Open phil-lipp opened 3 years ago
Is there any news on that front?
Well, quic-go implements padding as it's specified by the RFC9000. This RFC does not state that the packets should be padded to the same length though.
I'm no go expert, so can't fully figure out the state of things. My understanding is that RFC 9000 requires padding only for Initial packets, which quic-go implements.
After reading it one more time I realized that the issue must still be open:
Instead, implementations SHOULD use QUIC PADDING frames to align the packet length to a small set of fixed sizes, aligned with the recommendations of [RFC8467].
quic-go does not allow us to use padding for that purpose so we'll probably need to stick to regular dns padding instead.
While looking at DoQ traffic captured between the proxy and the AdGuard server, I noticed that the packets are not padded to the same lengths. This is curious, because when I asked the Support team I got an answer saying that padding was implemented and activated by default. Do I, contrary to the statement, have to set a flag in the dnsproxy command or is there something else wrong/padding missing?
my starting command for dnsproxy is: ./dnsproxy -l 127.0.0.1 --quic-port=8853 --tls-crt=example.crt --tls-key=example.key -u quic://dns-unfiltered.adguard.com –output=./log.txt