quic: remove layer 3/4 logic

- Remove ephemeral source port selection
- Allow QUIC clients to pass arbitrary src IP and port
- Allow initiaing a conn with an 'unknown' src IP
  (Chosen by layer 3)

Author: riptl

contrib/quic/agave_compat/src/main.rs

@@ -357,8 +357,6 @@ unsafe fn fdquic_to_agave() {
 
     let quic = fd_quic_new_anonymous_small(wksp, FD_QUIC_ROLE_CLIENT as i32, &mut rng);
     assert!(!quic.is_null(), "Failed to create fd_quic_t");
-    (*quic).config.net.ephem_udp_port.lo = client_port;
-    (*quic).config.net.ephem_udp_port.hi = client_port;
 
     fd_quic_set_aio_net_tx(quic, fd_udpsock_get_tx(udpsock));
     fd_udpsock_set_rx(udpsock, fd_quic_get_aio_net_rx(quic));
@@ -369,7 +367,7 @@ unsafe fn fdquic_to_agave() {
         "Connecting from 127.0.0.1:{} to 127.0.0.1:{}",
         client_port, listen_port
     );
-    let conn = fd_quic_connect(quic, 0x0100007f, listen_port);
+    let conn = fd_quic_connect(quic, 0x0100007f, listen_port, 0x0100007f, client_port);
     assert!(!conn.is_null());
     let conn_start = Instant::now();
     loop {

contrib/quic/go_compat/main.go

@@ -130,9 +130,6 @@ func clientTest(fdQuic *C.fd_quic_t) {
 	defer cancel()
 
 	C.fd_quic_config_anonymous(fdQuic, C.FD_QUIC_ROLE_CLIENT)
-	fdQuic.config.net.ip_addr = 0x0100007f
-	fdQuic.config.net.ephem_udp_port.lo = 8000
-	fdQuic.config.net.ephem_udp_port.hi = 8001
 	C.fd_quic_init(fdQuic)
 
 	netFdToGo := make(chan []byte, 128)
@@ -225,7 +222,7 @@ func clientTest(fdQuic *C.fd_quic_t) {
 			return true
 		}
 
-		quicConn := C.fd_quic_connect(fdQuic, 0x0100007f, C.ushort(addrGo.Port))
+		quicConn := C.fd_quic_connect(fdQuic, 0x0100007f, C.ushort(addrGo.Port), 0x0100007f, C.ushort(addrFd.Port))
 		if quicConn == nil {
 			log.Fatal("fd_quic_connect failed")
 		}
@@ -269,8 +266,6 @@ func serverTest(fdQuic *C.fd_quic_t) {
 
 	C.fd_quic_config_anonymous(fdQuic, C.FD_QUIC_ROLE_SERVER)
 	fdQuic.config.retry = 1
-	fdQuic.config.net.ip_addr = 0x0100007f
-	fdQuic.config.net.listen_udp_port = 8000
 	C.fd_quic_init(fdQuic)
 
 	netFdToGo := make(chan []byte, 128)

src/app/fdctl/run/topos/fd_firedancer.c

@@ -566,7 +566,6 @@ fd_topo_initialize( config_t * config ) {
       tile->quic.out_depth                      = config->tiles.verify.receive_buffer_size;
       tile->quic.max_concurrent_connections     = config->tiles.quic.max_concurrent_connections;
       tile->quic.max_concurrent_handshakes      = config->tiles.quic.max_concurrent_handshakes;
-      tile->quic.ip_addr                        = config->tiles.net.ip_addr;
       tile->quic.quic_transaction_listen_port   = config->tiles.quic.quic_transaction_listen_port;
       tile->quic.idle_timeout_millis            = config->tiles.quic.idle_timeout_millis;
       tile->quic.ack_delay_millis               = config->tiles.quic.ack_delay_millis;

src/app/fdctl/run/topos/fd_frankendancer.c

@@ -361,7 +361,6 @@ fd_topo_initialize( config_t * config ) {
       tile->quic.out_depth                      = config->tiles.verify.receive_buffer_size;
       tile->quic.max_concurrent_connections     = config->tiles.quic.max_concurrent_connections;
       tile->quic.max_concurrent_handshakes      = config->tiles.quic.max_concurrent_handshakes;
-      tile->quic.ip_addr                        = config->tiles.net.ip_addr;
       tile->quic.quic_transaction_listen_port   = config->tiles.quic.quic_transaction_listen_port;
       tile->quic.idle_timeout_millis            = config->tiles.quic.idle_timeout_millis;
       tile->quic.ack_delay_millis               = config->tiles.quic.ack_delay_millis;

