QUIC UDP Protocol on Cloudflare

I am a Cloudflare customer and a network protocol analyst.

I am investigating the QUIC protocol and noticed that Cloudflare is involved in it’s implementation.

Might your implementation be done on the SSL to Edge and CDN side of your service or are you wishing to pull data from our web sites using QUIC.

Hard to see the benefit on origin pulls as we have 99% cache, means you seldom have to pull our content.

I can see how it might benefit your CDN side with it’s volume.

At this point, as an expert security and packet analyst I view QUIC as a server side optimization and from an end user perspective I see it as the biggest virus ever propagated by Google.

Every single firewall at every home and SMB must be optimized for incoming UDP QUIC inspection or it allows DDOS wide open - even if it can’t authenticate, QUIC requests can come in unrestrained providing a DoS.

All large Enterprises will have to update firewall hardware and software at great expense and time.

And the benefit? Large server enterprise and certain end users lower latency.

The cost is security for the masses desperate for a little perceived performance improvement.

I am looking at your Cloudflare site with my Chrome browser with QUIC enabled, capturing packets… and Cloudflare.com is definitely using QUIC, but not to my servers. So my questions are related to your proposed use of QUIC.

Thank you,

Bill Alderson


This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.