diff --git a/doc/api/quic.md b/doc/api/quic.md
index ad400bf225b974..5ecac022a3c83b 100644
--- a/doc/api/quic.md
+++ b/doc/api/quic.md
@@ -104,6 +104,135 @@ to negotiate the application protocol (via ALPN), authenticate the server (and
 optionally the client), exchange transport parameters, and establish shared keys
 for encryption.
 
+#### Certificate size and handshake performance
+
+QUIC includes an anti-amplification limit ([RFC 9000 Section 8.1][]) that
+restricts the server to sending at most three times the data received from
+the client before the client's address is validated. Because the client's
+Initial packet is typically around 1200 bytes, the server can send at most
+approximately 3600 bytes before it must wait for the client to acknowledge.
+
+The server's initial response is dominated by its TLS certificate chain. If
+the certificate chain exceeds the amplification limit, the handshake requires
+an additional round trip — the server must pause, wait for the client's
+acknowledgement, and then continue sending the remainder of the certificate.
+This eliminates QUIC's 1-RTT handshake advantage over TCP+TLS and can add
+50–100 ms or more of latency on the first connection, depending on the network
+path.
+
+To avoid this, servers should use compact certificate chains:
+
+* **Use ECDSA certificates** (P-256 or P-384) rather than RSA. ECDSA keys and
+  signatures are significantly smaller. A typical ECDSA P-256 certificate chain
+  with one intermediate is approximately 1.5–2 KB, well within the amplification
+  limit. An equivalent RSA-2048 chain is often 3–5 KB, which may exceed it.
+
+* **Minimize the certificate chain.** Include only the leaf certificate and
+  the necessary intermediate(s). Do not include the root certificate (clients
+  already have it in their trust store). Avoid cross-signed intermediates when
+  the self-signed root is already widely trusted.
+
+* **Prefer certificate authorities with short chains.** Some CAs issue
+  certificates with a single small intermediate, while others require multiple
+  large RSA intermediates. The choice of CA directly affects handshake latency.
+
+Certificate compression ([RFC 8879][]) can also address this issue by
+compressing the certificate chain during the handshake. However, Node.js does
+not currently support TLS certificate compression.
+
+### Rate limiting
+
+QUIC endpoints include built-in rate limiting to protect against
+denial-of-service attacks. There are two layers of defense:
+
+**Global rate limits** cap the total rate of stateless responses that the
+endpoint will send, regardless of the source address. These protect against
+floods from spoofed source IP addresses, where an attacker rotates through
+many fake source addresses to bypass per-host limits. Four types of stateless
+responses are independently rate-limited:
+
+* **Retry packets** — sent to validate a client's address during connection
+  setup. Configurable via [`endpointOptions.retryRate`][] and
+  [`endpointOptions.retryBurst`][].
+* **Stateless reset packets** — sent when the endpoint receives a packet for an
+  unknown session. Configurable via [`endpointOptions.statelessResetRate`][]
+  and [`endpointOptions.statelessResetBurst`][].
+* **Version negotiation packets** — sent when a client uses an unsupported QUIC
+  version. Configurable via [`endpointOptions.versionNegotiationRate`][] and
+  [`endpointOptions.versionNegotiationBurst`][].
+* **Immediate connection close packets** — sent when the server is busy or a
+  token is invalid. Configurable via [`endpointOptions.immediateCloseRate`][]
+  and [`endpointOptions.immediateCloseBurst`][].
+
+Each rate limit uses a token bucket: the endpoint can send up to the burst
+capacity instantly, and tokens refill at the configured rate per second. When
+the bucket is empty, additional responses of that type are silently dropped.
+The defaults (100 per second, burst of 200) are suitable for most deployments.
+
+**Per-host session creation rate limits** cap how fast a single remote address
+can create new sessions. This is tracked per validated remote address and
+prevents a single client from churning through sessions (rapidly connecting and
+disconnecting) to consume server resources. Configurable via
+[`endpointOptions.sessionCreationRate`][] and
+[`endpointOptions.sessionCreationBurst`][]. The defaults (50 per second, burst
+of 100) are generous enough for legitimate traffic patterns. For benchmarking
+scenarios where traffic comes from a single source, increase these values.
+
+In addition to rate limiting, the endpoint supports **concurrent connection
+limits** via `maxConnectionsPerHost` and `maxConnectionsTotal`, and a
+**busy mode** via [`endpoint.busy`][] that rejects all new connections.
+
+Rate limiting activity can be monitored through the endpoint's statistics
+object. Each rate limiter has a corresponding counter
+(e.g., `endpoint.stats.retryRateLimited`,
+`endpoint.stats.sessionCreationRateLimited`) that tracks how many responses
+were dropped. A non-zero value indicates the rate limiter is actively
+protecting the endpoint.
+
+#### Block lists
+
+Endpoints can filter incoming packets by source address using a
+[`net.BlockList`][]. The block list is checked before any QUIC processing
+occurs, so blocked packets consume no resources beyond the check itself.
+
+In **deny** mode (the default), packets from addresses in the list are dropped:
+
+```mjs
+import { BlockList } from 'node:net';
+import { listen } from 'node:quic';
+
+const blocked = new BlockList();
+blocked.addSubnet('192.168.1.0', 24);  // Block an entire subnet
+blocked.addAddress('10.0.0.5');        // Block a specific address
+
+const endpoint = await listen(onSession, {
+  endpoint: {
+    blockList: blocked,
+    blockListPolicy: 'deny',
+  },
+  // ...
+});
+```
+
+In **allow** mode, only packets from addresses in the list are accepted:
+
+```mjs
+const trusted = new BlockList();
+trusted.addSubnet('10.0.0.0', 8);
+
+const endpoint = await listen(onSession, {
+  endpoint: {
+    blockList: trusted,
+    blockListPolicy: 'allow',
+  },
+  // ...
+});
+```
+
+The block list is evaluated live — rules added or removed after the endpoint
+is created take effect immediately. The `endpoint.stats.packetsBlocked`
+counter tracks how many packets have been dropped by the filter.
+
 ### Applications
 
 Every `QuicSession` is associated with a single application protocol, negotiated
@@ -710,7 +839,13 @@ added: v23.8.0
 added: v23.8.0
 -->
 
-* Type: {bigint} The total number of QUIC retry attempts on this endpoint. Read only.
+* Type: {bigint} The total number of retry packets sent by this endpoint. Read only.
+
+### `endpointStats.retryRateLimited`
+
+* Type: {bigint} The total number of retry packets dropped by the global rate
+  limiter. Read only. A non-zero value indicates the endpoint is under retry
+  flood pressure.
 
 ### `endpointStats.versionNegotiationCount`
 
@@ -718,7 +853,13 @@ added: v23.8.0
 added: v23.8.0
 -->
 
-* Type: {bigint} The total number of sessions rejected due to QUIC version mismatch. Read only.
+* Type: {bigint} The total number of version negotiation packets sent by this
+  endpoint. Read only.
+
+### `endpointStats.versionNegotiationRateLimited`
+
+* Type: {bigint} The total number of version negotiation packets dropped by
+  the global rate limiter. Read only.
 