src/app/fddev/quic_trace/fd_quic_trace_log_tile.c

@@ -34,7 +34,7 @@ after_frag( void *              _ctx   FD_FN_UNUSED,
   fd_quic_log_error_t const * error = fd_type_pun_const( ctx->buffer );
   printf( "event=conn_close_quic conn_id=%016lx src_ip=%08x enc=%d pktnum=%8lu close_code=0x%lx loc=%.*s(%u)\n",
           error->hdr.conn_id,
-          fd_uint_bswap( FD_LOAD( uint, error->hdr.ip4_saddr ) ),
+          fd_uint_bswap( error->hdr.ip4_saddr ),
           error->hdr.enc_level,
           error->hdr.pkt_num,
           error->code[0],

src/app/fddev/tiles/fd_benchs.c

@@ -248,10 +248,6 @@ populate_quic_config( fd_quic_config_t * config ) {
   config->role = FD_QUIC_ROLE_CLIENT;
   config->retry = 0;
   config->initial_rx_max_stream_data = 0; /* we don't expect the server to initiate streams */
-
-  config->net.ephem_udp_port.lo = 12000;
-  config->net.ephem_udp_port.hi = 12100;
-
   config->net.dscp = 0;
 }
 
@@ -310,7 +306,7 @@ during_frag( fd_benchs_ctx_t * ctx,
       uint   dest_ip   = 0;
       ushort dest_port = fd_ushort_bswap( ctx->quic_port );
 
-      ctx->quic_conn = fd_quic_connect( ctx->quic, dest_ip, dest_port );
+      ctx->quic_conn = fd_quic_connect( ctx->quic, dest_ip, dest_port, 0U, 12000 );
 
       /* failed? try later */
       if( FD_UNLIKELY( !ctx->quic_conn ) ) {
@@ -502,11 +498,8 @@ unprivileged_init( fd_topo_t *      topo,
 
     if( FD_UNLIKELY( !quic_tx_aio ) ) FD_LOG_ERR(( "fd_aio_join failed" ));
 
-    uint  quic_ip_addr             = 0;     /* TODO fetch the quic destination ip addr */
     ulong quic_idle_timeout_millis = 10000;  /* idle timeout in milliseconds */
     quic->config.role                       = FD_QUIC_ROLE_CLIENT;
-    quic->config.net.ip_addr                = quic_ip_addr;
-    quic->config.net.listen_udp_port        = 42424; /* should be unused */
     quic->config.idle_timeout               = quic_idle_timeout_millis * 1000000UL;
     quic->config.initial_rx_max_stream_data = 0;
     quic->config.retry                      = 0; /* unused on clients */

src/app/fddev/txn.c

@@ -88,7 +88,7 @@ send_quic_transactions( fd_quic_t *         quic,
   quic->cb.conn_hs_complete = cb_conn_hs_complete;
   quic->cb.stream_notify    = cb_stream_notify;
 
-  fd_quic_conn_t * conn = fd_quic_connect( quic, dst_ip, dst_port );
+  fd_quic_conn_t * conn = fd_quic_connect( quic, dst_ip, dst_port, 0U, 0 );
   while ( FD_LIKELY( !( g_conn_hs_complete || g_conn_final ) ) ) {
     fd_quic_service( quic );
     fd_quic_udpsock_service( udpsock );
@@ -180,9 +180,6 @@ txn_cmd_fn( args_t *         args,
 
   fd_quic_config_t * client_cfg = &quic->config;
   client_cfg->role = FD_QUIC_ROLE_CLIENT;
-  client_cfg->net.ip_addr           = udpsock->listen_ip;
-  client_cfg->net.ephem_udp_port.lo = (ushort)udpsock->listen_port;
-  client_cfg->net.ephem_udp_port.hi = (ushort)(udpsock->listen_port + 1);
   client_cfg->idle_timeout = 200UL * 1000UL * 1000UL; /* 5000 millis */
   client_cfg->initial_rx_max_stream_data = 0; /* doesn't receive */
 

