tokio_quiche/settings/quic.rs
1// Copyright (C) 2025, Cloudflare, Inc.
2// All rights reserved.
3//
4// Redistribution and use in source and binary forms, with or without
5// modification, are permitted provided that the following conditions are
6// met:
7//
8// * Redistributions of source code must retain the above copyright notice,
9// this list of conditions and the following disclaimer.
10//
11// * Redistributions in binary form must reproduce the above copyright
12// notice, this list of conditions and the following disclaimer in the
13// documentation and/or other materials provided with the distribution.
14//
15// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
16// IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
17// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
18// PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
19// CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
20// EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
21// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
22// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
23// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
24// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26
27use foundations::settings::settings;
28use serde_with::serde_as;
29use serde_with::DurationMilliSeconds;
30use std::time::Duration;
31
32/// QUIC configuration parameters.
33#[serde_as]
34#[settings]
35#[non_exhaustive]
36pub struct QuicSettings {
37 /// Configures the list of supported application protocols.
38 ///
39 /// Defaults to `[b"h3"]`.
40 #[serde(skip, default = "QuicSettings::default_alpn")]
41 pub alpn: Vec<Vec<u8>>,
42
43 /// Configures whether to enable DATAGRAM frame support. H3 connections
44 /// copy this setting from the underlying QUIC connection.
45 ///
46 /// Defaults to `true`.
47 #[serde(default = "QuicSettings::default_enable_dgram")]
48 pub enable_dgram: bool,
49
50 /// Max queue length for received DATAGRAM frames.
51 ///
52 /// Defaults to `2^16`.
53 #[serde(default = "QuicSettings::default_dgram_max_queue_len")]
54 pub dgram_recv_max_queue_len: usize,
55
56 /// Max queue length for sending DATAGRAM frames.
57 ///
58 /// Defaults to `2^16`.
59 #[serde(default = "QuicSettings::default_dgram_max_queue_len")]
60 pub dgram_send_max_queue_len: usize,
61
62 /// Sets the `initial_max_data` transport parameter.
63 ///
64 /// Defaults to 10 MB.
65 #[serde(default = "QuicSettings::default_initial_max_data")]
66 pub initial_max_data: u64,
67
68 /// Sets the `initial_max_stream_data_bidi_local` transport parameter.
69 ///
70 /// Defaults to 1 MB.
71 #[serde(default = "QuicSettings::default_initial_max_stream_data")]
72 pub initial_max_stream_data_bidi_local: u64,
73
74 /// Sets the `initial_max_stream_data_bidi_remote` transport parameter.
75 ///
76 /// Defaults to 1 MB.
77 #[serde(default = "QuicSettings::default_initial_max_stream_data")]
78 pub initial_max_stream_data_bidi_remote: u64,
79
80 /// Sets the `initial_max_stream_data_uni` transport parameter.
81 ///
82 /// Defaults to 1 MB.
83 #[serde(default = "QuicSettings::default_initial_max_stream_data")]
84 pub initial_max_stream_data_uni: u64,
85
86 /// Sets the `initial_max_streams_bidi` transport parameter.
87 ///
88 /// Defaults to `100`.
89 #[serde(default = "QuicSettings::default_initial_max_streams")]
90 pub initial_max_streams_bidi: u64,
91
92 /// Sets the `initial_max_streams_uni` transport parameter.
93 ///
94 /// Defaults to `100`.
95 #[serde(default = "QuicSettings::default_initial_max_streams")]
96 pub initial_max_streams_uni: u64,
97
98 /// Configures the max idle timeout of the connection in milliseconds. The
99 /// real idle timeout is the minimum of this and the peer's
100 /// `max_idle_timeout`.
101 ///
102 /// Defaults to 56 seconds.
103 #[serde(
104 rename = "max_idle_timeout_ms",
105 default = "QuicSettings::default_max_idle_timeout"
106 )]
107 #[serde_as(as = "Option<DurationMilliSeconds>")]
108 pub max_idle_timeout: Option<Duration>,
109
110 /// Configures whether the local endpoint supports active connection
111 /// migration.
112 ///
113 /// Defaults to `true` (meaning disabled).
114 #[serde(default = "QuicSettings::default_disable_active_migration")]
115 pub disable_active_migration: bool,
116
117 /// Sets the `active_connection_id_limit` transport parameter.
118 ///
119 /// Defaults to 2. Note that values less than 2 will be ignored.
120 #[serde(default = "QuicSettings::default_active_connection_id_limit")]
121 pub active_connection_id_limit: u64,
122
123 /// Sets the maximum incoming UDP payload size.
124 ///
125 /// Defaults to 1350 bytes.
126 #[serde(default = "QuicSettings::default_max_recv_udp_payload_size")]
127 pub max_recv_udp_payload_size: usize,
128
129 /// Sets the maximum outgoing UDP payload size.
130 ///
131 /// Defaults to 1350 bytes.
132 #[serde(default = "QuicSettings::default_max_send_udp_payload_size")]
133 pub max_send_udp_payload_size: usize,
134
135 /// Whether to validate client IPs in QUIC initials.
