feat: Option to turn off SNI slicing

[larseggert]

Wireshark can't reassemble sliced CRYPTO frames, which causes QNS tests to fail bcause it then can't parse all packets.

This PR adds an option to disable SNI slicing, and we do so by default when running in QNS.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.29%. Comparing base (d62557f) to head (2fcb37a).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2387   +/-   ##
=======================================
  Coverage   95.29%   95.29%           
=======================================
  Files         114      114           
  Lines       36850    36868   +18     
  Branches    36850    36868   +18     
=======================================
+ Hits        35117    35135   +18     
  Misses       1727     1727           
  Partials        6        6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Failed Interop Tests

QUIC Interop Runner, client vs. server, differences relative to 108fb8d.

neqo-latest as client

• neqo-latest vs. go-x-net: BP BA
• neqo-latest vs. haproxy: L1 BP BA
• neqo-latest vs. kwik: BP BA
• neqo-latest vs. msquic: 🚀Z A 🚀C1
• neqo-latest vs. mvfst: A L1 C1 BP BA
• neqo-latest vs. neqo: CM
• neqo-latest vs. neqo-latest: CM
• neqo-latest vs. nginx: BP BA
• neqo-latest vs. quic-go: ⚠️L1 BP BA
• neqo-latest vs. quiche: 🚀U L1 BP BA
• neqo-latest vs. s2n-quic: BP BA CM
• neqo-latest vs. xquic: A ⚠️L1

neqo-latest as server

• aioquic vs. neqo-latest: ⚠️L1 CM
• go-x-net vs. neqo-latest: CM
• kwik vs. neqo-latest: BP BA CM
• lsquic vs. neqo-latest: run cancelled after min
• msquic vs. neqo-latest: Z U CM
• mvfst vs. neqo-latest: run cancelled after min
• neqo vs. neqo-latest: CM
• ngtcp2 vs. neqo-latest: run cancelled after min
• picoquic vs. neqo-latest: CM
• quic-go vs. neqo-latest: CM
• quiche vs. neqo-latest: CM
• quinn vs. neqo-latest: ⚠️L1 V2 CM
• s2n-quic vs. neqo-latest: CM
• xquic vs. neqo-latest: M CM

All results

Succeeded Interop Tests

QUIC Interop Runner, client vs. server

neqo-latest as client

• neqo-latest vs. aioquic: ⚠️H DC LR C20 M S R Z 3 B U A L1 L2 C1 C2 6 V2 BP BA
• neqo-latest vs. go-x-net: H DC LR M B U A L2 C2 6
• neqo-latest vs. haproxy: H DC LR C20 M S R Z 3 B U A L2 C1 C2 6 V2
• neqo-latest vs. kwik: H DC LR C20 M S R Z 3 B U A L1 L2 C1 C2 6 V2
• neqo-latest vs. lsquic: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• neqo-latest vs. msquic: H DC LR C20 M S R ⚠️Z B U L1 L2 ⚠️C1 C2 6 V2 BP BA
• neqo-latest vs. mvfst: H DC LR M R Z 3 B U L2 C2 6
• neqo-latest vs. neqo: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• neqo-latest vs. neqo-latest: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• neqo-latest vs. nginx: H DC LR C20 M S R Z 3 B U A L1 L2 C1 C2 6
• neqo-latest vs. ngtcp2: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 ⚠️BP BA
• neqo-latest vs. picoquic: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• neqo-latest vs. quic-go: H DC LR C20 M S R Z 3 B U A 🚀L1 L2 C1 C2 6
• neqo-latest vs. quiche: H DC LR C20 M S R Z 3 B ⚠️U A ⚠️L1 L2 C1 C2 6
• neqo-latest vs. quinn: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 BP BA
• neqo-latest vs. s2n-quic: H DC LR C20 M S R 3 B U E A L1 L2 C1 C2 6
• neqo-latest vs. xquic: H DC LR C20 M R Z 3 B U 🚀L1 L2 C1 C2 6 BP BA

