PROTOCOL QUIC PLEASE & QUICkly ;-)

anav · Wed Jan 23, 2019 5:04 pm

"John Snow" - Quic is coming!!

https://en.wikipedia.org/wiki/QUIC
https://tools.ietf.org/html/draft-ietf- ... ansport-16
https://www.chromium.org/quic
https://www.zdnet.com/article/http-over ... med-http3/

It seems, that it is near impossible for admins to identify, steer, or block streaming video and probably a hockey sock full of other items, that use quic technology.
Please advise on a date of INTENTION of having quic as a protocol on the protocol list and also a deeper dive into quic such that we can identify at least, some of its juicier parameters such as Client Hello!!

QUIC runs on UDP and runs encrypted BUT before settling.....
uses 'ClientHello' that has a parameter called "SERVER NAME" (as tls).

The associated wireshark LINE contains a standard time/source/destination etc and the protocol is QUIC and
the info part is as follows: Client Hello, PKN: 1, CID: xxxxxxxxxxxxxxx

The blowup of that line (the more detailed look) contains the amplifying information.
Tag: CHLO (Client Hello)
Tag number: 26
padding: 0000
Tag/value: PAQ
Tag/value: SNI (Server Name Indication) (l=14): www.google.com
Tag/value: STK

muetzekoeln · Wed Jan 23, 2019 5:53 pm

Quic is coming!!

Really? Can someone share how much of their current traffic is QUIC, please?
I have the impression, that QUIC was feeler by google and will soon be repaced by BBR with TCP-TLS.

HzMeister · Wed Jan 23, 2019 8:12 pm

Quic is coming!!

Really? Can someone share how much of their current traffic is QUIC, please?
I have the impression, that QUIC was feeler by google and will soon be repaced by BBR with TCP-TLS.

Quic is more than just a feeler. Youtube uses quic when possible and there are plenty of other services are already using it, or are going to in the near future.
It appears to look like udp in winbox, but doesn't have the same behavior. I found this out the hard way after realizing that it doesn't work with rules like connection-rate when marking traffic...
Tcp+tls won't replace quic, just like quic won't replace older protocols - at least not anytime soon. They're all going to work alongside each other and will be slowly implemented where applicable.
Any thoughts Mikrotik? Mikrotik? (bueller..)

anav · Wed Jan 23, 2019 8:39 pm

Quic is coming!!

Really? Can someone share how much of their current traffic is QUIC, please?
I have the impression, that QUIC was feeler by google and will soon be replaced by BBR with TCP-TLS.

This link may help inform...........
https://en.wikipedia.org/wiki/HTTP/3

pcunite · Wed Jan 23, 2019 9:31 pm

Can someone share how much of their current traffic is QUIC, please?

The Chrome browser and the iOS YouTube app. How popular are they?

pcunite · Wed Jan 23, 2019 9:56 pm

QUIC appears to look like udp in winbox, but doesn't have the same behavior. I found this out the hard way after realizing that it doesn't work with rules like connection-rate when marking traffic.

There was a bug with connection-rate in the past, are you still having issues? At the moment, I mark QUIC like so:

/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new new-connection-mark=QUIC passthrough=yes port=80,443 protocol=udp comment=QUIC
add action=mark-packet chain=prerouting connection-mark=QUIC new-packet-mark=QUIC passthrough=no

HzMeister · Wed Jan 23, 2019 10:58 pm

QUIC appears to look like udp in winbox, but doesn't have the same behavior. I found this out the hard way after realizing that it doesn't work with rules like connection-rate when marking traffic.

There was a bug with connection-rate in the past, are you still having issues? At the moment, I mark QUIC like so:
Code: Select all
/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new new-connection-mark=QUIC passthrough=yes port=80,443 protocol=udp comment=QUIC
add action=mark-packet chain=prerouting connection-mark=QUIC new-packet-mark=QUIC passthrough=no

Try setting the connection-rate = 0-500. Then play a youtube video in chrome(or preferably a tablet to be sure it's using quic) and you will see that it's marking packets >500 B/s too.

muetzekoeln · Thu Jan 24, 2019 11:12 am

This link may help inform...........
https://en.wikipedia.org/wiki/HTTP/3

Also worth reading:
https://calendar.perfplanet.com/2018/qu ... g-to-fail/
https://datatracker.ietf.org/meeting/10 ... f-mptcp-00

pcunite · Thu Jan 24, 2019 4:08 pm

Also worth reading:
https://calendar.perfplanet.com/2018/qu ... g-to-fail/
https://datatracker.ietf.org/meeting/10 ... f-mptcp-00

What I want from protocols is a way to tell them how much bandwidth they can use on my network. If they play nice, I'll be nice. If QUIC gets congestion control wrong ... that's going to make me work against it.

PROTOCOL QUIC PLEASE & QUICkly ;-)

PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Who is online