 ### `endpointStats.statelessResetCount`
 
@@ -726,7 +867,13 @@ added: v23.8.0
 added: v23.8.0
 -->
 
-* Type: {bigint} The total number of stateless resets handled by this endpoint. Read only.
+* Type: {bigint} The total number of stateless reset packets sent by this
+  endpoint. Read only.
+
+### `endpointStats.statelessResetRateLimited`
+
+* Type: {bigint} The total number of stateless reset packets dropped by the
+  global rate limiter. Read only.
 
 ### `endpointStats.immediateCloseCount`
 
@@ -734,7 +881,24 @@ added: v23.8.0
 added: v23.8.0
 -->
 
-* Type: {bigint} The total number of sessions that were closed before handshake completed. Read only.
+* Type: {bigint} The total number of immediate connection close packets sent
+  by this endpoint. Read only.
+
+### `endpointStats.immediateCloseRateLimited`
+
+* Type: {bigint} The total number of immediate connection close packets
+  dropped by the global rate limiter. Read only.
+
+### `endpointStats.sessionCreationRateLimited`
+
+* Type: {bigint} The total number of session creation attempts dropped by the
+  per-host rate limiter. Read only. A non-zero value indicates one or more
+  remote addresses are creating sessions faster than the configured rate allows.
+
+### `endpointStats.packetsBlocked`
+
+* Type: {bigint} The total number of incoming packets dropped by the
+  block list filter. Read only.
 
 ## Class: `QuicSession`
 
@@ -1515,6 +1679,11 @@ added: v23.8.0
 
 * Type: {bigint}
 
+### `sessionStats.streamsIdleTimedOut`
+
+* Type: {bigint} The total number of peer-initiated streams destroyed by the
+  stream idle timeout. Read only.
+
 ## Class: `QuicError`
 
 <!-- YAML
@@ -2334,6 +2503,34 @@ added: v23.8.0
 
 If not specified the endpoint will bind to IPv4 `localhost` on a random port.
 
+#### `endpointOptions.blockList`
+
+* Type: {net.BlockList}
+
+An optional [`net.BlockList`][] instance for filtering incoming packets by
+source address. When configured, every received UDP packet is checked against
+the block list before any QUIC processing occurs, minimizing resource
+expenditure on blocked sources. The block list is evaluated live — rules
+added to the `BlockList` object after the endpoint is created take effect
+immediately.
+
+See [`endpointOptions.blockListPolicy`][] for how matches are interpreted.
+
+#### `endpointOptions.blockListPolicy`
+
+* Type: {string} One of `'deny'` or `'allow'`.
+* **Default:** `'deny'`
+
+Controls how the [`endpointOptions.blockList`][] is interpreted:
+
+* `'deny'` — Packets from addresses matching the block list are dropped.
+  All other addresses are accepted. This is the typical blocklist mode.
+* `'allow'` — Only packets from addresses matching the block list are
+  accepted. All other addresses are dropped. This is an allowlist mode
+  for restricting access to known clients.
+
+If no block list is configured, this option has no effect.
+
 #### `endpointOptions.addressLRUSize`
 
 <!-- YAML
@@ -2439,25 +2636,89 @@ addresses. When the limit is reached, new connections are refused with
 This limit can also be changed dynamically after construction via
 [`endpoint.maxConnectionsTotal`][].
 
-#### `endpointOptions.maxRetries`
+#### `endpointOptions.retryRate`
 
-<!-- YAML
-added: v23.8.0
--->
+* Type: {number}
+* **Default:** `100`
 
-* Type: {bigint|number}
+The maximum number of QUIC retry packets the endpoint will send per second.
+This is a global rate limit (not per-host) that caps the total server-wide
+retry response rate, preventing spoofed-source floods from consuming unbounded
+resources.
 
-Specifies the maximum number of QUIC retry attempts allowed per remote peer address.
+#### `endpointOptions.retryBurst`
 
-#### `endpointOptions.maxStatelessResetsPerHost`
+* Type: {number}
+* **Default:** `200`
 
-<!-- YAML
-added: v23.8.0
--->
+The maximum burst of retry packets allowed before rate limiting takes effect.
 
-* Type: {bigint|number}
+#### `endpointOptions.statelessResetRate`
+
+* Type: {number}
+* **Default:** `100`
+
+The maximum number of stateless reset packets the endpoint will send per second.
+
+#### `endpointOptions.statelessResetBurst`
+
+* Type: {number}
+* **Default:** `200`
+
+The maximum burst of stateless reset packets allowed before rate limiting
+takes effect.
+
+#### `endpointOptions.versionNegotiationRate`
+
+* Type: {number}
+* **Default:** `100`
+
+The maximum number of version negotiation packets the endpoint will send per
+second.
+
+#### `endpointOptions.versionNegotiationBurst`
+
+* Type: {number}
+* **Default:** `200`
+
+The maximum burst of version negotiation packets allowed before rate limiting
+takes effect.
+
+#### `endpointOptions.immediateCloseRate`
+
+* Type: {number}
+* **Default:** `100`
+
+The maximum number of immediate connection close packets the endpoint will
+send per second.
 
-Specifies the maximum number of stateless resets that are allowed per remote peer address.
+#### `endpointOptions.immediateCloseBurst`
+
+* Type: {number}
+* **Default:** `200`
+
+The maximum burst of immediate connection close packets allowed before rate
+limiting takes effect.
+
+#### `endpointOptions.sessionCreationRate`
+
+* Type: {number}
+* **Default:** `50`
+
+The maximum number of new sessions that a single remote address can create per
+second. This is a per-host rate limit tracked in the address validation LRU
+cache. It prevents a validated remote address from churning through sessions
+(rapidly opening and abandoning connections) faster than the server can handle.
+For benchmarking where traffic comes from a single source, set this to a high
+value.
+
+#### `endpointOptions.sessionCreationBurst`
+
+* Type: {number}
+* **Default:** `100`
+
+The maximum burst of new session creations allowed from a single remote address
+before rate limiting takes effect.
 
 #### `endpointOptions.retryTokenExpiration`
 
@@ -2746,9 +3007,15 @@ added: v23.8.0
 -->
 
 * Type: {string} One of `'use'`, `'ignore'`, or `'default'`.
+* **Default:** `'ignore'`
 
 When the remote peer advertises a preferred address, this option specifies whether
-to use it or ignore it.
+to use it or ignore it. The default is `'ignore'` because honoring a server's
+preferred address causes the client to migrate its connection to a different IP
+address, which can be exploited for data exfiltration attacks that are
+indistinguishable from legitimate QUIC connection migration at the network level.
+Set to `'use'` only when connecting to trusted servers that require preferred
+address migration.
 
 #### `sessionOptions.qlog`
 
@@ -2788,6 +3055,23 @@ reported as lost via the `ondatagramstatus` callback.
 
 This option is immutable after session creation.
 
