Communication protocol | |
Purpose | General Purpose |
---|---|
Developer(s) | IETF, Google |
Introduced | October 12, 2012 |
Based on | IP, normally layered with UDP |
OSI layer | Transport layer |
RFC(s) | RFC 9000, RFC 8999, RFC 9001, RFC 9002 |
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
QUIC (/kwɪk/) is a general-purpose[1] transport layer[2] network protocol initially designed by Jim Roskind at Google,[3] implemented, and deployed in 2012,[4] announced publicly in 2013 as experimentation broadened,[5][6][7] and described at an IETF meeting.[8] QUIC is used by more than half of all connections from the Chrome web browser to Google's servers.[9] Microsoft Edge (which, after version series 1.x, is a derivative of the open-source Chromium browser),[10][11] Firefox[12] and Safari support it.[13]
Although its name was initially proposed as the acronym for "Quick UDP Internet Connections",[3][8] IETF's use of the word QUIC is not an acronym; it is simply the name of the protocol.[1] QUIC improves performance of connection-oriented web applications that are currently using TCP.[2][9] It does this by establishing a number of multiplexed connections between two endpoints using User Datagram Protocol (UDP), and is designed to obsolete TCP at the transport layer for many applications, thus earning the protocol the occasional nickname "TCP/2".[14]
QUIC works hand-in-hand with HTTP/2's multiplexed connections, allowing multiple streams of data to reach all the endpoints independently, and hence independent of packet losses involving other streams. In contrast, HTTP/2 hosted on Transmission Control Protocol (TCP) can suffer head-of-line-blocking delays of all multiplexed streams if any of the TCP packets is delayed or lost.
QUIC's secondary goals include reduced connection and transport latency, and bandwidth estimation in each direction to avoid congestion. It also moves congestion control algorithms into the user space at both endpoints, rather than the kernel space, which it is claimed will allow these algorithms to improve more rapidly. Additionally, the protocol can be extended with forward error correction (FEC) to further improve performance when errors are expected, and this is seen as the next step in the protocol's evolution. It has been designed to avoid protocol ossification so that it remains evolvable, unlike TCP, which has suffered significant ossification.
In June 2015, an Internet Draft of a specification for QUIC was submitted to the IETF for standardization.[15][16] A QUIC working group was established in 2016.[17] In October 2018, the IETF's HTTP and QUIC Working Groups jointly decided to call the HTTP mapping over QUIC "HTTP/3" in advance of making it a worldwide standard.[18] In May 2021, the IETF standardized QUIC in RFC 9000, supported by RFC 8999, RFC 9001 and RFC 9002.[19] DNS-over-QUIC is another application.
Transmission Control Protocol, or TCP, aims to provide an interface for sending streams of data between two endpoints. Data is handed to the TCP system, which ensures the data makes it to the other end in exactly the same form, or the connection will indicate that an error condition exists.[20]
To do this, TCP breaks up the data into network packets and adds small amounts of data to each packet. This additional data includes a sequence number that is used to detect packets that are lost or arrive out of order, and a checksum that allows the errors within packet data to be detected. When either problem occurs, TCP uses automatic repeat request (ARQ) to tell the sender to re-send the lost or damaged packet.[20]
In most implementations, TCP will see any error on a connection as a blocking operation, stopping further transfers until the error is resolved or the connection is considered failed. If a single connection is being used to send multiple streams of data, as is the case in the HTTP/2 protocol, all of these streams are blocked although only one of them might have a problem. For instance, if a single error occurs while downloading a GIF image used for a favicon, the entire rest of the page will wait while that problem is resolved.[20] This phenomenon is known as head-of-line blocking.
