Ant Group’s QUIC Deployment: Boosting Mobile Payments & Global Acceleration

QUIC Background Introduction

Since 2015, the QUIC protocol has been standardized by IETF and adopted by many vendors. With advantages such as 0‑RTT connection establishment and support for connection migration, QUIC is the underlying transport for HTTP/3. Ant Group’s Alipay client and gateway teams began deploying QUIC in late 2018 for mobile payments and overseas acceleration.

1. What is QUIC?

QUIC (Quick UDP Internet Connections) is a secure, reliable transport protocol built on UDP, aiming to replace TCP and integrate TLS. It sits in the protocol stack below HTTP/3.

2. Why QUIC?

TCP, which carries over 90% of Internet traffic, suffers from protocol ossification, making it hard to evolve. QUIC overcomes these limitations, offering features like connection migration and 0‑RTT, and benefits from advances in TLS 1.3 and HTTP/2.

3. QUIC Ecosystem Development

The timeline shows key milestones, with QUIC V1 becoming an RFC in 2021.

One Deployment Framework

Ant’s gateway, built on a multi‑process NGINX variant (named Spanner), faces challenges with UDP in a multi‑process model. The framework includes two components:

QUIC Load Balancer (QUIC LB) built on NGINX’s UDP Stream module, routing based on server information embedded in the QUIC DCID to support connection migration.

NGINX QUIC server (NGINX_QUIC_MODULE) with two port types per worker: a Base Port (shared via ReusePort for the first RTT packets) and a Working Port (unique per worker for subsequent packets).

The framework supports:

Connection migration and CID updates entirely in user space without kernel changes.

Lossless upgrades without kernel modifications.

True 0‑RTT and increased 0‑RTT proportion.

Two Deployment Scenarios

Scenario One: Alipay Mobile

The Alipay client sends QUIC‑encapsulated HTTP requests to a QUIC LB, which proxies them to the Spanner gateway, then to the business backend.

Benefits include seamless service during client network switches, reduced handshake latency, and performance gains on weak networks.

Scenario Two: Overseas Acceleration

Ant’s AGNA platform deploys QUIC between overseas Local Proxy (LP) and domestic Remote Proxy (RP). Each TCP connection is proxied as a QUIC stream, enabling long‑lived QUIC connections across the ocean.

Benefits include avoiding repeated TCP handshakes for each request and improved transmission performance over cross‑sea links.

Three Key Patents

Patent 1: “QUIC‑based link acceleration method” (US‑granted, CN110213241A) protecting the overseas acceleration approach.

Patent 2: “Stateless, consistent, distributed QUIC load balancer” (pending) covering the QUIC LB component.

Patent 3: “QUIC server lossless upgrade solution” (pending) addressing UDP upgrade challenges.

Four Key Technologies

Technology 1: Elegant Connection Migration

By embedding ServerInfo in the QUIC CID, the load balancer can route packets after migration without relying on the five‑tuple. CID updates preserve ServerInfo, avoiding routing inconsistencies.

Technology 2: Boosting 0‑RTT Handshake Ratio

QUIC uses Source Address Tokens (STK) similar to TLS session tickets. To handle client IP changes, a Client ID is added to the STK, allowing validation even when the IP varies.

Technology 3: QUIC Lossless Upgrade

By assigning distinct Base and Working ports to old and new processes and encoding the port information in the CID, QUIC LB can seamlessly transfer connections during reloads without packet loss.

Technology 4: Client‑Side Intelligent Path Selection

A dual‑link strategy (Backup and Smart modes) monitors TCP and QUIC metrics (RTT, loss, error rate) and dynamically selects the optimal path, mitigating UDP restrictions in some networks.

Future Plans

Ant will continue to evolve QUIC by:

Designing a unified QUIC transport control framework for diverse business and network types.

Transitioning from gQUIC to IETF QUIC to fully adopt HTTP/3.

Promoting QUIC LB to become an IETF standard.

Exploring MP‑QUIC for multi‑path benefits on mobile.

Optimizing performance with UDP GSO, eBPF, io_uring, etc.

Investigating QUIC for intra‑datacenter east‑west traffic.