node/doc/api/quic.md

26 KiB

QUIC

Stability: 1.0 - Early development

The 'node:quic' module provides an implementation of the QUIC protocol. To access it, start Node.js with the --experimental-quic option and:

import quic from 'node:quic';
const quic = require('node:quic');

The module is only available under the node: scheme.

quic.connect(address[, options])

  • address {string|net.SocketAddress}
  • options {quic.SessionOptions}
  • Returns: {Promise} a promise for a {quic.QuicSession}

Initiate a new client-side session.

import { connect } from 'node:quic';
import { Buffer } from 'node:buffer';

const enc = new TextEncoder();
const alpn = 'foo';
const client = await connect('123.123.123.123:8888', { alpn });
await client.createUnidirectionalStream({
  body: enc.encode('hello world'),
});

By default, every call to connect(...) will create a new local QuicEndpoint instance bound to a new random local IP port. To specify the exact local address to use, or to multiplex multiple QUIC sessions over a single local port, pass the endpoint option with either a QuicEndpoint or EndpointOptions as the argument.

import { QuicEndpoint, connect } from 'node:quic';

const endpoint = new QuicEndpoint({
  address: '127.0.0.1:1234',
});

const client = await connect('123.123.123.123:8888', { endpoint });

quic.listen(onsession,[options])

  • onsession {quic.OnSessionCallback}
  • options {quic.SessionOptions}
  • Returns: {Promise} a promise for a {quic.QuicEndpoint}

Configures the endpoint to listen as a server. When a new session is initiated by a remote peer, the given onsession callback will be invoked with the created session.

import { listen } from 'node:quic';

const endpoint = await listen((session) => {
  // ... handle the session
});

// Closing the endpoint allows any sessions open when close is called
// to complete naturally while preventing new sessions from being
// initiated. Once all existing sessions have finished, the endpoint
// will be destroyed. The call returns a promise that is resolved once
// the endpoint is destroyed.
await endpoint.close();

By default, every call to listen(...) will create a new local QuicEndpoint instance bound to a new random local IP port. To specify the exact local address to use, or to multiplex multiple QUIC sessions over a single local port, pass the endpoint option with either a QuicEndpoint or EndpointOptions as the argument.

At most, any single QuicEndpoint can only be configured to listen as a server once.

Class: QuicEndpoint

A QuicEndpoint encapsulates the local UDP-port binding for QUIC. It can be used as both a client and a server.

new QuicEndpoint([options])

  • options {quic.EndpointOptions}

endpoint.address

  • {net.SocketAddress|undefined}

The local UDP socket address to which the endpoint is bound, if any.

If the endpoint is not currently bound then the value will be undefined. Read only.

endpoint.busy

  • {boolean}

When endpoint.busy is set to true, the endpoint will temporarily reject new sessions from being created. Read/write.

// Mark the endpoint busy. New sessions will be prevented.
endpoint.busy = true;

// Mark the endpoint free. New session will be allowed.
endpoint.busy = false;

The busy property is useful when the endpoint is under heavy load and needs to temporarily reject new sessions while it catches up.

endpoint.close()

  • Returns: {Promise}

Gracefully close the endpoint. The endpoint will close and destroy itself when all currently open sessions close. Once called, new sessions will be rejected.

Returns a promise that is fulfilled when the endpoint is destroyed.

endpoint.closed

  • {Promise}

A promise that is fulfilled when the endpoint is destroyed. This will be the same promise that is returned by the endpoint.close() function. Read only.

endpoint.closing

  • {boolean}

True if endpoint.close() has been called and closing the endpoint has not yet completed. Read only.

endpoint.destroy([error])

  • error {any}

Forcefully closes the endpoint by forcing all open sessions to be immediately closed.

endpoint.destroyed

  • {boolean}

True if endpoint.destroy() has been called. Read only.

endpoint.stats

  • {quic.QuicEndpoint.Stats}

The statistics collected for an active session. Read only.

endpoint[Symbol.asyncDispose]()

Calls endpoint.close() and returns a promise that fulfills when the endpoint has closed.