src/disco/quic/fd_quic_tile.c

@@ -517,13 +517,8 @@ unprivileged_init( fd_topo_t *      topo,
   if( FD_UNLIKELY( tile->quic.ack_delay_millis >= tile->quic.idle_timeout_millis ) ) {
     FD_LOG_ERR(( "Invalid `ack_delay_millis`: must be lower than `idle_timeout_millis`" ));
   }
-  if( FD_UNLIKELY( !tile->quic.ip_addr ) ) {
-    FD_LOG_ERR(( "QUIC IP address not set" ));
-  }
 
   quic->config.role                       = FD_QUIC_ROLE_SERVER;
-  quic->config.net.ip_addr                = tile->quic.ip_addr;
-  quic->config.net.listen_udp_port        = tile->quic.quic_transaction_listen_port;
   quic->config.idle_timeout               = tile->quic.idle_timeout_millis * (ulong)1e6;
   quic->config.ack_delay                  = tile->quic.ack_delay_millis * (ulong)1e6;
   quic->config.initial_rx_max_stream_data = FD_TXN_MTU;

src/disco/topo/fd_topo.h

@@ -165,7 +165,6 @@ typedef struct {
       uint   reasm_cnt;
       ulong  max_concurrent_connections;
       ulong  max_concurrent_handshakes;
-      uint   ip_addr;
       ushort quic_transaction_listen_port;
       ulong  idle_timeout_millis;
       uint   ack_delay_millis;

src/waltz/quic/fd_quic.c

@@ -273,9 +273,6 @@ fd_quic_config_from_env( int  *             pargc,
   cfg->idle_timeout = idle_timeout_ms * (ulong)1e6;
   cfg->initial_rx_max_stream_data = initial_rx_max_stream_data;
 
-  cfg->net.ephem_udp_port.lo = 10000;
-  cfg->net.ephem_udp_port.hi = 11000;
-
   return cfg;
 }
 
@@ -397,15 +394,7 @@ fd_quic_init( fd_quic_t * quic ) {
 
   switch( config->role ) {
   case FD_QUIC_ROLE_SERVER:
-    if( FD_UNLIKELY( !config->net.listen_udp_port ) ) { FD_LOG_WARNING(( "no cfg.net.listen_udp_port" )); return NULL; }
-    break;
   case FD_QUIC_ROLE_CLIENT:
-    if( FD_UNLIKELY( !config->net.ephem_udp_port.lo
-                  || !config->net.ephem_udp_port.hi
-                  || config->net.ephem_udp_port.lo > config->net.ephem_udp_port.hi ) ) {
-      FD_LOG_WARNING(( "invalid cfg.net.ephem_udp_port" ));
-      return NULL;
-    }
     break;
   default:
     FD_LOG_WARNING(( "invalid cfg.role" ));
@@ -588,9 +577,6 @@ fd_quic_init( fd_quic_t * quic ) {
   FD_QUIC_TRANSPORT_PARAM_SET( tp, max_ack_delay,                       max_ack_delay_ms_u       );
   /*                         */tp->disable_active_migration_present =   1;
 
-  /* Initialize next ephemeral udp port */
-  state->next_ephem_udp_port = config->net.ephem_udp_port.lo;
-
   return quic;
 }
 
@@ -815,11 +801,11 @@ fd_quic_log_full_hdr( fd_quic_conn_t const * conn,
   fd_quic_log_hdr_t hdr = {
     .conn_id   = conn->our_conn_id,
     .pkt_num   = pkt->pkt_number,
+    .ip4_saddr = pkt->ip4->saddr,
     .udp_sport = pkt->udp->net_sport,
     .enc_level = (uchar)pkt->enc_level,
     .flags     = 0
   };
-  memcpy( hdr.ip4_saddr, pkt->ip4->saddr_c, 4 );
   return hdr;
 }
 
@@ -1364,9 +1350,7 @@ fd_quic_send_retry( fd_quic_t *               quic,
                     fd_quic_pkt_t *           pkt,
                     fd_quic_conn_id_t const * odcid,
                     fd_quic_conn_id_t const * scid,
-                    ulong                     new_conn_id,
-                    uint                      dst_ip_addr,
-                    ushort                    dst_udp_port ) {
+                    ulong                     new_conn_id ) {
 
   fd_quic_state_t * state = fd_quic_get_state( quic );
 
