This project provides Dockerfiles for various QUIC implementations, supporting both client and server setups.
To generate certificates and keys, use the generateCerts.sh script located in the certs directory. This script uses OpenSSL.
-
Navigate to the images/baseimage directory and build the base images using Docker Compose:
docker compose build
-
Navigate to the directory for the desired QUIC implementation.
-
List the available versions of the implementation:
docker compose config --services
-
Build a specific version of the implementation:
docker compose build [SERVICE]
Alternatively, build all available versions:
docker compose build
After building the images, start the selected service with:
docker run --rm -v [PATH_TO_CERTS_FOLDER]:/certs rub-nds/quic/[SERVICE] [FLAGS]- Replace
[PATH_TO_CERTS_FOLDER]with the path to your localcertsdirectory. - Replace
[SERVICE]with the desired implementation. - Replace
[FLAGS]with any additional flags required.
For fast setup of the newest implementations, see the quickStartClients and quickStartServers directories.
Each container runs a control server that exposes an HTTP API for managing the QUIC process at runtime. This allows you to check the process status, kill or restart it, and modify command parameters without rebuilding the container. See the base image README for available endpoints and usage examples.
This project is introduced in the following USENIX Security 2026 publication:
Nurullah Erinola, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk. Breaking the Boundaries: Analyzing QUIC Frame-Packet Interactions With QUIC-Attacker. USENIX Security 2026.