+#### `sessionOptions.streamIdleTimeout`
+
+* Type: {bigint|number}
+* **Default:** `30000` (30 seconds)
+
+The maximum time in milliseconds that a peer-initiated stream can be idle
+(no data received) before it is automatically destroyed. This protects
+against slowloris-style attacks where a remote peer opens streams but never
+sends data, holding server resources indefinitely. Only peer-initiated
+streams are checked — locally-initiated streams are the application's
+responsibility. Set to `0` to disable.
+
+The idle check runs as part of the normal send processing loop, so it adds
+no additional timers or event loop overhead. The
+`session.stats.streamsIdleTimedOut` counter tracks how many streams have been
+destroyed by this mechanism.
+
 #### `sessionOptions.maxDatagramSendAttempts`
 
 * Type: {number}
@@ -2857,6 +3141,32 @@ value, PING frames will be sent automatically to keep the connection alive
 before the idle timeout fires. The value should be less than the effective
 idle timeout (`maxIdleTimeout` transport parameter) to be useful.
 
+#### `sessionOptions.verifyPeer` (client only)
+
+* Type: {string} One of `'strict'`, `'auto'`, or `'manual'`.
+* **Default:** `'auto'`
+
+Controls how the client handles server certificate validation:
+
+* `'strict'` — OpenSSL aborts the TLS handshake immediately if the server's
+  certificate fails validation. The `session.opened` promise rejects with a
+  TLS error. The application cannot inspect the certificate or the error
+  details. This is the most secure mode.
+
+* `'auto'` — The TLS handshake completes regardless of validation result.
+  If validation fails, the `session.opened` promise is rejected with an error
+  containing the validation reason, and the session is destroyed. The
+  `onhandshake` callback (if set) fires before rejection, allowing diagnostic
+  logging. This is the default and matches the behavior of `tls.connect()`
+  with `rejectUnauthorized: true`.
+
+* `'manual'` — The TLS handshake completes regardless of validation result.
+  The `session.opened` promise resolves with the handshake info, which includes
+  `validationErrorReason` and `validationErrorCode` if validation failed. The
+  application is responsible for checking these values and deciding whether to
+  continue. Use this mode for custom validation logic, certificate pinning, or
+  intentionally accepting self-signed certificates.
+
 #### `sessionOptions.servername` (client only)
 
 <!-- YAML
@@ -4063,8 +4373,10 @@ throughput issues caused by flow control.
 [JSON-SEQ]: https://www.rfc-editor.org/rfc/rfc7464
 [NSS Key Log Format]: https://udn.realityripple.com/docs/Mozilla/Projects/NSS/Key_Log_Format
 [Permission Model]: permissions.md#permission-model
+[RFC 8879]: https://www.rfc-editor.org/rfc/rfc8879
 [RFC 8999]: https://www.rfc-editor.org/rfc/rfc8999
 [RFC 9000]: https://www.rfc-editor.org/rfc/rfc9000
+[RFC 9000 Section 8.1]: https://www.rfc-editor.org/rfc/rfc9000#section-8.1
 [RFC 9001]: https://www.rfc-editor.org/rfc/rfc9001
 [RFC 9002]: https://www.rfc-editor.org/rfc/rfc9002
 [RFC 9114]: https://www.rfc-editor.org/rfc/rfc9114
@@ -4087,11 +4399,25 @@ throughput issues caused by flow control.
 [`application.enableConnectProtocol`]: #sessionoptionsapplication
 [`application.enableDatagrams`]: #sessionoptionsapplication
 [`application.qpackMaxDTableCapacity`]: #sessionoptionsapplication
+[`endpoint.busy`]: #endpointbusy
 [`endpoint.maxConnectionsPerHost`]: #endpointmaxconnectionsperhost
 [`endpoint.maxConnectionsTotal`]: #endpointmaxconnectionstotal
+[`endpointOptions.blockListPolicy`]: #endpointoptionsblocklistpolicy
+[`endpointOptions.blockList`]: #endpointoptionsblocklist
+[`endpointOptions.immediateCloseBurst`]: #endpointoptionsimmediatecloseburst
+[`endpointOptions.immediateCloseRate`]: #endpointoptionsimmediatecloserate
+[`endpointOptions.retryBurst`]: #endpointoptionsretryburst
+[`endpointOptions.retryRate`]: #endpointoptionsretryrate
+[`endpointOptions.sessionCreationBurst`]: #endpointoptionssessioncreationburst
+[`endpointOptions.sessionCreationRate`]: #endpointoptionssessioncreationrate
+[`endpointOptions.statelessResetBurst`]: #endpointoptionsstatelessresetburst
+[`endpointOptions.statelessResetRate`]: #endpointoptionsstatelessresetrate
+[`endpointOptions.versionNegotiationBurst`]: #endpointoptionsversionnegotiationburst
+[`endpointOptions.versionNegotiationRate`]: #endpointoptionsversionnegotiationrate
 [`error.errorCode`]: #errorerrorcode
 [`fs.promises.open(path, 'r')`]: fs.md#fspromisesopenpath-flags-mode
 [`maxDatagramFrameSize`]: #transportparamsmaxdatagramframesize
+[`net.BlockList`]: net.md#class-netblocklist
 [`quic.connect()`]: #quicconnectaddress-options
 [`quic.listen()`]: #quiclistenonsession-options
 [`session.close()`]: #sessioncloseoptions
diff --git a/lib/internal/blocklist.js b/lib/internal/blocklist.js
index 552819405a1a60..776b510dfd3bc6 100644
--- a/lib/internal/blocklist.js
+++ b/lib/internal/blocklist.js
@@ -296,4 +296,5 @@ ObjectSetPrototypeOf(InternalBlockList.prototype, BlockList.prototype);
 module.exports = {
   BlockList,
   InternalBlockList,
+  kHandle,
 };
diff --git a/lib/internal/quic/quic.js b/lib/internal/quic/quic.js
index a137f04a417a73..fe9e223bdce4d5 100644
--- a/lib/internal/quic/quic.js
+++ b/lib/internal/quic/quic.js
@@ -36,6 +36,10 @@ if (!process.features.quic || !getOptionValue('--experimental-quic')) {
 }
 
 const { inspect } = require('internal/util/inspect');
+const {
+  BlockList,
+  kHandle: kBlockListHandle,
+} = require('internal/blocklist');
 
