QUIC traffic throttled on AT&T residential
Brandon Martin
lists.nanog at monmotha.net
Wed Feb 19 20:28:40 UTC 2020
On 2/19/20 2:54 PM, Fred Baker wrote:
> The argument I have heard is that residential firewalls often block anything that is*not* UDP or TCP. The question for the googlers was existential - can it work at all?
I'm not sure that they "block" it, per se, though some probably do have
an explicit rule to that effect. I would think the bigger issue is that
they don't know how to 1:N NAT arbitrary L4s (and how would they), so
the absolute best you might get is that the first device behind the NAT
to establish a mapping sees all the relevant L4 traffic and everybody
else is locked out. I'd suspect the normal case is simply that they
drop it on the floor unless there's a specified "DMZ" host.
Perhaps this is just a semantic difference, but I think it's actually an
even more difficult issue to resolve. If it were simply blocked, that's
usually "easy" (either for the user, via a management interface, or for
the vendor, via policy template) to fix. Writing an entirely new L4 NAT
helper is a different matter entirely.
IPv6 would of course render this moot, but we all know how well IPv6
traffic gets treated...
--
Brandon Martin
More information about the NANOG
mailing list