Class: QuicEndpoint.Stats

A view of the collected statistics for an endpoint.

endpointStats.createdAt

  • {bigint} A timestamp indicating the moment the endpoint was created. Read only.

endpointStats.destroyedAt

  • {bigint} A timestamp indicating the moment the endpoint was destroyed. Read only.

endpointStats.bytesReceived

  • {bigint} The total number of bytes received by this endpoint. Read only.

endpointStats.bytesSent

  • {bigint} The total number of bytes sent by this endpoint. Read only.

endpointStats.packetsReceived

  • {bigint} The total number of QUIC packets successfully received by this endpoint. Read only.

endpointStats.packetsSent

  • {bigint} The total number of QUIC packets successfully sent by this endpoint. Read only.

endpointStats.serverSessions

  • {bigint} The total number of peer-initiated sessions received by this endpoint. Read only.

endpointStats.clientSessions

  • {bigint} The total number of sessions initiated by this endpoint. Read only.

endpointStats.serverBusyCount

  • {bigint} The total number of times an initial packet was rejected due to the endpoint being marked busy. Read only.

endpointStats.retryCount

  • {bigint} The total number of QUIC retry attempts on this endpoint. Read only.

endpointStats.versionNegotiationCount

  • {bigint} The total number sessions rejected due to QUIC version mismatch. Read only.

endpointStats.statelessResetCount

  • {bigint} The total number of stateless resets handled by this endpoint. Read only.

endpointStats.immediateCloseCount

  • {bigint} The total number of sessions that were closed before handshake completed. Read only.

Class: QuicSession

A QuicSession represents the local side of a QUIC connection.

session.close()

  • Returns: {Promise}

Initiate a graceful close of the session. Existing streams will be allowed to complete but no new streams will be opened. Once all streams have closed, the session will be destroyed. The returned promise will be fulfilled once the session has been destroyed.

session.closed

  • {Promise}

A promise that is fulfilled once the session is destroyed.

session.destroy([error])

  • error {any}

Immediately destroy the session. All streams will be destroys and the session will be closed.

session.destroyed

  • {boolean}

True if session.destroy() has been called. Read only.

session.endpoint

  • {quic.QuicEndpoint}

The endpoint that created this session. Read only.

session.onstream

  • {quic.OnStreamCallback}

The callback to invoke when a new stream is initiated by a remote peer. Read/write.

session.ondatagram

  • {quic.OnDatagramCallback}

The callback to invoke when a new datagram is received from a remote peer. Read/write.

session.ondatagramstatus

  • {quic.OnDatagramStatusCallback}

The callback to invoke when the status of a datagram is updated. Read/write.

session.onpathvalidation

  • {quic.OnPathValidationCallback}

The callback to invoke when the path validation is updated. Read/write.

seesion.onsessionticket

  • {quic.OnSessionTicketCallback}

The callback to invoke when a new session ticket is received. Read/write.

session.onversionnegotiation

  • {quic.OnVersionNegotiationCallback}

The callback to invoke when a version negotiation is initiated. Read/write.

session.onhandshake

  • {quic.OnHandshakeCallback}

The callback to invoke when the TLS handshake is completed. Read/write.

session.createBidirectionalStream([options])

  • options {Object}
    • body {ArrayBuffer | ArrayBufferView | Blob}
    • sendOrder {number}
  • Returns: {Promise} for a {quic.QuicStream}

Open a new bidirectional stream. If the body option is not specified, the outgoing stream will be half-closed.

session.createUnidirectionalStream([options])

  • options {Object}
    • body {ArrayBuffer | ArrayBufferView | Blob}
    • sendOrder {number}
  • Returns: {Promise} for a {quic.QuicStream}

Open a new unidirectional stream. If the body option is not specified, the outgoing stream will be closed.

session.path

  • {Object|undefined}
    • local {net.SocketAddress}
    • remote {net.SocketAddress}

The local and remote socket addresses associated with the session. Read only.

session.sendDatagram(datagram)

  • datagram {string|ArrayBufferView}
  • Returns: {bigint}

Sends an unreliable datagram to the remote peer, returning the datagram ID. If the datagram payload is specified as an ArrayBufferView, then ownership of that view will be transfered to the underlying stream.

session.stats

  • {quic.QuicSession.Stats}

Return the current statistics for the session. Read only.

session.updateKey()

Initiate a key update for the session.

session[Symbol.asyncDispose]()

Calls session.close() and returns a promise that fulfills when the session has closed.