 let debug = require('internal/util/debuglog').debuglog('quic', (fn) => {
   debug = fn;
@@ -183,6 +187,7 @@ const {
   kGoaway,
   kHandshake,
   kHandshakeCompleted,
+  kVerifyPeer,
   kHeaders,
   kOwner,
   kRemoveSession,
@@ -307,8 +312,18 @@ const endpointRegistry = new SafeSet();
  * @property {boolean} [reusePort] Enable SO_REUSEPORT for multi-process load balancing
  * @property {bigint|number} [maxConnectionsPerHost] The maximum number of connections per host
  * @property {bigint|number} [maxConnectionsTotal] The maximum number of total connections
- * @property {bigint|number} [maxRetries] The maximum number of retries
- * @property {bigint|number} [maxStatelessResetsPerHost] The maximum number of stateless resets per host
+ * @property {number} [retryRate] Global rate limit for retry packets (per second)
+ * @property {number} [retryBurst] Burst capacity for retry rate limiter
+ * @property {number} [statelessResetRate] Global rate limit for stateless reset packets (per second)
+ * @property {number} [statelessResetBurst] Burst capacity for stateless reset rate limiter
+ * @property {number} [versionNegotiationRate] Global rate limit for version negotiation packets (per second)
+ * @property {number} [versionNegotiationBurst] Burst capacity for version negotiation rate limiter
+ * @property {number} [immediateCloseRate] Global rate limit for immediate close packets (per second)
+ * @property {number} [immediateCloseBurst] Burst capacity for immediate close rate limiter
+ * @property {number} [sessionCreationRate] Per-host rate limit for session creation (per second)
+ * @property {number} [sessionCreationBurst] Per-host burst capacity for session creation rate limiter
+ * @property {net.BlockList} [blockList] Block list for filtering incoming packets by source address
+ * @property {'deny'|'allow'} [blockListPolicy='deny'] How to interpret the block list
  * @property {ArrayBufferView} [resetTokenSecret] The reset token secret
  * @property {bigint|number} [retryTokenExpiration] The retry token expiration
  * @property {number} [rxDiagnosticLoss] The receive diagnostic loss probability (range 0.0-1.0)
@@ -374,6 +389,7 @@ const endpointRegistry = new SafeSet();
  * @property {number} [version] The QUIC version
  * @property {number} [minVersion] The minimum acceptable QUIC version
  * @property {'use'|'ignore'|'default'} [preferredAddressPolicy] The preferred address policy
+ * @property {'strict'|'auto'|'manual'} [verifyPeer='auto'] Peer certificate verification policy (client only)
  * @property {ApplicationOptions} [application] The application options
  * @property {TransportParams} [transportParams] The transport parameters
  * @property {string} [servername] The server name identifier (client only)
@@ -420,6 +436,7 @@ const endpointRegistry = new SafeSet();
  * @property {number} [drainingPeriodMultiplier] Multiplier applied to the
  *   draining period (3 * PTO) used by ngtcp2. Range `3..255`.
  *   **Default:** `3`.
+ * @property {bigint|number} [streamIdleTimeout] Time in ms before idle peer-initiated streams are destroyed
  * @property {number} [maxDatagramSendAttempts] Maximum number of times a
  *   datagram is retried before being abandoned. Range `1..255`.
  *   **Default:** `5`.
@@ -906,6 +923,17 @@ setCallbacks({
     // from QuicError::ToV8Value. Convert to a proper Node.js Error.
     if (error !== undefined) {
       error = convertQuicError(error);
+    } else if (this[kOwner] && !this[kOwner].destroyed) {
+      // The stream is closing cleanly, but it may have been reset by the
+      // peer (ReceiveStreamReset) or locally (resetStream). The C++ side
+      // records the reset code in state.resetCode. If set, surface the
+      // reset as the close error so stream.closed rejects -- the reset
+      // was an abnormal termination even if the session closed cleanly.
+      const resetCode = getQuicStreamState(this[kOwner]).resetCode;
+      if (resetCode !== undefined && resetCode > 0n) {
+        error = new ERR_QUIC_APPLICATION_ERROR(
+          resetCode, `stream reset with code ${resetCode}`);
+      }
     }
     debug(`stream ${this[kOwner].id} closed callback with error: ${error}`);
     this[kOwner][kFinishClose](error);
@@ -2620,6 +2648,11 @@ class QuicSession {
     onkeylog: undefined,
     onqlog: undefined,
     pendingQlog: undefined,
+    // Default to 'manual' (no auto-rejection). Client sessions override
+    // this via kVerifyPeer in kConnect. Server sessions keep 'manual'
+    // because server-side cert validation is handled by rejectUnauthorized
+    // at the C++ level.
+    verifyPeer: 'manual',
     handshakeInfo: undefined,
     /** @type {QuicSessionPath|undefined} */
     path: undefined,
@@ -3836,6 +3869,22 @@ class QuicSession {
       safeCallbackInvoke(inner.onhandshake, this, info);
     }
 
+    // In 'auto' mode, reject the connection if peer certificate validation
+    // failed. In 'manual' mode, resolve regardless and let the application
+    // decide. In 'strict' mode, the handshake already failed at the C++
+    // level (SSL_VERIFY_PEER) so we won't reach here.
+    if (inner.verifyPeer === 'auto' && validationErrorReason !== undefined) {
+      const err = new ERR_QUIC_TRANSPORT_ERROR(
+        0, `Peer certificate validation failed: ${validationErrorReason}` +
+           ` [${validationErrorCode}]`);
+      inner.pendingOpen.reject?.(err);
+      inner.pendingOpen.resolve = undefined;
+      inner.pendingOpen.reject = undefined;
+      inner.handshakeCompleted = true;
+      this.destroy();
+      return;
+    }
+
     inner.pendingOpen.resolve?.(info);
     inner.pendingOpen.resolve = undefined;
     inner.pendingOpen.reject = undefined;
@@ -3847,6 +3896,14 @@ class QuicSession {
     return this.#inner.handshakeCompleted;
   }
 
+  get [kVerifyPeer]() {
+    return this.#inner.verifyPeer;
+  }
+
+  set [kVerifyPeer](value) {
+    this.#inner.verifyPeer = value;
+  }
+
   /**
    * @param {object} handle
    * @param {number} direction
@@ -3997,10 +4054,20 @@ class QuicEndpoint {
       tokenExpiration,
       maxConnectionsPerHost = 100,
       maxConnectionsTotal = 10_000,
-      maxStatelessResetsPerHost,
       disableStatelessReset,
       addressLRUSize,
-      maxRetries,
+      retryRate,
+      retryBurst,
+      statelessResetRate,
+      statelessResetBurst,
+      versionNegotiationRate,
+      versionNegotiationBurst,
+      immediateCloseRate,
+      immediateCloseBurst,
+      sessionCreationRate,
+      sessionCreationBurst,
+      blockList,
+      blockListPolicy = 'deny',
       rxDiagnosticLoss,
       txDiagnosticLoss,
       udpReceiveBufferSize,
@@ -4015,6 +4082,16 @@ class QuicEndpoint {
       tokenSecret,
     } = options;
 
+    if (blockList !== undefined) {
+      if (!BlockList.isBlockList(blockList)) {
+        throw new ERR_INVALID_ARG_TYPE('options.blockList',
+                                       'net.BlockList', blockList);
+      }
+    }
+
+    validateOneOf(blockListPolicy, 'options.blockListPolicy',
+                  ['deny', 'allow']);
+
     // All of the other options will be validated internally by the C++ code
     if (address !== undefined && !SocketAddress.isSocketAddress(address)) {
       if (typeof address === 'string') {
@@ -4034,10 +4111,21 @@ class QuicEndpoint {
       // Connection limits are set on the state buffer, not passed to C++.
       maxConnectionsPerHost,
       maxConnectionsTotal,
-      maxStatelessResetsPerHost,
       disableStatelessReset,
       addressLRUSize,
-      maxRetries,
+      retryRate,
+      retryBurst,
+      statelessResetRate,
+      statelessResetBurst,
+      versionNegotiationRate,
+      versionNegotiationBurst,
+      immediateCloseRate,
+      immediateCloseBurst,
+      sessionCreationRate,
+      sessionCreationBurst,
+      // Pass the C++ handle, not the JS BlockList wrapper.
+      blockList: blockList?.[kBlockListHandle],
+      blockListPolicy,
       rxDiagnosticLoss,
       txDiagnosticLoss,
       udpReceiveBufferSize,
@@ -4282,6 +4370,10 @@ class QuicEndpoint {
     // Set callbacks before any async work to avoid missing events
     // that fire during or immediately after the handshake.
     applyCallbacks(session, options);
+    // Store the verifyPeer policy for use in the handshake handler.
+    if (options.verifyPeer !== undefined) {
+      session[kVerifyPeer] = options.verifyPeer;
+    }
     return session;
   }
 
