Quick UDP Internet Connection (QUIC) is a network protocol that can accelerate access from clients, especially in scenarios where network connections are weak, or connections are frequently switched between Wi-Fi and cellular networks. QUIC can achieve connection multiplexing without reconnections, accelerate access, and secure data transfer.

Background information

QUIC provides security that is equivalent to SSL, and supports connection multiplexing and zero round trip time resumption (0-RTT). In scenarios of weak connections, high network latency, and packet loss, QUIC ensures service availability. QUIC can implement different congestion control algorithms at the application layer regardless of the operating system or kernel. Compared with TCP, QUIC supports flexible adjustments based on service requirements. QUIC is a suitable alternative when TCP optimization encounters bottlenecks.

With the popularity of short videos and live streaming services, streaming media demands high bandwidth and low network latency. QUIC can minimize network latency, solve video buffering, accelerate the delivery of audio and video content, and secure data transfer. Application Load Balancer (Application Load Balancer (ALB)) supports the following versions of QUIC: Q46, Q44, Q43, Q39, Q36, and Q35.

Client requirements

  • If you use the Google Chrome browser, you can directly initiate QUIC requests to ALB .
  • If you use another client, the client must be integrated with a network library such as lsquic-client or Cronet that supports QUIC.

Prerequisites

  • A backend server group is created and backend servers are added to it. For more information, see Manage server groups.
  • At least one SSL server certificate is deployed on the ALB instance.

Create a QUIC listener

  1. Log on to the ALB console.
  2. In the top navigation bar, select the region where the ALB instance is deployed.
  3. On the Instances page, find the ALB instance, and click Create Listener in the Actions column.
  4. On the Configure Listener wizard page, set the following parameters and click Next.
    Parameter Description
    Select Listener Protocol Select a protocol for the listener.

    In this example, QUIC is selected.

    Listening Port Enter the port on which the ALB instance listens. The ALB instance uses the port to receive requests and forward the requests to backend servers.

    Valid values: 1 to 65535.

    Note The ports on which an ALB instance listens must be unique.
    Listener Name Enter a name for the listener.
    Advanced Click Modify to configure advanced settings.
    Request Timeout Specify the request timeout period. Unit: seconds. Valid values: 1 to 180.

    If no response is received from the backend server within the request timeout period, ALB returns an HTTP 504 error to the client.

    Enable Gzip Compression Specify whether to enable Gzip compression for a specified file type.

    Gzip supports the following file types: text/xml, text/plain, text/css, application/javascript, application/x-javascript, application/rss+xml, application/atom+xml, and application/xml.

    Add HTTP Header Fields You can add the following HTTP header fields:
    • SLB-ID: Add the header field to retrieve the ID of the ALB instance.
    • X-Forwarded-Proto: Add the header field to retrieve the listener protocol used by the ALB instance.
    • X-Forwarded-Port: Add the header field to retrieve the ports on which the ALB instance listens.
  5. In the Configure SSL Certificates wizard, select the server certificate and click Next.
  6. In the Select Server Group wizard, select a server group from the drop-down list, confirm the information about the backend server, and click Next.
  7. In the Configuration Review wizard, confirm the configuration and click Submit.

Step 2: Create an HTTPS listener

Note When you create an HTTPS listener, enable QUIC upgrade and associate the QUIC listener that you created with the HTTPS listener. If you use the Google Chrome browser to access ALB , the QUIC listener is preferentially used. If the QUIC listener is not available, the associated HTTPS listener takes over.
  1. On the Instances page, find the ALB instance, and click Create Listener in the Actions column.
  2. On the Configure Listener wizard page, set the following parameters and click Next.
    Parameter Description
    Listener Protocol Select a protocol for the listener.

    HTTPS is selected in this example.

    Listening Port Enter the port on which the ALB instance listens. The ALB instance listens on the port and forwards requests to backend servers. 443 is entered in this example. In most cases, port 80 is used for HTTP and port 443 is used for HTTPS.

    Valid values: 1 to 65535.

    Note The ports on which an ALB instance listens must be unique.
    Listener Name Enter a name for the listener. The name must be 2 to 256 characters in length. The name can contain only Chinese characters and the characters in the following string: /^([^\x00-\xff]|[\w.,;/@-]){2,256}$/.
    Advanced Settings Click Modify to configure advanced settings.
    Enable HTTP/2 Specify whether to enable HTTP/2.
    Idle Connection Timeout Period Specify the timeout period of idle connections. Unit: seconds. Valid values: 1 to 60.
    If no request is received within the specified timeout period, ALB closes the connection. ALB recreates the connection when a new connection request is received.
    Note This feature is unavailable for HTTP/2 requests.
    Connection Request Timeout Period Specify the request timeout period. Unit: seconds. Valid values: 1 to 180.

    If no response is received from the backend server within the request timeout period, SLB returns an HTTP 504 error to the client.

    Gzip Compression Specify whether to enable Gzip compression for specific file types.

    Gzip supports the following file types: text/xml, text/plain, text/css, application/javascript, application/x-javascript, application/rss+xml, application/atom+xml, application/xml, and application/json.

    Add HTTP Header Fields You can add the following HTTP header fields:
    • X-Forwarded-For: Add the header field to obtain the real IP address of the client.
    • SLB-ID: Add the header field to obtain the ID of the ALB instance.
    • X-Forwarded-Proto: Add the header field to obtain the listener protocol of the ALB instance.
    • X-Forwarded-Clientcert-subjectdn: Add the header field to obtain information about the owner of the client certificate.
    • X-Forwarded-Clientcert-issuerdn: Add the header field to obtain the information about the authority that issues the client certificate.
    • X-Forwarded-Clientcert-fingerprint: Add the header field to obtain the fingerprint of the client certificate.
    • X-Forwarded-Clientcert-clientverify: Add the header field to obtain the verification result of the client certificate.
    • X-Forwarded-Port: Add the header field to obtain the ports on which the ALB instance listens.
    • X-Forwarded-Client-Port: Add the header field to obtain the port over which a client communicates with the ALB instance.
    QUIC Update Select whether to enable the QUIC update feature. If you enable QUIC update, select a QUIC listener and associate the listener with the ALB instance.
  3. In the Configure SSL Certificates wizard, select the server certificate and click Next.
    Note To enable HTTPS two-way authentication or configure a TLS security policy, click Modify next to Advanced Settings.
  4. In the Select Server Group wizard, select a server group from the drop-down list, confirm the information about the backend server, and click Next.
  5. In the Configuration Review wizard, confirm the configuration and then click Submit.