Class: QuicSession.Stats

sessionStats.createdAt

  • {bigint}

sessionStats.closingAt

  • {bigint}

sessionStats.handshakeCompletedAt

  • {bigint}

sessionStats.handshakeConfirmedAt

  • {bigint}

sessionStats.bytesReceived

  • {bigint}

sessionStats.bytesSent

  • {bigint}

sessionStats.bidiInStreamCount

  • {bigint}

sessionStats.bidiOutStreamCount

  • {bigint}

sessionStats.uniInStreamCount

  • {bigint}

sessionStats.uniOutStreamCount

  • {bigint}

sessionStats.maxBytesInFlights

  • {bigint}

sessionStats.bytesInFlight

  • {bigint}

sessionStats.blockCount

  • {bigint}

sessionStats.cwnd

  • {bigint}

sessionStats.latestRtt

  • {bigint}

sessionStats.minRtt

  • {bigint}

sessionStats.rttVar

  • {bigint}

sessionStats.smoothedRtt

  • {bigint}

sessionStats.ssthresh

  • {bigint}

sessionStats.datagramsReceived

  • {bigint}

sessionStats.datagramsSent

  • {bigint}

sessionStats.datagramsAcknowledged

  • {bigint}

sessionStats.datagramsLost

  • {bigint}

Class: QuicStream

stream.closed

  • {Promise}

A promise that is fulfilled when the stream is fully closed.

stream.destroy([error])

  • error {any}

Immediately and abruptly destroys the stream.

stream.destroyed

  • {boolean}

True if stream.destroy() has been called.

stream.direction

  • {string} One of either 'bidi' or 'uni'.

The directionality of the stream. Read only.

stream.id

  • {bigint}

The stream ID. Read only.

stream.onblocked

  • {quic.OnBlockedCallback}

The callback to invoke when the stream is blocked. Read/write.

stream.onreset

  • {quic.OnStreamErrorCallback}

The callback to invoke when the stream is reset. Read/write.

stream.readable

  • {ReadableStream}

stream.session

  • {quic.QuicSession}

The session that created this stream. Read only.

stream.stats

  • {quic.QuicStream.Stats}

The current statistics for the stream. Read only.

Class: QuicStream.Stats

streamStats.ackedAt

  • {bigint}

streamStats.bytesReceived

  • {bigint}

streamStats.bytesSent

  • {bigint}

streamStats.createdAt

  • {bigint}

streamStats.destroyedAt

  • {bigint}

streamStats.finalSize

  • {bigint}

streamStats.isConnected

  • {bigint}

streamStats.maxOffset

  • {bigint}

streamStats.maxOffsetAcknowledged

  • {bigint}

streamStats.maxOffsetReceived

  • {bigint}

streamStats.openedAt

  • {bigint}

streamStats.receivedAt

  • {bigint}

Types

Type: EndpointOptions

  • {Object}

The endpoint configuration options passed when constructing a new QuicEndpoint instance.

endpointOptions.address

  • {net.SocketAddress | string} The local UDP address and port the endpoint should bind to.

