When the client's source address changes (e.g., due to NAT rebinding), mvfst starts responding to the new address without sending a PATH_CHALLENGE frame to validate the new path, but RFC9000 requires this.
This was observed using the QUIC interop runner with mvfst as the server and neqo as the client, running the rebind-addr test case. The data transfer itself succeeds — the full 10MB file is downloaded across two address rebinds. However, the test harness reports:
First server packet on new path (('193.167.100.100', 443), ('193.167.0.224', 59022)) did not contain a PATH_CHALLENGE frame
The server's first packet to the new client address contains only an ACK frame, with no PATH_CHALLENGE.
rebind-addr.zip
When the client's source address changes (e.g., due to NAT rebinding), mvfst starts responding to the new address without sending a
PATH_CHALLENGEframe to validate the new path, but RFC9000 requires this.This was observed using the QUIC interop runner with mvfst as the server and neqo as the client, running the
rebind-addrtest case. The data transfer itself succeeds — the full 10MB file is downloaded across two address rebinds. However, the test harness reports:The server's first packet to the new client address contains only an ACK frame, with no
PATH_CHALLENGE.rebind-addr.zip