As the TCP system is designed to look like a "data pipe", or stream, it deliberately contains little understanding of the data it transmits. If that data has additional requirements, like encryption using TLS, this must be set up by systems running on top of TCP, using TCP to communicate with similar software on the other end of the connection. Each of these sorts of setup tasks requires its own handshake process. This often requires several round-trips of requests and responses until the connection is established. Due to the inherent latency of long-distance communications, this can add significant overhead to the overall transmission.[20]
TCP has suffered from protocol ossification,[21] due to its wire image being in cleartext and hence visible to and malleable by middleboxes.[22] One measurement found that a third of paths across the Internet encounter at least one intermediary that modifies TCP metadata, and 6.5% of paths encounter harmful ossifying effects from intermediaries.[23] Extensions to TCP have been affected: the design of Multipath TCP (MPTCP) was constrained by middlebox behaviour,[24][25] and the deployment of TCP Fast Open has been likewise hindered.[26][21]
QUIC aims to be nearly equivalent to a TCP connection but with much-reduced latency. It does this primarily through two changes that rely on the understanding of the behaviour of HTTP traffic.[20]
The first change is to greatly reduce overhead during connection setup. As most HTTP connections will demand TLS, QUIC makes the exchange of setup keys and supported protocols part of the initial handshake process. When a client opens a connection, the response packet includes the data needed for future packets to use encryption. This eliminates the need to set up the TCP connection and then negotiate the security protocol via additional packets. Other protocols can be serviced in the same way, combining multiple steps into a single request–response pair. This data can then be used both for following requests in the initial setup, as well as future requests that would otherwise be negotiated as separate connections.[20]
The second change is to use UDP rather than TCP as its basis, which does not include loss recovery. Instead, each QUIC stream is separately flow controlled and lost data is retransmitted at the level of QUIC, not UDP. This means that if an error occurs in one stream, like the favicon example above, the protocol stack can continue servicing other streams independently. This can be very useful in improving performance on error-prone links, as in most cases considerable additional data may be received before TCP notices a packet is missing or broken, and all of this data is blocked or even flushed while the error is corrected. In QUIC, this data is free to be processed while the single multiplexed stream is repaired.[27]
QUIC also includes a number of other changes that also improve overall latency and throughput. For instance, the packets are encrypted individually, so that they do not result in the encrypted data waiting for partial packets. This is not generally possible under TCP, where the encryption records are in a bytestream and the protocol stack is unaware of higher-layer boundaries within this stream. These can be negotiated by the layers running on top, but QUIC aims to do all of this in a single handshake process.[8]
Another goal of the QUIC system was to improve performance during network-switching events, like what happens when a user of a mobile device moves from a local WiFi hotspot to a mobile network. When this occurs on TCP, a lengthy process starts where every existing connection times out one-by-one and is then re-established on demand. To solve this problem, QUIC includes a connection identifier to uniquely identify the connection to the server regardless of source. This allows the connection to be re-established simply by sending a packet, which always contains this ID, as the original connection ID will still be valid even if the user's IP address changes.[28]
Error: No valid link was found at the end of line 4.
QUIC can be implemented in the application space, as opposed to being in the operating system kernel. This generally invokes additional overhead due to context switches as data is moved between applications. However, in the case of QUIC, the protocol stack is intended to be used by a single application, with each application using QUIC having its own connections hosted on UDP. Ultimately the difference could be very small because much of the overall HTTP/2 stack is already in the applications (or their libraries, more commonly). Placing the remaining parts in those libraries, essentially the error correction, has little effect on the HTTP/2 stack's size or overall complexity.[8]
This organization allows future changes to be made more easily as it does not require changes to the kernel for updates. One of QUIC's longer-term goals is to add new systems for forward error correction (FEC) and improved congestion control.[28]
One concern about the move from TCP to UDP is that TCP is widely adopted and many of the "middleboxes" in the internet infrastructure are tuned for TCP and rate-limit or even block UDP. Google carried out a number of exploratory experiments to characterize this and found that only a small number of connections were blocked in this manner.[3] This led to the use of a rapid fallback-to-TCP system; Chromium's network stack opens both a QUIC and traditional TCP connection at the same time, which allows it to fall back with negligible latency.[29]
QUIC has been specifically designed to be deployable, evolvable and to have anti-ossification properties;[30] it is the first IETF transport protocol to deliberately minimise its wire image for these ends.[31] Beyond encrypted headers, it is 'greased'[32] and it has protocol invariants explicitly specified.[33]
The protocol that was created by Google and taken to the IETF under the name QUIC (already in 2012 around QUIC version 20) is quite different from the QUIC that has continued to evolve and be refined within the IETF. The original Google QUIC was designed to be a general purpose protocol, though it was initially deployed as a protocol to support HTTP(S) in Chromium. The current evolution of the IETF QUIC protocol is a general purpose transport protocol. Chromium developers continued to track the evolution of IETF QUIC's standardization efforts to adopt and fully comply with the most recent internet standards for QUIC in Chromium.
QUIC was developed with HTTP in mind, and HTTP/3 was its first application.[34][35] DNS-over-QUIC is an application of QUIC to name resolution, providing security for data transferred between resolvers similar to DNS-over-TLS.[36] The IETF is also developing an application of QUIC to make a secure tunnelling protocol.[35] XMPP has experimentally been adapted to use QUIC.[37] Another application is SMB over QUIC, which, according to Microsoft, can offer an "SMB VPN" without affecting the user experience.[38] SMB clients use TCP by default and will attempt QUIC if the TCP attempt fails or if intentionally requiring QUIC.
