Is QUIC Traffic Killing Your Local Network? A Deep Dive

Experiencing network slowdowns that coincide with heavy Google service usage? You might be encountering an issue related to the QUIC protocol. This article explores a real-world scenario where QUIC traffic seemed to be the culprit behind local network degradation and examines potential solutions and troubleshooting steps.

What is QUIC?

QUIC (Quick UDP Internet Connections) is a network protocol developed by Google. It's designed to improve the performance and security of web applications. Unlike traditional TCP, QUIC operates over UDP, aiming to reduce latency and provide a more reliable connection. QUIC is effectively TLS over UDP. So when QUIC is being used, you would expect http:// requests to Google to be sent over QUIC instead of over TLS.

The Problem: Network Degradation

One user reported a recurring issue where their local network would become effectively unusable due to excessive QUIC traffic. This manifested as:

• High latency: Ping times to Google would spike dramatically (900+ ms).
• Network congestion: Large QUIC packets (1392 bytes) being sent in rapid succession.
• Service disruption: Difficulty accessing remote customer systems and making calls.

The user initially mitigated the problem by disabling pre-fetching in Chrome and then later removing "Data Saver (Beta)". However, the issue persisted.

Initial Troubleshooting Steps

Here are some initial steps the user took to address the problem:

• Rebooting the cable modem: This was a temporary fix, restoring normal network performance until the issue recurred.
• Blocking Google IPs: Identifying the "chattiest" Google IP address and blocking it via the hosts file on the affected PC.
• Disabling QUIC in Chrome: Chrome, by default, uses QUIC to communicate with Google. It can be disabled by going to chrome://flags, searching for "Experimental QUIC protocol," and setting it to "Disabled".

Investigating the Root Cause

The QUIC team at Google was actively involved in troubleshooting the issue. They emphasized that QUIC traffic should be similar in size and rate to TCP traffic and were keen to identify the cause of the reported network degradation.

• Net-internals trace: The user provided a net-internals log, a detailed record of Chrome's network activity, to help the QUIC team analyze the problem.
• Wireshark captures: Analyzing network traffic with Wireshark revealed spikes in QUIC traffic coinciding with the performance issues.

Potential Culprits and Contributing Factors

Several factors were considered as potential contributors to the problem:

• Router/Cable Modem Issues: Some older routers and cable modems may struggle with pre-resolution (speculative DNS requests) and pre-connection (speculative TCP connections). Some routers have a "DDOS Protection" feature that may inadvertently block legitimate traffic. The user's modem was a uBee DVW3201B Docsis 3.0.
• Chrome's Resource Fetching: It's possible that how Chrome schedules resource fetches could contribute to network congestion.
• Chromecast Activity: Excessive Chromecast activity was identified in the TCP traffic capture, potentially contributing to overall network load.

The Role of Data Saver

The "Data Saver (Beta)" feature in Chrome was also suspected. After removing "Data Saver (Beta)", with pre-fetching still disabled everywhere, the problem with QUIC traffic killing my local network is not going away.

QUIC and SSL/TLS

QUIC essentially replaces HTTP/TLS over TCP, so you would expect HTTP requests to Google to be sent over QUIC instead of over TLS.

Congestion Control

QUIC uses the TCP cubic congestion control algorithm and is expected to interact with other TCP flows accordingly.

Key Takeaways

• QUIC isn't always the problem: While the initial suspicion fell on QUIC, further investigation revealed that other factors, such as router limitations or unrelated network traffic (e.g., Chromecast), could be the primary cause.
• Troubleshooting requires detailed analysis: Using tools like Wireshark and Chrome's net-internals can provide valuable insights into network behavior.
• Correlative evidence isn't definitive: Just because a problem seems to coincide with QUIC traffic doesn't automatically mean QUIC is the culprit. Further investigation is needed.

Practical Steps to Take If You Suspect QUIC Issues

If you're experiencing network problems and suspect QUIC might be involved, consider these steps:

1. Disable QUIC in Chrome: As mentioned earlier, this can be done via chrome://flags.
2. Monitor your network traffic: Use Wireshark or similar tools to identify patterns and potential sources of congestion.
3. Check your router/modem: Ensure your firmware is up-to-date and investigate any relevant settings (e.g., DoS protection).
4. Investigate other network activity: Identify any other devices or applications that might be consuming significant bandwidth.

Conclusion

While QUIC is designed to improve network performance, it can sometimes be associated with network issues. By understanding the protocol, employing effective troubleshooting techniques, and considering other potential factors, you can effectively diagnose and resolve network problems, whether or not QUIC is the root cause. If you have concerns, gather as much detailed information as possible to share with your ISP or the QUIC development community.