136 ///
137 /// If set to `true`, any received QUIC initial will immediately spawn a
138 /// connection and start crypto operations for the handshake. Otherwise,
139 /// the client is asked to execute a stateless retry first (the default).
140 pub disable_client_ip_validation: bool,
141
142 /// Path to a file in which TLS secrets will be logged in
143 /// [SSLKEYLOGFILE format](https://tlswg.org/sslkeylogfile/draft-ietf-tls-keylogfile.html).
144 pub keylog_file: Option<String>,
145
146 /// Path to a directory where QLOG files will be saved.
147 pub qlog_dir: Option<String>,
148
149 /// Congestion control algorithm to use.
150 ///
151 /// For available values, see
152 /// [`CongestionControlAlgorithm`](quiche::CongestionControlAlgorithm).
153 ///
154 /// Defaults to `cubic`.
155 #[serde(default = "QuicSettings::default_cc_algorithm")]
156 pub cc_algorithm: String,
157
158 /// The default initial congestion window size in terms of packet count.
159 ///
160 /// Defaults to 10.
161 #[serde(default = "QuicSettings::default_initial_congestion_window_packets")]
162 pub initial_congestion_window_packets: usize,
163
164 /// Configures whether to do path MTU discovery.
165 ///
166 /// Defaults to `false`.
167 pub discover_path_mtu: bool,
168
169 /// Whether to use HyStart++ (only with `cubic` and `reno` CC).
170 ///
171 /// Defaults to `true`.
172 #[serde(default = "QuicSettings::default_enable_hystart")]
173 pub enable_hystart: bool,
174
175 /// Optionally enables pacing for outgoing packets.
176 ///
177 /// Note: this also requires pacing-compatible
178 /// [`SocketCapabilities`](crate::socket::SocketCapabilities).
179 pub enable_pacing: bool,
180
181 /// Sets the max value for pacing rate.
182 ///
183 /// By default, there is no limit.
184 pub max_pacing_rate: Option<u64>,
185
186 /// Optionally enables expensive versions of the
187 /// `accepted_initial_quic_packet_count`
188 /// and `rejected_initial_quic_packet_count` metrics.
189 ///
190 /// The expensive versions add a label for the peer IP subnet (`/24` for
191 /// IPv4, `/32` for IPv6). They thus generate many more time series if
192 /// peers are arbitrary eyeballs from the global Internet.
193 pub enable_expensive_packet_count_metrics: bool,
194
195 /// Forwards [`quiche`] logs into the logging system currently used by
196 /// [`foundations`].
197 ///
198 /// Defaults to `false`.
199 ///
200 /// # Warning
201 /// This should **only be used for local debugging**. `quiche` can emit lots
202 /// (and lots, and lots) of logs (the TRACE level emits a log record for
203 /// every packet and frame) and you can very easily overwhelm your
204 /// logging pipeline.
205 pub capture_quiche_logs: bool,
206
207 /// A timeout for the QUIC handshake, in milliseconds.
208 ///
209 /// Disabled by default.
210 #[serde(rename = "handshake_timeout_ms")]
211 #[serde_as(as = "Option<DurationMilliSeconds>")]
212 pub handshake_timeout: Option<Duration>,
213
214 /// The maximum number of newly-created connections that will be queued for
215 /// the application to receive. Not applicable to client-side usage.
216 ///
217 /// Defaults to 1024 connections.
218 #[serde(default = "QuicSettings::default_listen_backlog")]
219 pub listen_backlog: usize,
220
221 /// Whether or not to verify the peer's certificate.
222 ///
223 /// Defaults to `false`, meaning no peer verification is performed. Note
224 /// that clients should usually set this value to `true` - see
225 /// [`verify_peer()`] for more.
226 ///
227 /// [`verify_peer()`]: https://docs.rs/quiche/latest/quiche/struct.Config.html#method.verify_peer
228 pub verify_peer: bool,
229
230 /// The maximum size of the receiver connection flow control window.
231 ///
232 /// Defaults to 24MB.
233 #[serde(default = "QuicSettings::default_max_connection_window")]
234 pub max_connection_window: u64,
235
236 /// The maximum size of the receiveer stream flow control window.
237 ///
238 /// Defaults to 16MB.
239 #[serde(default = "QuicSettings::default_max_stream_window")]
240 pub max_stream_window: u64,
241
242 /// Configures whether to send GREASE values.
243 ///
244 /// Defaults to true.
245 #[serde(default = "QuicSettings::default_grease")]
246 pub grease: bool,
247
248 /// Sets the anti-amplification limit factor.
249 ///
250 /// Defaults to 3.
251 #[serde(default = "QuicSettings::default_amplification_factor")]
252 pub max_amplification_factor: usize,
253
254 /// Sets the `ack_delay_exponent` transport parameter.
255 ///
256 /// Defaults to 3.
257 #[serde(default = "QuicSettings::default_ack_delay_exponent")]
258 pub ack_delay_exponent: u64,
259
260 /// Sets the `max_ack_delay` transport parameter.
