QUIC in IPv4 and getting there via HTTP Alt-Svc and DNS HTTPS Jan Rüth*, Constantin Sander*, Robin Marx†, Oliver Hohlfeld‡
* RWTH Aachen University † KU Leuven ‡ Brandenburg University of Technology
1 QUIC Deployment in IPv4 on 443
• zmap to /0 on UDP port 443 every week on Thursdays • QUIC Initial packet with version: 0x?a?a?a?a à Prober Target triggers version negotiation Initial ( vers: 0x1a1a1a1a) • Monitoring drafts since 2018 till today ) 0x00000001 • Continually updated scanner to latest draft VN (supp:
2 QUIC in IPv4 on 443 in 2019
Draft-14 MVFST-15 Draft-20 Draft-24,Draft-23 Draft-17 QGO-255 Draft-22 Other Draft-18 gQ44,gQ43,gQ39 Draft-23 MVFST-0,Draft-09 Other MVFST-0,Draft-17 Scanning for draft-17 800K Scanning for draft-22 4K 600K 3K 400K # IPs # IPs 2K 200K 0.0 0.0 2019 2019 2019 2019 2019 2019 2019 2019 2019 2019 2019 2019 2019 2019 Jul Jan Jan Feb May May Jun Aug Sep Oct Nov Dec Mar Apr 27. 25. 19. 03. 31. 28. 28. 25. 02. 30. 22. 17. 14. 12.
3 QUIC in IPv4 on 443 in 2020 and 2021
Draft-24,Draft-23 Draft-29,Draft-27,tQUIC-50,gQ50,gQ46,gQ43 Draft-25,Draft-24,Draft-23 Draft-29,Draft-27,tQUIC-51,tQUIC-50,gQ50,gQ46,gQ43 Draft-29,Draft-27 QUIC-01,Draft-29,Draft-28,Draft-27 Draft-27 Draft-29,Draft-28,Draft-27 Draft-27,Draft-24,Draft-23 Draft-29,tQUIC-51,gQ50,gQ46,gQ43 Draft-29,Draft-28,Draft-27 QUIC-01,Draft-29,tQUIC-51,gQ50,gQ46,gQ43 Draft-27,Draft-25,gQ50,gQ49,gQ48,gQ46,gQ43 Draft-29,tQUIC-51,tQUIC-50,gQ50,gQ46,gQ43 Draft-29,gQ50,gQ46,gQ43 gQ50,gQ46,gQ43 Draft-27,Draft-25,tQUIC-50,gQ50,gQ46,gQ43 gQ50,gQ48,gQ46,gQ43 Draft-27,Draft-25,tQUIC-50,gQ50,gQ49,gQ48,gQ46,gQ43 gQ50,gQ49,gQ48,gQ46,gQ43 Draft-29,tQUIC-51,gQ50,gQ46,gQ43 Other Draft-28,Draft-27,Draft-25,tQUIC-50,gQ50,gQ49,gQ48,gQ46,gQ43 gQ50,gQ49,gQ48,gQ46,gQ43,tQUIC-50 Draft-29,Draft-27 Other Draft-29,Draft-27,Draft-25,tQUIC-50,gQ50,gQ46,gQ43 Using 18 byte ConnIDs RFC9000 released 1.6M 2.0M 1.2M 1.5M 1.0M # IPs 800.0K # IPs 400.0K 500.0K 0.0 0.0 20202020202020202020202020202020202020202020202020202020 2021 2021 2021 2021 2021 2021 2021 2021 JanJanFebMarAprMayJun JulAugSepOctNovDecDec Jan Feb Mar Apr Apr May Jun Jul 02. 30. 27.26. 23.21. 18. 16.13. 10. 08.05. 03. 31. 07. 04. 04. 01. 29. 27. 24. 22.
4 Who is using QUIC? • Which autonomous systems are involved (2021-07-21)? # of IPs AS Number Name 683,223 13335 CLOUDFLARENET 495,598 15169 GOOGLE 330,919 20940 AKAMAI-ASN1 206,695 54113 FASTLY 24,250 209242 CLOUDFLARESPECTRUM Cloudflare, Inc. 22,546 4837 CHINA169-BACKBONE CHINA UNICOM 21,039 15133 EDGECAST 18,478 16509 AMAZON-02 17,166 4134 CHINANET-BACKBONE No.31 13,392 396982 GOOGLE-PRIVATE-CLOUD 5 Use of Alt-Svc Header • Domains from .net/.org/.com zonefiles on 30th June, 2021 • GET / using zgrab at www.DOMAIN.tld
.net .org .com #Domains 13,339,176 10,424,223 155,126,816 #HTTP Success 4,349,222 3,925,768 57,824,633 #Alt-Svc Header 363,910 319,449 5,622,051
• 8.3% to 9.7% of reachable sites use Alt-Svc
6 Use of Alt-Svc Header • What is being signaled? • At the example of .org
Count Protocol/Port Count Protocol/Port 263,842 h3-27=":443 118,300 h3-Q043=":443" 236,722 h3-29=":443" 117,081 h3-Q050=":443" 223,514 h3=":443" 110,165 quic=":443"; v="43,46" 185,231 h3-28=":443" 66,905 h3-25=":443" 118,308 h3-Q046=":443" 10,869 h3-34=":443"
7 Use of DNS HTTPS (draft-ietf-dnsop-svcb-https) • Domains from .net/.org/.com zonefiles on 30th June, 2021 • zdns for HTTPS DNS record of www.DOMAIN.tld .net .org .com #Domains 13,339,176 10,424,223 155,126,816 #HTTPS DNS Records (2.3%) 303,053 (2.6%) 268,784 (2.7%) 4,238,103 #Having ALPN 302,613 268,553 4,231,730 ALPN "h2" 99% 99% 99% ALPN "h3-29" 59% 58% 55% ALPN "h3-28" 59% 58% 55% 1 ALPN "h3" ALPN "h3-27" 59% 58% 55% #Having ipv4hint 303,037 268,770 4,238,015 #Having ipv6hint 283,342 251,441 3,950,735 8 Conclusion
• QUIC has been developed and experimented with on the Internet • We also find different implementations • Continuously rising deployment over the past years
• More parties involved than with gQUIC
• Use of via Alt-Svc header: roughly 8 – 10% of investigated domains
• Use of DNS HTTPS record: roughly 2 – 3% of investigated domains
9