@@ -4919,7 +5011,7 @@ function processSessionOptions(options, config = kEmptyObject) {
     reuseEndpoint = true,
     version,
     minVersion,
-    preferredAddressPolicy = 'default',
+    preferredAddressPolicy = 'ignore',
     transportParams = kEmptyObject,
     qlog = false,
     sessionTicket,
@@ -4935,6 +5027,8 @@ function processSessionOptions(options, config = kEmptyObject) {
     datagramDropPolicy = 'drop-oldest',
     drainingPeriodMultiplier = 3,
     maxDatagramSendAttempts = 5,
+    streamIdleTimeout,
+    verifyPeer = 'auto',
     // HTTP/3 application-specific options. Nested under `application`
     // to separate protocol-specific settings from transport-level ones.
     application = kEmptyObject,
@@ -4981,6 +5075,9 @@ function processSessionOptions(options, config = kEmptyObject) {
   validateOneOf(datagramDropPolicy, 'options.datagramDropPolicy',
                 ['drop-oldest', 'drop-newest']);
 
+  validateOneOf(verifyPeer, 'options.verifyPeer',
+                ['strict', 'auto', 'manual']);
+
   validateInteger(drainingPeriodMultiplier, 'options.drainingPeriodMultiplier',
                   3, 255);
 
@@ -5030,7 +5127,19 @@ function processSessionOptions(options, config = kEmptyObject) {
       preferredAddressIpv4: preferredAddressIpv4?.[kSocketAddressHandle],
       preferredAddressIpv6: preferredAddressIpv6?.[kSocketAddressHandle],
     },
-    tls: processTlsOptions(options, forServer),
+    tls: {
+      ...processTlsOptions(options, forServer),
+      // Forward strict mode to C++ so SSL_VERIFY_PEER is set on the
+      // client SSL_CTX. For 'auto' and 'manual' modes, the handshake
+      // completes regardless and the result is handled in JS.
+      verifyPeerStrict: verifyPeer === 'strict',
+      // Enable hostname verification for 'strict' and 'auto' modes.
+      // SSL_set1_host tells OpenSSL to verify the server certificate's
+      // SAN/CN matches the servername. Without this, a valid cert for
+      // any domain would be accepted.
+      verifyHostname: verifyPeer !== 'manual',
+    },
+    verifyPeer,
     qlog,
     maxPayloadSize,
     unacknowledgedPacketThreshold,
@@ -5045,6 +5154,7 @@ function processSessionOptions(options, config = kEmptyObject) {
     datagramDropPolicy,
     drainingPeriodMultiplier,
     maxDatagramSendAttempts,
+    streamIdleTimeout,
     application,
     onerror,
     onstream,
diff --git a/lib/internal/quic/stats.js b/lib/internal/quic/stats.js
index b6500e6700713e..cd986827c12c47 100644
--- a/lib/internal/quic/stats.js
+++ b/lib/internal/quic/stats.js
@@ -60,9 +60,15 @@ const {
   IDX_STATS_ENDPOINT_CLIENT_SESSIONS,
   IDX_STATS_ENDPOINT_SERVER_BUSY_COUNT,
   IDX_STATS_ENDPOINT_RETRY_COUNT,
+  IDX_STATS_ENDPOINT_RETRY_RATE_LIMITED,
   IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_COUNT,
+  IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_RATE_LIMITED,
   IDX_STATS_ENDPOINT_STATELESS_RESET_COUNT,
+  IDX_STATS_ENDPOINT_STATELESS_RESET_RATE_LIMITED,
   IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_COUNT,
+  IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_RATE_LIMITED,
+  IDX_STATS_ENDPOINT_SESSION_CREATION_RATE_LIMITED,
+  IDX_STATS_ENDPOINT_PACKETS_BLOCKED,
 
   IDX_STATS_SESSION_CREATED_AT,
   IDX_STATS_SESSION_DESTROYED_AT,
@@ -95,6 +101,7 @@ const {
   IDX_STATS_SESSION_DATAGRAMS_SENT,
   IDX_STATS_SESSION_DATAGRAMS_ACKNOWLEDGED,
   IDX_STATS_SESSION_DATAGRAMS_LOST,
+  IDX_STATS_SESSION_STREAMS_IDLE_TIMED_OUT,
   IDX_STATS_SESSION_COUNT,
 
   IDX_STATS_STREAM_CREATED_AT,
@@ -123,9 +130,15 @@ assert(IDX_STATS_ENDPOINT_SERVER_SESSIONS !== undefined);
 assert(IDX_STATS_ENDPOINT_CLIENT_SESSIONS !== undefined);
 assert(IDX_STATS_ENDPOINT_SERVER_BUSY_COUNT !== undefined);
 assert(IDX_STATS_ENDPOINT_RETRY_COUNT !== undefined);
+assert(IDX_STATS_ENDPOINT_RETRY_RATE_LIMITED !== undefined);
 assert(IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_COUNT !== undefined);
+assert(IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_RATE_LIMITED !== undefined);
 assert(IDX_STATS_ENDPOINT_STATELESS_RESET_COUNT !== undefined);
+assert(IDX_STATS_ENDPOINT_STATELESS_RESET_RATE_LIMITED !== undefined);
 assert(IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_COUNT !== undefined);
+assert(IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_RATE_LIMITED !== undefined);
+assert(IDX_STATS_ENDPOINT_SESSION_CREATION_RATE_LIMITED !== undefined);
+assert(IDX_STATS_ENDPOINT_PACKETS_BLOCKED !== undefined);
 assert(IDX_STATS_SESSION_CREATED_AT !== undefined);
 assert(IDX_STATS_SESSION_DESTROYED_AT !== undefined);
 assert(IDX_STATS_SESSION_CLOSING_AT !== undefined);
@@ -157,6 +170,7 @@ assert(IDX_STATS_SESSION_DATAGRAMS_RECEIVED !== undefined);
 assert(IDX_STATS_SESSION_DATAGRAMS_SENT !== undefined);
 assert(IDX_STATS_SESSION_DATAGRAMS_ACKNOWLEDGED !== undefined);
 assert(IDX_STATS_SESSION_DATAGRAMS_LOST !== undefined);
+assert(IDX_STATS_SESSION_STREAMS_IDLE_TIMED_OUT !== undefined);
 assert(IDX_STATS_STREAM_CREATED_AT !== undefined);
 assert(IDX_STATS_STREAM_OPENED_AT !== undefined);
 assert(IDX_STATS_STREAM_RECEIVED_AT !== undefined);
@@ -280,24 +294,60 @@ class QuicEndpointStats {
     return this.#handle[IDX_STATS_ENDPOINT_RETRY_COUNT];
   }
 