neqo-latest as server

• aioquic vs. neqo-latest: H DC LR C20 M S R Z 3 B A 🚀L1 L2 C1 C2 6 V2 BP BA
• chrome vs. neqo-latest: 3
• go-x-net vs. neqo-latest: H DC LR M B U A L2 C2 6 BP BA
• kwik vs. neqo-latest: H DC LR C20 M S R Z 3 B U A L1 L2 C1 C2 6 V2
• msquic vs. neqo-latest: H DC LR C20 M S R B A L1 L2 C1 C2 6 V2 BP BA
• neqo vs. neqo-latest: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• picoquic vs. neqo-latest: H DC LR C20 M S R Z 3 B U E A L1 L2 C1 C2 6 V2 BP BA
• quic-go vs. neqo-latest: H DC LR C20 M S R Z 3 B U A L1 L2 C1 C2 6 BP BA
• quiche vs. neqo-latest: H DC LR M S R Z 3 B A L1 L2 C1 C2 6 BP BA
• quinn vs. neqo-latest: H DC LR C20 M S R Z 3 B U E A 🚀L1 L2 C1 C2 6 BP BA
• s2n-quic vs. neqo-latest: H DC LR M S R 3 B E A L1 L2 C1 C2 6 BP BA
• xquic vs. neqo-latest: H DC LR C20 S R Z 3 B U A L1 L2 C1 C2 6 BP BA

Unsupported Interop Tests

QUIC Interop Runner, client vs. server

neqo-latest as client

• neqo-latest vs. aioquic: ⚠️E CM
• neqo-latest vs. go-x-net: C20 S R Z 3 E L1 C1 V2 CM
• neqo-latest vs. haproxy: E CM
• neqo-latest vs. kwik: E CM
• neqo-latest vs. lsquic: CM
• neqo-latest vs. msquic: 3 E CM
• neqo-latest vs. mvfst: C20 S E V2 CM
• neqo-latest vs. nginx: E V2 CM
• neqo-latest vs. ngtcp2: CM
• neqo-latest vs. picoquic: CM
• neqo-latest vs. quic-go: E V2 CM
• neqo-latest vs. quiche: E V2 CM
• neqo-latest vs. quinn: V2 CM
• neqo-latest vs. s2n-quic: Z V2
• neqo-latest vs. xquic: S E V2 CM

neqo-latest as server

• aioquic vs. neqo-latest: U E
• chrome vs. neqo-latest: H DC LR C20 M S R Z B U E A L1 L2 C1 C2 6 V2 BP BA CM
• go-x-net vs. neqo-latest: C20 S R Z 3 E L1 C1 V2
• kwik vs. neqo-latest: E
• msquic vs. neqo-latest: 3 E
• quic-go vs. neqo-latest: E V2
• quiche vs. neqo-latest: C20 U E V2
• s2n-quic vs. neqo-latest: C20 Z U V2
• xquic vs. neqo-latest: E V2

[mxinden]

That is a bummer. Especially since this gave us a signal whether all server implementations supported the sni-slicing feature. Do you see this being an issue? Is this temporary?

[github-actions]

Benchmark results

Performance differences relative to d62557f.

decode 4096 bytes, mask ff: No change in performance detected.

       time:   [11.858 µs 11.900 µs 11.946 µs]
       change: [-0.0408% +0.5494% +1.3108%] (p = 0.13 > 0.05)
Found 17 outliers among 100 measurements (17.00%)

1 (1.00%) low severe

3 (3.00%) low mild

1 (1.00%) high mild

12 (12.00%) high severe

decode 1048576 bytes, mask ff: No change in performance detected.

       time:   [2.8848 ms 2.8934 ms 2.9035 ms]
       change: [-0.5520% -0.0848% +0.4000%] (p = 0.74 > 0.05)
Found 9 outliers among 100 measurements (9.00%)

9 (9.00%) high severe

decode 4096 bytes, mask 7f: No change in performance detected.

       time:   [19.797 µs 19.854 µs 19.915 µs]
       change: [-0.1237% +0.2410% +0.6058%] (p = 0.21 > 0.05)
Found 19 outliers among 100 measurements (19.00%)

1 (1.00%) low mild

18 (18.00%) high severe

decode 1048576 bytes, mask 7f: No change in performance detected.

       time:   [5.0845 ms 5.0994 ms 5.1158 ms]
       change: [-0.0822% +0.2983% +0.7117%] (p = 0.14 > 0.05)
Found 21 outliers among 100 measurements (21.00%)

