DavidSchinazi
commented
3 years ago On subsequent CONNECT-UDPs to establish additional forwarding rules, the client/proxy together need to ensure that the same destination IP address is used.
Why is that? Let's assume you have a client that wants to open multiple QUIC connections to a given host and UDP port. Even when CONNECT-UDP isn't in use, there is no guarantee that those two connections will use the same IP. Why would CONNECT-UDP need this requirement?
MikeBishop
tfpauly
When the client makes an initial CONNECT-UDP request to speak to an origin, if it specifies a DNS hostname, the proxy will do a DNS lookup. Because of DNS load balancing, we know that the results might be a subset of all possible addresses for that host. If there are multiple possible IPs in the response, the proxy will pick one. All well and good.
On subsequent CONNECT-UDPs to establish additional forwarding rules, the client/proxy together need to ensure that the same destination IP address is used. Seems like there are two possible directions for that:
The first seems more flexible but requires machinery that doesn't currently exist in this draft. It also has the advantage that the client could change proxies simply by asking a different proxy to contact that IP address.
Regardless, there should be discussion in this draft about this potential issue.