+  /** @type {bigint} */
+  get retryRateLimited() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_RETRY_RATE_LIMITED];
+  }
+
   /** @type {bigint} */
   get versionNegotiationCount() {
     assertIsQuicEndpointStats(this);
     return this.#handle[IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_COUNT];
   }
 
+  /** @type {bigint} */
+  get versionNegotiationRateLimited() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_VERSION_NEGOTIATION_RATE_LIMITED];
+  }
+
   /** @type {bigint} */
   get statelessResetCount() {
     assertIsQuicEndpointStats(this);
     return this.#handle[IDX_STATS_ENDPOINT_STATELESS_RESET_COUNT];
   }
 
+  /** @type {bigint} */
+  get statelessResetRateLimited() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_STATELESS_RESET_RATE_LIMITED];
+  }
+
   /** @type {bigint} */
   get immediateCloseCount() {
     assertIsQuicEndpointStats(this);
     return this.#handle[IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_COUNT];
   }
 
+  /** @type {bigint} */
+  get immediateCloseRateLimited() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_IMMEDIATE_CLOSE_RATE_LIMITED];
+  }
+
+  /** @type {bigint} */
+  get sessionCreationRateLimited() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_SESSION_CREATION_RATE_LIMITED];
+  }
+
+  /** @type {bigint} */
+  get packetsBlocked() {
+    assertIsQuicEndpointStats(this);
+    return this.#handle[IDX_STATS_ENDPOINT_PACKETS_BLOCKED];
+  }
+
   toString() {
     return JSONStringify(this.toJSON());
   }
@@ -315,9 +365,15 @@ class QuicEndpointStats {
       clientSessions,
       serverBusyCount,
       retryCount,
+      retryRateLimited,
       versionNegotiationCount,
+      versionNegotiationRateLimited,
       statelessResetCount,
+      statelessResetRateLimited,
       immediateCloseCount,
+      immediateCloseRateLimited,
+      sessionCreationRateLimited,
+      packetsBlocked,
     } = this;
     return {
       __proto__: null,
@@ -334,9 +390,15 @@ class QuicEndpointStats {
       clientSessions: `${clientSessions}`,
       serverBusyCount: `${serverBusyCount}`,
       retryCount: `${retryCount}`,
+      retryRateLimited: `${retryRateLimited}`,
       versionNegotiationCount: `${versionNegotiationCount}`,
+      versionNegotiationRateLimited: `${versionNegotiationRateLimited}`,
       statelessResetCount: `${statelessResetCount}`,
+      statelessResetRateLimited: `${statelessResetRateLimited}`,
       immediateCloseCount: `${immediateCloseCount}`,
+      immediateCloseRateLimited: `${immediateCloseRateLimited}`,
+      sessionCreationRateLimited: `${sessionCreationRateLimited}`,
+      packetsBlocked: `${packetsBlocked}`,
     };
   }
 
@@ -363,9 +425,15 @@ class QuicEndpointStats {
       clientSessions,
       serverBusyCount,
       retryCount,
+      retryRateLimited,
       versionNegotiationCount,
+      versionNegotiationRateLimited,
       statelessResetCount,
+      statelessResetRateLimited,
       immediateCloseCount,
+      immediateCloseRateLimited,
+      sessionCreationRateLimited,
+      packetsBlocked,
     } = this;
 
     return `QuicEndpointStats ${inspect({
@@ -380,9 +448,15 @@ class QuicEndpointStats {
       clientSessions,
       serverBusyCount,
       retryCount,
+      retryRateLimited,
       versionNegotiationCount,
+      versionNegotiationRateLimited,
       statelessResetCount,
+      statelessResetRateLimited,
       immediateCloseCount,
+      immediateCloseRateLimited,
+      sessionCreationRateLimited,
+      packetsBlocked,
     }, opts)}`;
   }
 
@@ -617,6 +691,13 @@ class QuicSessionStats {
     return this.#handle[this.#offset + IDX_STATS_SESSION_DATAGRAMS_LOST];
   }
 
+  /** @type {bigint} */
+  get streamsIdleTimedOut() {
+    assertIsQuicSessionStats(this);
+    return this.#handle[this.#offset +
+                         IDX_STATS_SESSION_STREAMS_IDLE_TIMED_OUT];
+  }
+
   toString() {
     return JSONStringify(this.toJSON());
   }
@@ -654,6 +735,7 @@ class QuicSessionStats {
       datagramsSent,
       datagramsAcknowledged,
       datagramsLost,
+      streamsIdleTimedOut,
     } = this;
     return {
       __proto__: null,
@@ -690,6 +772,7 @@ class QuicSessionStats {
       datagramsSent: `${datagramsSent}`,
       datagramsAcknowledged: `${datagramsAcknowledged}`,
       datagramsLost: `${datagramsLost}`,
+      streamsIdleTimedOut: `${streamsIdleTimedOut}`,
     };
   }
 
@@ -735,6 +818,7 @@ class QuicSessionStats {
       datagramsSent,
       datagramsAcknowledged,
       datagramsLost,
+      streamsIdleTimedOut,
     } = this;
 
     return `QuicSessionStats ${inspect({
@@ -769,6 +853,7 @@ class QuicSessionStats {
       datagramsSent,
       datagramsAcknowledged,
       datagramsLost,
+      streamsIdleTimedOut,
     }, opts)}`;
   }
 
diff --git a/lib/internal/quic/symbols.js b/lib/internal/quic/symbols.js
index 75f5b72ae22669..288d3ebae2a8e8 100644
--- a/lib/internal/quic/symbols.js
+++ b/lib/internal/quic/symbols.js
@@ -38,6 +38,7 @@ const kFinishClose = Symbol('kFinishClose');
 const kGoaway = Symbol('kGoaway');
 const kHandshake = Symbol('kHandshake');
 const kHandshakeCompleted = Symbol('kHandshakeCompleted');
+const kVerifyPeer = Symbol('kVerifyPeer');
 const kHeaders = Symbol('kHeaders');
 const kKeylog = Symbol('kKeylog');
 const kListen = Symbol('kListen');
@@ -70,6 +71,7 @@ module.exports = {
   kGoaway,
   kHandshake,
   kHandshakeCompleted,
+  kVerifyPeer,
   kHeaders,
   kInspect,
   kKeylog,
diff --git a/node.gyp b/node.gyp
index 1a724ccb771342..9c6d44d90bbba1 100644
--- a/node.gyp
+++ b/node.gyp
@@ -463,6 +463,7 @@
       'test/cctest/test_quic_cid.cc',
       'test/cctest/test_quic_error.cc',
       'test/cctest/test_quic_preferredaddress.cc',
+      'test/cctest/test_quic_tokenbucket.cc',
       'test/cctest/test_quic_tokens.cc',
     ],
     'node_cctest_inspector_sources': [
diff --git a/src/node_sockaddr-inl.h b/src/node_sockaddr-inl.h
index bc055da535c2d4..b02999d047800f 100644
--- a/src/node_sockaddr-inl.h
+++ b/src/node_sockaddr-inl.h
@@ -186,10 +186,10 @@ typename T::Type* SocketAddressLRU<T>::Peek(
 }
 