1 (1.00%) high mild

20 (20.00%) high severe

decode 4096 bytes, mask 3f: No change in performance detected.

       time:   [6.9166 µs 6.9549 µs 6.9980 µs]
       change: [-0.0017% +0.7725% +1.6043%] (p = 0.07 > 0.05)
Found 19 outliers among 100 measurements (19.00%)

7 (7.00%) low mild

2 (2.00%) high mild

10 (10.00%) high severe

decode 1048576 bytes, mask 3f: No change in performance detected.

       time:   [1.4125 ms 1.4167 ms 1.4222 ms]
       change: [-0.5985% -0.1034% +0.3853%] (p = 0.69 > 0.05)
Found 5 outliers among 100 measurements (5.00%)

2 (2.00%) high mild

3 (3.00%) high severe

coalesce_acked_from_zero 1+1 entries: No change in performance detected.

       time:   [98.721 ns 99.055 ns 99.428 ns]
       change: [-0.5476% +0.0165% +0.5467%] (p = 0.95 > 0.05)
Found 12 outliers among 100 measurements (12.00%)

6 (6.00%) high mild

6 (6.00%) high severe

coalesce_acked_from_zero 3+1 entries: No change in performance detected.

       time:   [116.81 ns 117.25 ns 117.75 ns]
       change: [-0.3519% +0.1820% +0.7728%] (p = 0.54 > 0.05)
Found 21 outliers among 100 measurements (21.00%)

3 (3.00%) low severe

2 (2.00%) high mild

16 (16.00%) high severe

coalesce_acked_from_zero 10+1 entries: No change in performance detected.

       time:   [116.25 ns 116.61 ns 117.06 ns]
       change: [-0.4086% +0.1397% +0.6707%] (p = 0.63 > 0.05)
Found 13 outliers among 100 measurements (13.00%)

5 (5.00%) low severe

1 (1.00%) low mild

2 (2.00%) high mild

5 (5.00%) high severe

coalesce_acked_from_zero 1000+1 entries: No change in performance detected.

       time:   [97.446 ns 97.596 ns 97.764 ns]
       change: [-6.0501% -1.9018% +0.6904%] (p = 0.44 > 0.05)
Found 8 outliers among 100 measurements (8.00%)

2 (2.00%) high mild

6 (6.00%) high severe

RxStreamOrderer::inbound_frame(): Change within noise threshold.

       time:   [111.48 ms 111.52 ms 111.57 ms]
       change: [-0.1906% -0.1231% -0.0565%] (p = 0.00 < 0.05)
Found 13 outliers among 100 measurements (13.00%)

3 (3.00%) low severe

3 (3.00%) low mild

7 (7.00%) high mild

SentPackets::take_ranges: No change in performance detected.

       time:   [5.4597 µs 5.6370 µs 5.8268 µs]
       change: [-2.4041% +0.3028% +3.0465%] (p = 0.82 > 0.05)
Found 9 outliers among 100 measurements (9.00%)

6 (6.00%) high mild

3 (3.00%) high severe

transfer/pacing-false/varying-seeds: Change within noise threshold.

       time:   [40.978 ms 41.058 ms 41.138 ms]
       change: [-2.9466% -2.6762% -2.4098%] (p = 0.00 < 0.05)

transfer/pacing-true/varying-seeds: Change within noise threshold.

       time:   [41.157 ms 41.230 ms 41.304 ms]
       change: [-2.9183% -2.6784% -2.4073%] (p = 0.00 < 0.05)
Found 2 outliers among 100 measurements (2.00%)

1 (1.00%) low mild

1 (1.00%) high mild

transfer/pacing-false/same-seed: Change within noise threshold.

       time:   [40.732 ms 40.795 ms 40.860 ms]
       change: [-2.3883% -2.1893% -1.9696%] (p = 0.00 < 0.05)
Found 3 outliers among 100 measurements (3.00%)

3 (3.00%) high mild

transfer/pacing-true/same-seed: Change within noise threshold.

       time:   [41.327 ms 41.381 ms 41.435 ms]
       change: [-1.5395% -1.3447% -1.1595%] (p = 0.00 < 0.05)

1-conn/1-100mb-resp/mtu-1504 (aka. Download)/client: 💚 Performance has improved.

