QUIC listener config (proto)

config.listener.v3.QuicProtocolOptions

[config.listener.v3.QuicProtocolOptions proto]

Configuration specific to the UDP QUIC listener.

{
  "quic_protocol_options": {...},
  "idle_timeout": {...},
  "crypto_handshake_timeout": {...},
  "enabled": {...},
  "packets_to_read_to_connection_count_ratio": {...},
  "crypto_stream_config": {...},
  "proof_source_config": {...},
  "connection_id_generator_config": {...},
  "server_preferred_address_config": {...},
  "send_disable_active_migration": {...},
  "connection_debug_visitor_config": {...},
  "save_cmsg_config": [],
  "reject_new_connections": ...
}
quic_protocol_options

(config.core.v3.QuicProtocolOptions)

idle_timeout

(Duration) Maximum number of milliseconds that connection will be alive when there is no network activity.

If it is less than 1ms, Envoy will use 1ms. 300000ms if not specified.

crypto_handshake_timeout

(Duration) Connection timeout in milliseconds before the crypto handshake is finished.

If it is less than 5000ms, Envoy will use 5000ms. 20000ms if not specified.

enabled

(config.core.v3.RuntimeFeatureFlag) Runtime flag that controls whether the listener is enabled or not. If not specified, defaults to enabled.

packets_to_read_to_connection_count_ratio

(UInt32Value) A multiplier to number of connections which is used to determine how many packets to read per event loop. A reasonable number should allow the listener to process enough payload but not starve TCP and other UDP sockets and also prevent long event loop duration. The default value is 32. This means if there are N QUIC connections, the total number of packets to read in each read event will be 32 * N. The actual number of packets to read in total by the UDP listener is also bound by 6000, regardless of this field or how many connections there are.

crypto_stream_config

(config.core.v3.TypedExtensionConfig) Configure which implementation of quic::QuicCryptoClientStreamBase to be used for this listener. If not specified the QUICHE default one configured by will be used.

Tip

This extension category has the following known extensions:

proof_source_config

(config.core.v3.TypedExtensionConfig) Configure which implementation of quic::ProofSource to be used for this listener. If not specified the default one configured by will be used.

Tip

This extension category has the following known extensions:

connection_id_generator_config

(config.core.v3.TypedExtensionConfig) Config which implementation of quic::ConnectionIdGeneratorInterface to be used for this listener. If not specified the default one configured by will be used.

Tip

This extension category has the following known extensions:

server_preferred_address_config

(config.core.v3.TypedExtensionConfig) Configure the server’s preferred address to advertise so that client can migrate to it. See example which configures a pair of v4 and v6 preferred addresses. The current QUICHE implementation will advertise only one of the preferred IPv4 and IPv6 addresses based on the address family the client initially connects with. If not specified, Envoy will not advertise any server’s preferred address.

Warning

This API feature is currently work-in-progress. API features marked as work-in-progress are not considered stable, are not covered by the threat model, are not supported by the security team, and are subject to breaking changes. Do not use this feature without understanding each of the previous points.

Tip

This extension category has the following known extensions:

send_disable_active_migration

(BoolValue) Configure the server to send transport parameter disable_active_migration. Defaults to false (do not send this transport parameter).

connection_debug_visitor_config

(config.core.v3.TypedExtensionConfig) Configure which implementation of quic::QuicConnectionDebugVisitor to be used for this listener. If not specified, no debug visitor will be attached to connections.

Tip

This extension category has the following known extensions:

save_cmsg_config

(repeated config.core.v3.SocketCmsgHeaders) Configure a type of UDP cmsg to pass to listener filters via QuicReceivedPacket. Both level and type must be specified for cmsg to be saved. Cmsg may be truncated or omitted if expected size is not set. If not specified, no cmsg will be saved to QuicReceivedPacket.

reject_new_connections

(bool) If true, the listener will reject connection-establishing packets at the QUIC layer by replying with an empty version negotiation packet to the client.