 template <typename T>
-void SocketAddressLRU<T>::CheckExpired() {
+void SocketAddressLRU<T>::CheckExpired(uint64_t now) {
   auto it = list_.rbegin();
   while (it != list_.rend()) {
-    if (T::CheckExpired(it->first, it->second)) {
+    if (T::CheckExpired(it->first, it->second, now)) {
       map_.erase(it->first);
       list_.pop_back();
       it = list_.rbegin();
@@ -211,21 +211,20 @@ void SocketAddressLRU<T>::MemoryInfo(MemoryTracker* tracker) const {
 // cache and adjust if necessary. Whether the item exists or not,
 // purge expired items.
 template <typename T>
-typename T::Type* SocketAddressLRU<T>::Upsert(
-    const SocketAddress& address) {
-
-  auto on_exit = OnScopeLeave([&]() { CheckExpired(); });
+typename T::Type* SocketAddressLRU<T>::Upsert(const SocketAddress& address,
+                                              uint64_t now) {
+  auto on_exit = OnScopeLeave([&]() { CheckExpired(now); });
 
   auto it = map_.find(address);
   if (it != std::end(map_)) {
     list_.splice(list_.begin(), list_, it->second);
-    T::Touch(it->first, &it->second->second);
+    T::Touch(it->first, &it->second->second, now);
     return &it->second->second;
   }
 
   list_.push_front(Pair(address, { }));
   map_[address] = list_.begin();
-  T::Touch(list_.begin()->first, &list_.begin()->second);
+  T::Touch(list_.begin()->first, &list_.begin()->second, now);
 
   // Drop the last item in the list if we are
   // over the size limit...
diff --git a/src/node_sockaddr.cc b/src/node_sockaddr.cc
index a9f1a7376bc1fa..9348f0ac8e4dfc 100644
--- a/src/node_sockaddr.cc
+++ b/src/node_sockaddr.cc
@@ -434,8 +434,7 @@ void SocketAddressBlockList::AddSocketAddressMask(
   rules_.emplace_front(std::move(rule));
 }
 
-bool SocketAddressBlockList::Apply(
-    const std::shared_ptr<SocketAddress>& address) {
+bool SocketAddressBlockList::Apply(const SocketAddress& address) {
   Mutex::ScopedLock lock(mutex_);
   for (const auto& rule : rules_) {
     if (rule->Apply(address)) return true;
@@ -457,8 +456,8 @@ SocketAddressBlockList::SocketAddressMaskRule::SocketAddressMaskRule(
     : network(network_), prefix(prefix_) {}
 
 bool SocketAddressBlockList::SocketAddressRule::Apply(
-    const std::shared_ptr<SocketAddress>& address) {
-  return this->address->is_match(*address.get());
+    const SocketAddress& address) {
+  return this->address->is_match(address);
 }
 
 std::string SocketAddressBlockList::SocketAddressRule::ToString() {
@@ -470,8 +469,8 @@ std::string SocketAddressBlockList::SocketAddressRule::ToString() {
 }
 
 bool SocketAddressBlockList::SocketAddressRangeRule::Apply(
-    const std::shared_ptr<SocketAddress>& address) {
-  return *address.get() >= *start.get() && *address.get() <= *end.get();
+    const SocketAddress& address) {
+  return address >= *start.get() && address <= *end.get();
 }
 
 std::string SocketAddressBlockList::SocketAddressRangeRule::ToString() {
@@ -485,8 +484,8 @@ std::string SocketAddressBlockList::SocketAddressRangeRule::ToString() {
 }
 
 bool SocketAddressBlockList::SocketAddressMaskRule::Apply(
-    const std::shared_ptr<SocketAddress>& address) {
-  return address->is_in_network(*network.get(), prefix);
+    const SocketAddress& address) {
+  return address.is_in_network(*network.get(), prefix);
 }
 
 std::string SocketAddressBlockList::SocketAddressMaskRule::ToString() {
@@ -656,7 +655,7 @@ void SocketAddressBlockListWrap::Check(
   SocketAddressBase* addr;
   ASSIGN_OR_RETURN_UNWRAP(&addr, args[0]);
 
-  args.GetReturnValue().Set(wrap->blocklist_->Apply(addr->address()));
+  args.GetReturnValue().Set(wrap->blocklist_->Apply(*addr->address()));
 }
 
 void SocketAddressBlockListWrap::GetRules(
diff --git a/src/node_sockaddr.h b/src/node_sockaddr.h
index d67a26e8615cdc..05bb127b012f83 100644
--- a/src/node_sockaddr.h
+++ b/src/node_sockaddr.h
@@ -213,8 +213,9 @@ class SocketAddressLRU : public MemoryRetainer {
   // If the item already exists, returns a reference to
   // the existing item, adjusting items position in the
   // LRU. If the item does not exist, emplaces the item
-  // and returns the new item.
-  Type* Upsert(const SocketAddress& address);
+  // and returns the new item. The caller provides a
+  // timestamp to avoid redundant uv_hrtime() calls.
+  Type* Upsert(const SocketAddress& address, uint64_t now);
 
   // Returns a reference to the item if it exists, or
   // nullptr. The position in the LRU is not modified.
@@ -231,7 +232,7 @@ class SocketAddressLRU : public MemoryRetainer {
   using Pair = std::pair<SocketAddress, Type>;
   using Iterator = typename std::list<Pair>::iterator;
 
-  void CheckExpired();
+  void CheckExpired(uint64_t now);
 
   std::list<Pair> list_;
   SocketAddress::Map<Iterator> map_;
@@ -257,14 +258,14 @@ class SocketAddressBlockList : public MemoryRetainer {
   void AddSocketAddressMask(const std::shared_ptr<SocketAddress>& address,
                             int prefix);
 
-  bool Apply(const std::shared_ptr<SocketAddress>& address);
+  bool Apply(const SocketAddress& address);
 
   size_t size() const { return rules_.size(); }
 
   v8::MaybeLocal<v8::Array> ListRules(Environment* env);
 
   struct Rule : public MemoryRetainer {
-    virtual bool Apply(const std::shared_ptr<SocketAddress>& address) = 0;
+    virtual bool Apply(const SocketAddress& address) = 0;
     inline v8::MaybeLocal<v8::Value> ToV8String(Environment* env);
     virtual std::string ToString() = 0;
   };
@@ -274,7 +275,7 @@ class SocketAddressBlockList : public MemoryRetainer {
 
     explicit SocketAddressRule(const std::shared_ptr<SocketAddress>& address);
 
