Problems with HTTP3/QUIC

[queenkjuul]

Ever since I set up my OPNsense router for the first time (new to OPNsense, not so new to networking, but replacing a standard consumer-grade off the shelf router) Youtube will not work for me.

At first I suspected something weird with IPv6 (mostly because I don't really understand IPv6) so I tried disabling all IPv6 in OPNsense (disabling the IPv6 gateway, turning off IPv6 in my LAN settings), but no dice.

I eventually traced the issue to HTTP3/QUIC. I can manually disable HTTP3 in the Firefox config flags, and that fixes youtube for me.

However, on my phone, I cannot access Firefox config flags in the Android build, and I can't modify the official Youtube app. Neither one works on my phone. I can confirm the problem because re-enabling HTTP3 in Firefox on ethernet clients breaks youtube in the same way. I get errors in dev tools about NS_BINDING_ABORTED and the youtube player just spins forever. I've left it for hours without it snapping to life, and I've tried obvious solutions like disabling ad blockers and clearing cache. All that works is disabling HTTP3 in Firefox.

So I'm now suspecting this has to be a router-level issue, if I can reproduce the issue on all clients both wifi and ethernet regardless of app (firefox or official youtube client both fail the same way).

I've done very little to modify the default settings of OPNsense, though. I've mostly just added DHCP reserved addresses, and enabled DHCP name resolution in Unbound.

This seems to have been broken since the day I installed OPNsense. Any ideas?

Type    opnsense    
Version    23.7.12_5    
Architecture    amd64    
Commit    847d88416    
Mirror    https://pkg.opnsense.org/FreeBSD:13:amd64/23.7    
Repositories    OPNsense    
Updated on    Thu Feb 1 11:49:06 CST 2024

System is a Dell thin client with a Pentium J005 and 8GB RAM, using a Realtek 4x2.5gbe NIC. I have no other issues - DNS works, DHCP name resolution works, I get full expected throughput. What is going on with QUIC then?

[az4th]

I find that I have a very similar issue after installing opnsense 2 weeks ago.

Youtube seems to easily lose its buffer and then spin and never reconnect unless I do something manually to jump forward or backward.

Haven't tried disabling http/3 yet in firefox, will experiment with that.

Running a pretty basic setup, no vlans, LAN into an 8 port switch into wifi. fq_codel setup to help with bufferbloat, default unbounddns, open firewall, pretty much everything default.

Just changed firewall - setttings - advanced from normal to conservative mode, will see if that helps with preserving any dropped connections.

Much of the time it seems fine, but then when it happens it happens a lot. Almost like the issue pops up when other people on the network are streaming youtube and the protocol gets confused, but dunno how that could happen.

OPNsense 23.7.12_5-amd64
FreeBSD 13.2-RELEASE-p7
OpenSSL 1.1.1w

[tb_one]

Same here. no solution since three weeks.

didnt start right away from update to 24.1. A few weeks later. or we just didnt notice.

Youtube, Play Store, http3 websites, everything is laggy at first access, youtube suddenly stops playing.

[Cubelia]

I'm also having problem with this(obviously I'm on 24.x, not 23.x), some people over at reddit r/firefox recommended a few ways to mitigate ns_binding_aborted:
1. Disabling DNS over HTTPS setting in FireFox.
2. Disabling HTTP3 via network.http.http3.enable set to false.
3. Disabling IPv6 as a whole via network.dns.disableIPv6 set to true.

Looks like it's either a problem with IPv6 or DNS over TLS/HTTPS, as I just migrated to OPNsense a few days ago and had DoT up and running. The former 2 didn't work(especially first since I have DoT on opnsense) but disabling IPv6 does the trick for me, everything is smooth as butter. I did verify DoL is still working with IPv4.