261 ///
262 /// Defaults to 25.
263 #[serde(default = "QuicSettings::default_max_ack_delay")]
264 pub max_ack_delay: u64,
265
266 /// Configures the max number of queued received PATH_CHALLENGE frames.
267 ///
268 /// Defaults to 3.
269 #[serde(default = "QuicSettings::default_max_path_challenge_recv_queue_len")]
270 pub max_path_challenge_recv_queue_len: usize,
271
272 /// Sets the initial stateless reset token.
273 ///
274 /// Note that this applies only to server-side connections - on client-side
275 /// connections, this is a no-op.
276 ///
277 /// Defaults to `None`.
278 pub stateless_reset_token: Option<u128>,
279
280 /// Sets whether the QUIC connection should avoid reusing DCIDs over
281 /// different paths.
282 ///
283 /// Defaults to `false`. See [`set_disable_dcid_reuse()`] for more.
284 ///
285 /// [`set_disable_dcid_reuse()`]: https://docs.rs/quiche/latest/quiche/struct.Config.html#method.disable_dcid_reuse
286 pub disable_dcid_reuse: bool,
287
288 /// Specifies the number of bytes used to track unknown transport
289 /// parameters.
290 ///
291 /// Defaults to `None`, e.g., unknown transport parameters will not be
292 /// tracked. See [`enable_track_unknown_transport_parameters()`] for
293 /// more.
294 ///
295 /// [`enable_track_unknown_transport_parameters()`]: https://docs.rs/quiche/latest/quiche/struct.Config.html#method.enable_track_unknown_transport_parameters
296 pub track_unknown_transport_parameters: Option<usize>,
297}
298
299impl QuicSettings {
300 #[inline]
301 fn default_alpn() -> Vec<Vec<u8>> {
302 quiche::h3::APPLICATION_PROTOCOL
303 .iter()
304 .map(|v| v.to_vec())
305 .collect()
306 }
307
308 #[inline]
309 fn default_enable_dgram() -> bool {
310 true
311 }
312
313 #[inline]
314 fn default_dgram_max_queue_len() -> usize {
315 65536
316 }
317
318 #[inline]
319 fn default_initial_max_data() -> u64 {
320 10_000_000
321 }
322
323 #[inline]
324 fn default_initial_max_stream_data() -> u64 {
325 1_000_000
326 }
327
328 #[inline]
329 fn default_initial_max_streams() -> u64 {
330 100
331 }
332
333 #[inline]
334 fn default_max_idle_timeout() -> Option<Duration> {
335 Some(Duration::from_secs(56))
336 }
337
338 #[inline]
339 fn default_max_recv_udp_payload_size() -> usize {
340 1350
341 }
342
343 #[inline]
344 fn default_max_send_udp_payload_size() -> usize {
345 1350
346 }
347
348 #[inline]
349 fn default_disable_active_migration() -> bool {
350 true
351 }
352
353 #[inline]
354 fn default_cc_algorithm() -> String {
355 "cubic".to_string()
356 }
357
358 #[inline]
359 fn default_initial_congestion_window_packets() -> usize {
360 10
361 }
362
363 #[inline]
364 fn default_enable_hystart() -> bool {
365 true
366 }
367
368 #[inline]
369 fn default_listen_backlog() -> usize {
370 // Given a worst-case 1 minute handshake timeout and up to 4096 concurrent
371 // handshakes, we will dequeue at least 70 connections per second.
372 // This means this backlog size limits the queueing latency to
373 // ~15s.
374 1024
375 }
376
377 #[inline]
378 fn default_max_connection_window() -> u64 {
379 24 * 1024 * 1024
380 }
381
382 #[inline]
383 fn default_max_stream_window() -> u64 {
384 16 * 1024 * 1024
385 }
386
387 #[inline]
388 fn default_grease() -> bool {
389 true
390 }
391
392 #[inline]
393 fn default_amplification_factor() -> usize {
394 3
395 }
396
397 #[inline]
398 fn default_ack_delay_exponent() -> u64 {
399 3
400 }
401
402 #[inline]
403 fn default_max_ack_delay() -> u64 {
404 25
405 }
406
407 #[inline]
408 fn default_active_connection_id_limit() -> u64 {
409 2
410 }
411
412 #[inline]
413 fn default_max_path_challenge_recv_queue_len() -> usize {
414 3
415 }
416}
417
418#[cfg(test)]
419mod test {
420 use super::QuicSettings;
421 use std::time::Duration;
422
423 #[test]
424 fn timeouts_parse_as_milliseconds() {
425 let quic = serde_json::from_str::<QuicSettings>(
426 r#"{ "handshake_timeout_ms": 5000, "max_idle_timeout_ms": 7000 }"#,
427 )
428 .unwrap();
429
430 assert_eq!(quic.handshake_timeout.unwrap(), Duration::from_secs(5));
431 assert_eq!(quic.max_idle_timeout.unwrap(), Duration::from_secs(7));
432 }
433}