/plushcap/analysis/cloudflare/unlocking-quic-proxying-potential

Unlocking QUIC’s proxying potential with MASQUE

What's this blog post about?

The article discusses how HTTP/3 can be used for proxying TCP-based applications, including DNS-over-HTTPS and generic HTTPS traffic. It explains that QUIC is designed to run on top of UDP and provides its own layer of security, packet loss detection, data recovery, and congestion control. The article also introduces MASQUE, a working group formed in June 2020, which has been designing solutions for proxying non-TCP applications like HTTP/3. It outlines the process of encapsulating datagrams using QUIC's unreliable datagram extension and how an application can initialize an end-to-end tunnel to inform a proxy server where to send UDP datagrams. The article also discusses the challenges related to path MTU, nested tunneling for improved privacy proxying, and IP tunneling. It concludes by stating that MASQUE is helping design an HTTP-based solution for UDP and IP that complements the existing CONNECT method for TCP tunneling, allowing proxy protocols to be used more widely.

Company
Cloudflare

Date published
March 20, 2022

Author(s)
Lucas Pardue, Christopher Wood

Word count
2250

Hacker News points
4

Language
English


By Matt Makai. 2021-2024.