If not specified the endpoint will bind to IPv4 localhost on a random port.

endpointOptions.addressLRUSize

  • {bigint|number}

The endpoint maintains an internal cache of validated socket addresses as a performance optimization. This option sets the maximum number of addresses that are cache. This is an advanced option that users typically won't have need to specify.

endpointOptions.ipv6Only

  • {boolean}

When true, indicates that the endpoint should bind only to IPv6 addresses.

endpointOptions.maxConnectionsPerHost

  • {bigint|number}

Specifies the maximum number of concurrent sessions allowed per remote peer address.

endpointOptions.maxConnectionsTotal

  • {bigint|number}

Specifies the maximum total number of concurrent sessions.

endpointOptions.maxRetries

  • {bigint|number}

Specifies the maximum number of QUIC retry attempts allowed per remote peer address.

endpointOptions.maxStatelessResetsPerHost

  • {bigint|number}

Specifies the maximum number of stateless resets that are allowed per remote peer address.

endpointOptions.retryTokenExpiration

  • {bigint|number}

Specifies the length of time a QUIC retry token is considered valid.

endpointOptions.resetTokenSecret

  • {ArrayBufferView}

Specifies the 16-byte secret used to generate QUIC retry tokens.

endpointOptions.tokenExpiration

  • {bigint|number}

Specifies the length of time a QUIC token is considered valid.

endpointOptions.tokenSecret

  • {ArrayBufferView}

Specifies the 16-byte secret used to generate QUIC tokens.

endpointOptions.udpReceiveBufferSize

  • {number}

endpointOptions.udpSendBufferSize

  • {number}

endpointOptions.udpTTL

  • {number}

endpointOptions.validateAddress

  • {boolean}

When true, requires that the endpoint validate peer addresses using retry packets while establishing a new connection.

Type: SessionOptions

sessionOptions.alpn

  • {string}

The ALPN protocol identifier.

sessionOptions.ca

  • {ArrayBuffer|ArrayBufferView|ArrayBuffer[]|ArrayBufferView[]}

The CA certificates to use for sessions.

sessionOptions.cc

  • {string}

Specifies the congestion control algorithm that will be used . Must be set to one of either 'reno', 'cubic', or 'bbr'.

This is an advanced option that users typically won't have need to specify.

sessionOptions.certs

  • {ArrayBuffer|ArrayBufferView|ArrayBuffer[]|ArrayBufferView[]}

The TLS certificates to use for sessions.

sessionOptions.ciphers

  • {string}

The list of supported TLS 1.3 cipher algorithms.

sessionOptions.crl

  • {ArrayBuffer|ArrayBufferView|ArrayBuffer[]|ArrayBufferView[]}

The CRL to use for sessions.

sessionOptions.groups

  • {string}

The list of support TLS 1.3 cipher groups.

sessionOptions.keylog

  • {boolean}

True to enable TLS keylogging output.

sessionOptions.keys

  • {KeyObject|CryptoKey|KeyObject[]|CryptoKey[]}

The TLS crypto keys to use for sessions.

sessionOptions.maxPayloadSize

  • {bigint|number}

Specifies the maximum UDP packet payload size.

sessionOptions.maxStreamWindow

  • {bigint|number}

Specifies the maximum stream flow-control window size.

sessionOptions.maxWindow

  • {bigint|number}

Specifies the maxumum session flow-control window size.

sessionOptions.minVersion

  • {number}

The minimum QUIC version number to allow. This is an advanced option that users typically won't have need to specify.

sessionOptions.preferredAddressPolicy

  • {string} One of 'use', 'ignore', or 'default'.

When the remote peer advertises a preferred address, this option specifies whether to use it or ignore it.

sessionOptions.qlog

  • {boolean}

True if qlog output should be enabled.

sessionOptions.sessionTicket

  • {ArrayBufferView} A session ticket to use for 0RTT session resumption.

sessionOptions.handshakeTimeout

  • {bigint|number}

Specifies the maximum number of milliseconds a TLS handshake is permitted to take to complete before timing out.

sessionOptions.sni

  • {string}

The peer server name to target.

sessionOptions.tlsTrace

  • {boolean}

True to enable TLS tracing output.

sessionOptions.transportParams

  • {quic.TransportParams}

The QUIC transport parameters to use for the session.

sessionOptions.unacknowledgedPacketThreshold

  • {bigint|number}

Specifies the maximum number of unacknowledged packets a session should allow.

sessionOptions.verifyClient

  • {boolean}

True to require verification of TLS client certificate.

sessionOptions.verifyPrivateKey

  • {boolean}

True to require private key verification.

sessionOptions.version

  • {number}

The QUIC version number to use. This is an advanced option that users typically won't have need to specify.

