Packets forwarded by sending directly to the proxy's IP address and port MUST wait for a successful response to the CONNECT-QUIC request. This ensures that the proxy knows how to forward a given packet.
Clients sending QUIC Long Header packets MUST tunnel them within DATAGRAM frames to avoid exposing unnecessary connection metadata. QUIC Short Header packets, on the other hand, can send directly to the proxy (without any tunnelling or encapsulation) once the proxy has sent a successful response for the Server Connection ID.
This all makes sense but it's a little light on information about what the proxy should do with packets that are sent to it before the CONNECT-QUIC response. There's two scenarios I picture:
1) completely unknown short packets. Probably just drop them on the floor?
2) short packets for known IDs (request received) but before the server has sent the response. Probably just drop them on the floor?
The Spec says
This all makes sense but it's a little light on information about what the proxy should do with packets that are sent to it before the CONNECT-QUIC response. There's two scenarios I picture:
1) completely unknown short packets. Probably just drop them on the floor? 2) short packets for known IDs (request received) but before the server has sent the response. Probably just drop them on the floor?