       time:   [881.29 ms 892.25 ms 903.51 ms]
       thrpt:  [110.68 MiB/s 112.08 MiB/s 113.47 MiB/s]
change:
       time:   [-8.1148% -6.5662% -5.0395%] (p = 0.00 < 0.05)
       thrpt:  [+5.3070% +7.0276% +8.8314%]

1-conn/10_000-parallel-1b-resp/mtu-1504 (aka. RPS)/client: No change in performance detected.

       time:   [317.71 ms 319.74 ms 321.77 ms]
       thrpt:  [31.078 Kelem/s 31.276 Kelem/s 31.476 Kelem/s]
change:
       time:   [-0.7001% +0.2225% +1.1917%] (p = 0.64 > 0.05)
       thrpt:  [-1.1777% -0.2220% +0.7050%]
Found 2 outliers among 100 measurements (2.00%)

1 (1.00%) low mild

1 (1.00%) high mild

1-conn/1-1b-resp/mtu-1504 (aka. HPS)/client: No change in performance detected.

       time:   [34.303 ms 34.480 ms 34.671 ms]
       thrpt:  [28.843  elem/s 29.003  elem/s 29.152  elem/s]
change:
       time:   [-1.3756% -0.5077% +0.3429%] (p = 0.25 > 0.05)
       thrpt:  [-0.3417% +0.5103% +1.3948%]
Found 10 outliers among 100 measurements (10.00%)

3 (3.00%) low mild

2 (2.00%) high mild

5 (5.00%) high severe

1-conn/1-100mb-resp/mtu-1504 (aka. Upload)/client: Change within noise threshold.

       time:   [1.7319 s 1.7475 s 1.7630 s]
       thrpt:  [56.723 MiB/s 57.226 MiB/s 57.741 MiB/s]
change:
       time:   [+0.5537% +1.9774% +3.2893%] (p = 0.00 < 0.05)
       thrpt:  [-3.1845% -1.9390% -0.5506%]

Client/server transfer results

Transfer of 33554432 bytes over loopback.

Client	Server	CC	Pacing	MTU	Mean [ms]	Min [ms]	Max [ms]
gquiche	gquiche			1504	568.2 ± 87.1	516.6	796.3
neqo	gquiche	reno	on	1504	768.3 ± 27.7	753.1	846.2
neqo	gquiche	reno		1504	759.4 ± 54.0	719.2	908.3
neqo	gquiche	cubic	on	1504	774.5 ± 51.1	738.0	912.1
neqo	gquiche	cubic		1504	790.9 ± 70.3	736.2	983.6
msquic	msquic			1504	194.1 ± 99.1	94.4	365.3
neqo	msquic	reno	on	1504	214.9 ± 10.9	198.5	232.9
neqo	msquic	reno		1504	221.0 ± 11.4	202.8	243.4
neqo	msquic	cubic	on	1504	293.2 ± 136.9	201.8	649.8
neqo	msquic	cubic		1504	214.9 ± 7.0	204.8	224.0
gquiche	neqo	reno	on	1504	672.4 ± 95.8	541.8	856.8
gquiche	neqo	reno		1504	677.8 ± 90.6	536.5	802.3
gquiche	neqo	cubic	on	1504	692.1 ± 136.1	550.3	1024.4
gquiche	neqo	cubic		1504	682.7 ± 82.6	565.3	817.6
msquic	neqo	reno	on	1504	476.8 ± 11.4	463.0	502.0
msquic	neqo	reno		1504	479.5 ± 63.9	449.0	660.1
msquic	neqo	cubic	on	1504	504.4 ± 8.9	490.9	515.9
msquic	neqo	cubic		1504	479.8 ± 26.9	459.0	552.2
neqo	neqo	reno	on	1504	495.7 ± 45.8	449.0	611.8
neqo	neqo	reno		1504	457.4 ± 24.2	432.8	516.6
neqo	neqo	cubic	on	1504	457.4 ± 8.0	443.5	466.5
neqo	neqo	cubic		1504	511.2 ± 65.1	469.0	654.9

⬇️ Download logs

[larseggert]

I'd be very surprised if major servers wouldn't support it.

We can file an issue with wireshark, but it's also kind of a feature when our connections can't be parsed :-)

[mxinden]

but it's also kind of a feature when our connections can't be parsed :-)

Haha, true.