Post

Replies

Boosts

Views

Activity

Reply to URLSession QUIC configuration
We need to configure the interval due to connection errors for iOS clients behind a firewall when connecting to Cloudflare. After a lengthy investigation, we discovered the following combination results in hangs/stalls for iOS apps and even Safari: the iOS default QUIC client max_idle_timeout of 0 middlebox NAT router/firewall's that perform NAT rebinding Cloudflare’s lack of response to NAT rebinding In more detail, this is because: iOS (and Safari OSX) uses a default max_idle_timeout of 0, doesn’t send keepalives, therefore QUIC connections will use the server supplied idle timeout value some middlebox devices perform NAT rebinding where the source port or IP may change along with a short UDP session timeout Cloudflare sets a max_idle_timeout of 180sec and completely ignores connection migrations iOS users will have hangs of at least 6sec if they perform a request between 30 and 180sec from a previous request this seems to affect the iOS stack altogether, we were able to reproduce the stalls with Safari and our other apps as well The QUIC RFC 9000 recommends a keep-alive of 30sec and specifically calls out middleboxes with 30sec udp timeouts We have confirmed using a small Go app that specifying a 30s max_idle_timeout resolves the issue. We hope to configure URLSession to also have a 30s timeout, but it doesn’t seem to be possible, and we would need to re-implement the connection management stack using Network.framework to do so. We've opened FB16097749 and can provide more detail if needed.
2w