The QUIC code was experimentally developed in Google Chrome starting in 2012,[4] and was announced as part of Chromium version 29 (released on August 20, 2013).[18] It is currently enabled by default in Chromium and Chrome.[39]
Support in Firefox arrived in May 2021.[40][12]
Apple added experimental support in the WebKit engine through the Safari Technology Preview 104 in April 2020.[41] Official support was added in Safari 14, included in macOS Big Sur and iOS 14,[42] but the feature needed to be turned on manually.[43] It was later enabled by default in Safari 16.[13]
The cronet library for QUIC and other protocols is available to Android applications as a module loadable via Google Play Services.[44]
cURL 7.66, released 11 September 2019, supports HTTP/3 (and thus QUIC).[45][46]
In October 2020, Facebook announced[47] that it has successfully migrated its apps, including Instagram, and server infrastructure to QUIC, with already 75% of its Internet traffic using QUIC. All mobile apps from Google support QUIC, including YouTube and Gmail.[48][49] Uber's mobile app also uses QUIC.[49]
(As of 2017), there are several actively maintained implementations. Google servers support QUIC and Google has published a prototype server.[50] Akamai Technologies has been supporting QUIC since July 2016.[51][52] A Go implementation called quic-go[53] is also available, and powers experimental QUIC support in the Caddy server.[54] On July 11, 2017, LiteSpeed Technologies officially began supporting QUIC in their load balancer (WebADC)[55] and LiteSpeed Web Server products.[56] (As of October 2019), 88.6% of QUIC websites used LiteSpeed and 10.8% used Nginx.[57] Although at first only Google servers supported HTTP-over-QUIC connections, Facebook also launched the technology in 2018,[18] and Cloudflare has been offering QUIC support on a beta basis since 2018.[58] The HAProxy load balancer added experimental support for QUIC in March 2022[59] and declared it production-ready in March 2023.[60] (As of April 2023), 8.9% of all websites use QUIC,[61] up from 5% in March 2021. Microsoft Windows Server 2022 supports both HTTP/3[62] and SMB over QUIC[63][10] protocols via MsQuic. The Application Delivery Controller of Citrix (Citrix ADC, NetScaler) can function as a QUIC proxy since version 13.[64][65]
In addition, there are several stale community projects: libquic[66] was created by extracting the Chromium implementation of QUIC and modifying it to minimize dependency requirements, and goquic[67] provides Go bindings of libquic. Finally, quic-reverse-proxy[68] is a Docker image that acts as a reverse proxy server, translating QUIC requests into plain HTTP that can be understood by the origin server.
.NET 5 introduces experimental support for QUIC using the MsQuic library.[69]
Implementation | License | Language | Description |
---|---|---|---|
Chromium | BSD License | C++ | This is the source code of the Chrome web browser and the reference gQUIC implementation. It contains a standalone gQUIC and QUIC client and server programs that can be used for testing. Browsable source code. This version is also the basis of LINE's stellite and Google's cronet. |
MsQuic | MIT License | C | A cross platform QUIC implementation from Microsoft designed to be a general purpose QUIC library. Used in Windows and cross platform by .NET. Rust and C# interop layers available. |
QUIC Library (mvfst) | MIT License | C++ | mvfst (Pronounced move fast) is a client and server implementation of IETF QUIC protocol in C++ by Facebook. |
LiteSpeed QUIC Library (lsquic) | MIT License | C | This is the QUIC and HTTP/3 implementation used by LiteSpeed Web Server and OpenLiteSpeed. |
ngtcp2 | MIT License | C | This is a QUIC library that's crypto library agnostic and works with OpenSSL or GnuTLS. For HTTP/3, it needs a separate library like nghttp3. |
Quiche | BSD-2-Clause License | Rust | Socket-agnostic and exposes a C API for use in C/C++ applications. |
quicly | MIT License | C | This library is the QUIC implementation for the H2O web server. |
quic-go | MIT License | Go | This library provides QUIC support for Go. |
Quinn | Apache License 2.0 | Rust | |
Neqo | Apache License 2.0 | Rust | This implementation from Mozilla is planned to be integrated in Necko, a network library used in the Firefox web browser |
aioquic | BSD-3-Clause License | Python | This library features an I/O-free API suitable for embedding in both clients and servers. |
picoquic | BSD-3-Clause License | C | A minimal implementation of QUIC aligned with the IETF specifications |
pquic | MIT License | C | An extensible QUIC implementation that includes an eBPF virtual machine that is able to dynamically load extensions as plugins |
QUANT | BSD-2-Clause License | C | Quant supports traditional POSIX platforms (Linux, MacOS, FreeBSD, etc.) as well as embedded systems. |
quic | BSD-3-Clause License | Haskell | This package implements QUIC based on Haskell lightweight threads. |
netty-incubator-codec-quic | Apache License 2.0 | Java | This package implements QUIC in netty based on the Quiche implementation. |
nodejs-quic | MIT License | NodeJs | This experimental package implements QUIC for Nodejs. |
s2n-quic | Apache License 2.0 | Rust | Open-source Rust implementation from Amazon Web Services |
swift-quic | Apache License 2.0 | Swift | Swift implementation pitched for incubation at the Swift Server Workgroup. |
TQUIC | Apache License 2.0 | Rust | A high-performance, lightweight, and cross-platform QUIC library |
nginx | BSD-2-Clause License | C | Open-source QUIC server implementation |
HAProxy | GNU General Public License version 2 | C | Open-source QUIC server implementation |
kwik | GNU Lesser General Public License version 3 | Java | Client and server implementations of the QUIC protocol (RFC 9000) in 100% Java. Supports HTTP3 (RFC 9114) with "Flupke" add-on. |
Original source: https://en.wikipedia.org/wiki/QUIC.
Read more |