QUIC for the Kernel
9 months ago
- #QUIC
- #Kernel
- #Networking
- QUIC was created to address latency and performance issues with TCP, such as the three-way handshake and head-of-line blocking.
- TCP's metadata is transmitted in the clear, leading to information leaks and protocol ossification, making it hard to improve.
- QUIC eliminates the three-way handshake, supports multiple streams, and encrypts transport data to prevent middlebox interference.
- QUIC is specified in RFC 9000 and RFC 9369, widely supported in user space, but kernel implementations are now being considered for better performance.
- The kernel patch introduces IPPROTO_QUIC, integrates TLS for encryption, and uses libquic and tlshd for setup, caching TLS negotiation results for faster subsequent connections.
- Current benchmarks show in-kernel QUIC underperforming compared to in-kernel TLS and TCP, but future hardware support and optimizations are expected to improve performance.
- Interest in kernel-based QUIC is growing, with support being added to Samba, curl, and potential future applications.
- The QUIC implementation in the kernel is in early stages, with significant code review expected, and mainline inclusion likely not before 2026.