Security●●Solid
QuicFuscate – HTTP/3 VPN transport with adaptive FEC and stealth modes
Hybrid adaptive FEC + TLS fingerprinting—ambitious, but unproven at scale against real DPI.
WizardryBig Brain
cschulze
213mo ago
Back to browse
GitHub Repository
Multipath VPN using MASQUE and Multipath QUIC
23 starsC
Mqvpn – Open-source multipath QUIC VPN
by mp0rta·Feb 24, 2026·2 points·0 comments
AI Analysis
●●●BangerWizardryBig Brain
Standards-based multipath VPN with custom WLB scheduler beats MinRTT by 21%.
Strengths
- •RFC 9484 + Multipath QUIC combination didn't exist in open source before; custom WLB scheduler designed specifically for QUIC datagrams.
- •Concrete benchmarks: 319 Mbps on asymmetric paths (84% theoretical max), reproducible via netns tests.
- •Zero-downtime failover across interfaces is a real operational win for mobile or dual-ISP setups.
Weaknesses
- •Narrow audience: requires Linux, multiple ISP lines or WiFi+LTE; most people use Tailscale or WireGuard which solve 80% of use cases.
- •Early project (0 stars, minimal community): adoption risk and maintenance burden on single author.
Category
Target Audience
Network engineers, VPN infrastructure builders, QUIC protocol implementers
Similar To
Tailscale · ZeroTier · Wireguard
Post Description
The IETF has specs for IP-over-HTTP/3 (MASQUE CONNECT-IP, RFC 9484)
and Multipath QUIC, but no open-source implementation combines both.
I implemented MASQUE CONNECT-IP on XQUIC (which already had Multipath QUIC),
and wrote a new multipath scheduler designed for QUIC Datagrams, then built a VPN layer on that.
This scheduler (WLB) distributes TCP flows across paths proportional to capacity — with asymmetric paths, it reaches 319 Mbps (84% of theoretical max), +21% over the default MinRTT scheduler at 16 parallel flows. Failover is zero downtime.
Benchmarks and graphs in docs/benchmarks_netns.md.
Similar Projects
Developer Tools●●Solid
Tunn – open-source ngrok alternative built on QUIC, 4x faster
QUIC-based ngrok alternative claims 4x speed, but missing benchmarks and early-stage (13 commits, 5 stars).
Dark HorseShip It
Rocked0205
633mo ago
Developer Tools●●Solid
HTTP/3 and raw QUIC client/server APIs for Node.js
Raw QUIC streams from Node without building from source or reverse proxies.
Niche GemBig Brain
brian_meek
16010d ago
Infrastructure●●●Banger
Pangolin: Open-source identity-based VPN (Twingate/Zscaler alternative)
P2P WireGuard VPN beats Twingate's central-server model without mesh VPN's flat-network mess.
Zero to OneBig BrainSolve My Problem
miloschwartz
81284mo ago
Developer Tools●●Solid
AI Commander – TeamViewer for AI Agents, No VPN or SSH
Outbound-only connections let AI agents run commands without VPN or SSH setup.
Solve My ProblemSlick
coderai
3019h ago
Infrastructure●●●Banger
I built a distributed file store on top of AWS CloudShell
Reverse-engineered CloudShell API to build free global storage with erasure coding and hole-punching.
WizardryBold BetZero to One
danvittegleo
223mo ago