@@ -1385,9 +1369,10 @@ fd_quic_send_retry( fd_quic_t *               quic,
         retry_pkt,
         // encode buffer
         &pkt->ip4->net_id,
-        dst_ip_addr,
-        quic->config.net.listen_udp_port,
-        dst_udp_port ) == FD_QUIC_FAILED ) ) {
+        pkt->ip4->saddr,
+        pkt->udp->net_sport,
+        pkt->ip4->daddr,
+        pkt->udp->net_dport ) == FD_QUIC_FAILED ) ) {
     return FD_QUIC_PARSE_FAIL;
   }
   return 0UL;
@@ -1487,11 +1472,6 @@ fd_quic_handle_v1_initial( fd_quic_t *               quic,
       fd_memcpy( peer_conn_id.conn_id, initial->src_conn_id, FD_QUIC_MAX_CONN_ID_SZ );
       peer_conn_id.sz = initial->src_conn_id_len;
 
-      /* Save peer's network endpoint */
-
-      ushort dst_udp_port = pkt->udp->net_sport;
-      uint   dst_ip_addr  = FD_LOAD( uint, pkt->ip4->saddr_c );
-
       /* Prepare QUIC-TLS transport params object (sent as a TLS extension).
          Take template from state and mutate certain params in-place.
 
@@ -1531,8 +1511,7 @@ fd_quic_handle_v1_initial( fd_quic_t *               quic,
           ulong new_conn_id_u64 = fd_rng_ulong( state->_rng );
           if( FD_UNLIKELY( fd_quic_send_retry(
                 quic, pkt,
-                &odcid, peer_scid, new_conn_id_u64,
-                dst_ip_addr, dst_udp_port ) ) ) {
+                &odcid, peer_scid, new_conn_id_u64 ) ) ) {
             return FD_QUIC_FAILED;
           }
           return (initial->pkt_num_pnoff + initial->len);
@@ -1614,8 +1593,10 @@ fd_quic_handle_v1_initial( fd_quic_t *               quic,
       conn = fd_quic_conn_create( quic,
           scid,
           &peer_conn_id,
-          dst_ip_addr,
-          dst_udp_port,
+          pkt->ip4->saddr,
+          pkt->udp->net_sport,
+          pkt->ip4->daddr,
+          pkt->udp->net_dport,
           1 /* server */ );
 
       if( FD_UNLIKELY( !conn ) ) { /* no free connections */
@@ -1715,6 +1696,12 @@ fd_quic_handle_v1_initial( fd_quic_t *               quic,
     return FD_QUIC_PARSE_FAIL;
   }
 
+  if( FD_UNLIKELY( !conn->host.ip_addr ) ) {
+    /* Lock src IP address in place (previously chosen by layer-4 based
+       on the route table) */
+    conn->host.ip_addr = pkt->ip4->daddr;
+  }
+
   /* check if reply conn id needs to change */
   if( FD_UNLIKELY( !( conn->server | conn->established ) ) ) {
     /* switch to the source connection id for future replies */
@@ -2996,8 +2983,9 @@ fd_quic_tx_buffered_raw(
     uchar *          tx_buf,
     ushort *         ipv4_id,
     uint             dst_ipv4_addr,
-    ushort           src_udp_port,
-    ushort           dst_udp_port
+    ushort           dst_udp_port,
+    uint             src_ipv4_addr,
+    ushort           src_udp_port
 ) {
 
   /* TODO leave space at front of tx_buf for header
@@ -3029,19 +3017,14 @@ fd_quic_tx_buffered_raw(
   pkt.ip4->ttl          = 64; /* TODO make configurable */
   pkt.ip4->protocol     = FD_IP4_HDR_PROTOCOL_UDP;
   pkt.ip4->check        = 0;
+  pkt.ip4->saddr        = src_ipv4_addr;
+  pkt.ip4->daddr        = dst_ipv4_addr;
   pkt.udp->net_sport    = src_udp_port;
   pkt.udp->net_dport    = dst_udp_port;
   pkt.udp->net_len      = (ushort)( 8 + payload_sz );
   pkt.udp->check        = 0x0000;
   *ipv4_id = (ushort)( *ipv4_id + 1 );
 
