default in Caddy and requires UDP connectivity.
- Adds a new port specification for UDP protocol on port 443 alongside the existing TCP configuration
* expose udp port 443 for caddy to support new HTTP3
f7zorn
force-pushed
the
caddy-expose-443-udp
branch
from
2a1081a to
420bf7c
Compare
|
I now tested this and this change works perfectly and allows HTTP3 requests. |
f7zorn
changed the title
Added a comment to clarify the purpose of the UDP port configuration.
tonyo
left a comment
tonyo
left a comment
There was a problem hiding this comment.
Thanks! Added a comment in the code since HTTP/3 is still a pretty new thing.
Overall LGTM, the only issues I can think of is an additional (and probably unexpected for some users) attack surface, e.g. making public-facing uncloud hosts more susceptible to UDP-Based DDoS Attacks. IMO not something we should worry too much about right now though; incidentally there's a recent discussion specifically about DDoS concerns: #207
@psviderski wdyt?
|
Yeah, this sounds good to me 👍 |
Next to TCP 443 also expose UDP 443 port so that caddy can accept HTTP3 connections. HTTP3 is enabled by default in Caddy.