Sign In

  • Username:
  • Password:

Upload File

  •  

Taking a Quick Look to QUIC

It is said that Google’s HTTP-Over-QUIC protocol has been renamed to HTTP/3.0 !
Then I take a quick look and add QUIC support to SweetyGo as well as this site.

What is QUIC

QUIC (Quick UDP Internet Connections) is a new encrypted-by-default Internet transport protocol, that provides a number of improvements designed to accelerate HTTP traffic as well as make it more secure, with the intended goal of eventually replacing TCP and TLS on the web.

Why we need QUIC

Since the rise of the Internet in the 1990s, most of the Internet traffic transmission only uses a few network protocols. IPv4 is used for routing, TCP is used for traffic control at connection layer, SSL/TLS protocol is used for security of transmission, DNS is used for domain name resolution, HTTP is used for application data transmission.

Moreover, the development of these agreements has been very slow in the past thirty years. TCP mainly lies in the improvement of congestion control algorithm, SSL/TLS basically stays in place, several small versions of the changes are mainly the upgrade of password suite, TLS1.3 is a leap-forward change, but up to now, it has not been officially released. Although IPv4 has made great progress in realizing IPv6 and adding a secure DNSSEC to DNS, the deployment progress is slow as IPv6.

In addition, the old protocol and the soaring performance command lead these long-standing problems become increasingly prominent:

  1. Intermediate equipment is rigid
  2. Depending on the implement of OS makes TCP hard to be optimized.
  3. Head-of-line blocking
  4. Large handshake latency when establishing a connection

So there comes the QUIC.

TCP vs QUIC

Due to the fact that QUIC runs on top of UDP, it has the following advantages compared with TCP+HTTP/2.0+TLS:

  1. Reduced the TCP three-handshake and TLS handshake time.
  2. Improved congestion control.
  3. Avoid multiplexing of head blocking.
  4. Connection migration.
  5. Forward error correction.

One of QUIC’s more radical deviations from the now venerable TCP, is the stated design goal of providing a secure-by-default transport protocol. QUIC accomplishes this by providing security features, like authentication and encryption, that are typically handled by a higher layer protocol (like TLS), from the transport protocol itself.

The initial QUIC handshake combines the typical three-way handshake that you get with TCP, with the TLS 1.3 handshake, which provides authentication of the end-points as well as negotiation of cryptographic parameters. For those familiar with the TLS protocol, QUIC replaces the TLS record layer with its own framing format, while keeping the same TLS handshake messages.

Not only does this ensure that the connection is always authenticated and encrypted, but it also makes the initial connection establishment faster as a result: the typical QUIC handshake only takes a single round-trip between client and server to complete, compared to the two round-trips required for the TCP and TLS 1.3 handshakes combined.

Let’s have a Try

Here I choose to use quic-go library, although it is not yet the http-over-quic.

(not just go get, use his tagged release)

The usage is simple.

http.Handle("/", http.FileServer(http.Dir(wwwDir)))
h2quic.ListenAndServeQUIC("localhost:4242", "/path/to/cert/chain.pem", "/path/to/privkey.pem", nil)

And so is in SweetyGo.

package main

import (
    "github.com/AmyangXYZ/sweetygo"
)

func main() {
    app := sweetygo.New()
    app.GET("/", func(ctx *sweetygo.Context) {
        ctx.Text(200, "Hello QUIC")
    })
    app.RunServerOverQUIC(":443", "fullchain.pem", "privkey.pem")
}

Bingo!

Conclusion

QUIC is very complex, but as a new protocol, QUIC has shown a very strong vitality and broad prospects. It is high time for those who want a secure network to pay attention to its development.

Now, who can tell me a QUIC joke?

Reference

QUIC, a multiplexed stream transport over UDP
QUIC协议原理分析
The Road to QUIC
TCP vs QUIC: A New Transport Protocol