-  /* TODO saddr could be zero -- should use the kernel routing table to
-     determine an appropriate source address */
-
-  /* copy to avoid alignment issues */
-  memcpy( &pkt.ip4->saddr_c, &config->net.ip_addr, 4 );
-  memcpy( &pkt.ip4->daddr_c, &dst_ipv4_addr,       4 );
-
   ulong rc = fd_quic_encode_ip4( cur_ptr, cur_sz, pkt.ip4 );
   if( FD_UNLIKELY( rc == FD_QUIC_PARSE_FAIL ) ) {
     FD_LOG_ERR(( "fd_quic_encode_ip4 failed with buffer overrun" ));
@@ -3106,8 +3089,9 @@ fd_quic_tx_buffered( fd_quic_t *      quic,
       conn->tx_buf_conn,
       &conn->ipv4_id,
       endpoint->ip_addr,
-      conn->host.udp_port,
-      endpoint->udp_port );
+      endpoint->udp_port,
+      conn->host.ip_addr,
+      conn->host.udp_port);
 }
 
 static ulong
@@ -4095,7 +4079,9 @@ fd_quic_conn_free( fd_quic_t *      quic,
 fd_quic_conn_t *
 fd_quic_connect( fd_quic_t *  quic,
                  uint         dst_ip_addr,
-                 ushort       dst_udp_port ) {
+                 ushort       dst_udp_port,
+                 uint         src_ip_addr,
+                 ushort       src_udp_port ) {
 
   fd_quic_state_t * state = fd_quic_get_state( quic );
 
@@ -4120,25 +4106,15 @@ fd_quic_connect( fd_quic_t *  quic,
       &peer_conn_id,
       dst_ip_addr,
       dst_udp_port,
+      src_ip_addr,
+      src_udp_port,
       0 /* client */ );
 
   if( FD_UNLIKELY( !conn ) ) {
     FD_DEBUG( FD_LOG_DEBUG(( "fd_quic_conn_create failed" )) );
     return NULL;
   }
 
-  /* choose a port from ephemeral range */
-  fd_quic_config_t * config     = &quic->config;
-  ushort             ephem_lo   = config->net.ephem_udp_port.lo;
-  ushort             ephem_hi   = config->net.ephem_udp_port.hi;
-  ushort             next_ephem = state->next_ephem_udp_port;
-  ushort             src_port   = next_ephem;
-  next_ephem++;
-  next_ephem = fd_ushort_if( next_ephem >= ephem_hi, ephem_lo, next_ephem );
-  state->next_ephem_udp_port = next_ephem;
-
-  conn->host.udp_port = src_port;
-
   /* Prepare QUIC-TLS transport params object (sent as a TLS extension).
       Take template from state and mutate certain params in-place.
 
@@ -4201,8 +4177,10 @@ fd_quic_conn_t *
 fd_quic_conn_create( fd_quic_t *               quic,
                      ulong                     our_conn_id,
                      fd_quic_conn_id_t const * peer_conn_id,
-                     uint                      dst_ip_addr,
-                     ushort                    dst_udp_port,
+                     uint                      peer_ip_addr,
+                     ushort                    peer_udp_port,
+                     uint                      self_ip_addr,
+                     ushort                    self_udp_port,
                      int                       server ) {
 
   fd_quic_config_t * config = &quic->config;
@@ -4253,10 +4231,8 @@ fd_quic_conn_create( fd_quic_t *               quic,
   conn->svc_time            = LONG_MAX;
   conn->our_conn_id         = 0;
   conn->host                = (fd_quic_net_endpoint_t){
-    .ip_addr  = config->net.ip_addr,
-    .udp_port = fd_ushort_if( server,
-                              config->net.listen_udp_port,
-                              state->next_ephem_udp_port )
+    .ip_addr  = self_ip_addr, /* may be 0, if outgoing */
+    .udp_port = self_udp_port,
   };
   memset( &conn->peer[0], 0, sizeof( conn->peer ) );
   conn->conn_gen++;
@@ -4335,8 +4311,8 @@ fd_quic_conn_create( fd_quic_t *               quic,
 
   /* peer connection id */
   conn->peer_cids[0]     = *peer_conn_id;
-  conn->peer[0].ip_addr  = dst_ip_addr;
-  conn->peer[0].udp_port = dst_udp_port;
+  conn->peer[0].ip_addr  = peer_ip_addr;
+  conn->peer[0].udp_port = peer_udp_port;
 
   fd_quic_ack_gen_init( conn->ack_gen );
   conn->unacked_sz = 0UL;