Type: TransportParams

transportParams.preferredAddressIpv4

  • {net.SocketAddress} The preferred IPv4 address to advertise.

transportParams.preferredAddressIpv6

  • {net.SocketAddress} The preferred IPv6 address to advertise.

transportParams.initialMaxStreamDataBidiLocal

  • {bigint|number}

transportParams.initialMaxStreamDataBidiRemote

  • {bigint|number}

transportParams.initialMaxStreamDataUni

  • {bigint|number}

transportParams.initialMaxData

  • {bigint|number}

transportParams.initialMaxStreamsBidi

  • {bigint|number}

transportParams.initialMaxStreamsUni

  • {bigint|number}

transportParams.maxIdleTimeout

  • {bigint|number}

transportParams.activeConnectionIDLimit

  • {bigint|number}

transportParams.ackDelayExponent

  • {bigint|number}

transportParams.maxAckDelay

  • {bigint|number}

transportParams.maxDatagramFrameSize

  • {bigint|number}

Callbacks

Callback: OnSessionCallback

  • this {quic.QuicEndpoint}
  • session {quic.QuicSession}

The callback function that is invoked when a new session is initiated by a remote peer.

Callback: OnStreamCallback

  • this {quic.QuicSession}
  • stream {quic.QuicStream}

Callback: OnDatagramCallback

  • this {quic.QuicSession}
  • datagram {Uint8Array}
  • early {boolean}

Callback: OnDatagramStatusCallback

  • this {quic.QuicSession}
  • id {bigint}
  • status {string} One of either 'lost' or 'acknowledged'.

Callback: OnPathValidationCallback

  • this {quic.QuicSession}
  • result {string} One of either 'success', 'failure', or 'aborted'.
  • newLocalAddress {net.SocketAddress}
  • newRemoteAddress {net.SocketAddress}
  • oldLocalAddress {net.SocketAddress}
  • oldRemoteAddress {net.SocketAddress}
  • preferredAddress {boolean}

Callback: OnSessionTicketCallback

  • this {quic.QuicSession}
  • ticket {Object}

Callback: OnVersionNegotiationCallback

  • this {quic.QuicSession}
  • version {number}
  • requestedVersions {number[]}
  • supportedVersions {number[]}

Callback: OnHandshakeCallback

  • this {quic.QuicSession}
  • sni {string}
  • alpn {string}
  • cipher {string}
  • cipherVersion {string}
  • validationErrorReason {string}
  • validationErrorCode {number}
  • earlyDataAccepted {boolean}

Callback: OnBlockedCallback

  • this {quic.QuicStream}

Callback: OnStreamErrorCallback

  • this {quic.QuicStream}
  • error {any}

Diagnostic Channels

Channel: quic.endpoint.created

  • endpoint {quic.QuicEndpoint}
  • config {quic.EndpointOptions}

Channel: quic.endpoint.listen

  • endpoint {quic.QuicEndpoint}
  • optoins {quic.SessionOptions}

Channel: quic.endpoint.closing

  • endpoint {quic.QuicEndpoint}
  • hasPendingError {boolean}

Channel: quic.endpoint.closed

  • endpoint {quic.QuicEndpoint}

Channel: quic.endpoint.error

  • endpoint {quic.QuicEndpoint}
  • error {any}

Channel: quic.endpoint.busy.change

  • endpoint {quic.QuicEndpoint}
  • busy {boolean}

Channel: quic.session.created.client

Channel: quic.session.created.server

Channel: quic.session.open.stream

Channel: quic.session.received.stream

Channel: quic.session.send.datagram

Channel: quic.session.update.key

Channel: quic.session.closing

Channel: quic.session.closed

Channel: quic.session.receive.datagram

Channel: quic.session.receive.datagram.status

Channel: quic.session.path.validation

Channel: quic.session.ticket

Channel: quic.session.version.negotiation

Channel: quic.session.handshake