-    bool Apply(const std::shared_ptr<SocketAddress>& address) override;
+    bool Apply(const SocketAddress& address) override;
     std::string ToString() override;
 
     void MemoryInfo(node::MemoryTracker* tracker) const override;
@@ -289,7 +290,7 @@ class SocketAddressBlockList : public MemoryRetainer {
     SocketAddressRangeRule(const std::shared_ptr<SocketAddress>& start,
                            const std::shared_ptr<SocketAddress>& end);
 
-    bool Apply(const std::shared_ptr<SocketAddress>& address) override;
+    bool Apply(const SocketAddress& address) override;
     std::string ToString() override;
 
     void MemoryInfo(node::MemoryTracker* tracker) const override;
@@ -304,7 +305,7 @@ class SocketAddressBlockList : public MemoryRetainer {
     SocketAddressMaskRule(const std::shared_ptr<SocketAddress>& address,
                           int prefix);
 
-    bool Apply(const std::shared_ptr<SocketAddress>& address) override;
+    bool Apply(const SocketAddress& address) override;
     std::string ToString() override;
 
     void MemoryInfo(node::MemoryTracker* tracker) const override;
@@ -352,6 +353,10 @@ class SocketAddressBlockListWrap : public BaseObject {
                              std::shared_ptr<SocketAddressBlockList> blocklist =
                                  std::make_shared<SocketAddressBlockList>());
 
+  inline const std::shared_ptr<SocketAddressBlockList>& blocklist() const {
+    return blocklist_;
+  }
+
   void MemoryInfo(node::MemoryTracker* tracker) const override;
   SET_MEMORY_INFO_NAME(SocketAddressBlockListWrap)
   SET_SELF_SIZE(SocketAddressBlockListWrap)
diff --git a/src/quic/application.cc b/src/quic/application.cc
index c37b22c2bd3209..ce5d5e12154d8a 100644
--- a/src/quic/application.cc
+++ b/src/quic/application.cc
@@ -115,6 +115,13 @@ Maybe<Session::Application_Options> Session::Application_Options::From(
 
 #undef SET
 
+  // Ensure the advertised max_field_section_size in SETTINGS is at least
+  // as large as max_header_length. Otherwise the peer would be told to
+  // restrict headers to a smaller size than what CanAddHeader accepts.
+  if (options.max_field_section_size < options.max_header_length) {
+    options.max_field_section_size = options.max_header_length;
+  }
+
   return Just<Application_Options>(options);
 }
 
@@ -717,8 +724,11 @@ class DefaultApplication final : public Session::Application {
 
   void EarlyDataRejected() override {
     // Destroy all open streams — ngtcp2 has already discarded their
-    // internal state when it rejected the early data.
-    session().DestroyAllStreams(QuicError::ForApplication(0));
+    // internal state when it rejected the early data. Use the
+    // application's internal error code since this is an error
+    // condition (code 0 would be treated as a clean close).
+    session().DestroyAllStreams(
+        QuicError::ForApplication(GetInternalErrorCode()));
     if (!session().is_destroyed()) {
       session().EmitEarlyDataRejected();
     }
diff --git a/src/quic/bindingdata.h b/src/quic/bindingdata.h
index c3c5e9fc7834df..978dad44467585 100644
--- a/src/quic/bindingdata.h
+++ b/src/quic/bindingdata.h
@@ -70,6 +70,7 @@ class SessionManager;
   V(ack_delay_exponent, "ackDelayExponent")                                    \
   V(active_connection_id_limit, "activeConnectionIDLimit")                     \
   V(address_lru_size, "addressLRUSize")                                        \
+  V(allow, "allow")                                                            \
   V(application, "application")                                                \
   V(authoritative, "authoritative")                                            \
   V(bbr, "bbr")                                                                \
@@ -81,6 +82,7 @@ class SessionManager;
   V(crl, "crl")                                                                \
   V(cubic, "cubic")                                                            \
   V(datagram_drop_policy, "datagramDropPolicy")                                \
+  V(deny, "deny")                                                              \
   V(disable_stateless_reset, "disableStatelessReset")                          \
   V(draining_period_multiplier, "drainingPeriodMultiplier")                    \
   V(enable_connect_protocol, "enableConnectProtocol")                          \
@@ -111,14 +113,25 @@ class SessionManager;
   V(max_connections_total, "maxConnectionsTotal")                              \
   V(max_datagram_frame_size, "maxDatagramFrameSize")                           \
   V(max_datagram_send_attempts, "maxDatagramSendAttempts")                     \
+  V(stream_idle_timeout, "streamIdleTimeout")                                  \
   V(max_field_section_size, "maxFieldSectionSize")                             \
   V(max_header_length, "maxHeaderLength")                                      \
   V(max_header_pairs, "maxHeaderPairs")                                        \
   V(idle_timeout, "idleTimeout")                                               \
   V(max_idle_timeout, "maxIdleTimeout")                                        \
   V(max_payload_size, "maxPayloadSize")                                        \
-  V(max_retries, "maxRetries")                                                 \
-  V(max_stateless_resets, "maxStatelessResetsPerHost")                         \
+  V(retry_rate, "retryRate")                                                   \
+  V(retry_burst, "retryBurst")                                                 \
+  V(stateless_reset_rate, "statelessResetRate")                                \
+  V(stateless_reset_burst, "statelessResetBurst")                              \
+  V(version_negotiation_rate, "versionNegotiationRate")                        \
+  V(version_negotiation_burst, "versionNegotiationBurst")                      \
+  V(immediate_close_rate, "immediateCloseRate")                                \
+  V(immediate_close_burst, "immediateCloseBurst")                              \
+  V(session_creation_rate, "sessionCreationRate")                              \
+  V(session_creation_burst, "sessionCreationBurst")                            \
+  V(block_list, "blockList")                                                   \
+  V(block_list_policy, "blockListPolicy")                                      \
   V(max_stream_window, "maxStreamWindow")                                      \
   V(max_window, "maxWindow")                                                   \
   V(min_version, "minVersion")                                                 \
@@ -156,6 +169,8 @@ class SessionManager;
   V(unacknowledged_packet_threshold, "unacknowledgedPacketThreshold")          \
   V(validate_address, "validateAddress")                                       \
   V(verify_client, "verifyClient")                                             \
+  V(verify_hostname, "verifyHostname")                                         \
+  V(verify_peer_strict, "verifyPeerStrict")                                    \
   V(verify_private_key, "verifyPrivateKey")                                    \
   V(version, "version")
 
diff --git a/src/quic/data.cc b/src/quic/data.cc
index aebae9099a2b5f..4c515d8931291e 100644
--- a/src/quic/data.cc
+++ b/src/quic/data.cc
@@ -365,12 +365,12 @@ std::optional<int> QuicError::get_crypto_error() const {
 
 MaybeLocal<Value> QuicError::ToV8Value(Environment* env) const {
   if ((type() == Type::TRANSPORT && code() == NGTCP2_NO_ERROR) ||
-      (type() == Type::APPLICATION && code() == NGHTTP3_H3_NO_ERROR) ||
+      (type() == Type::APPLICATION &&
+       (code() == 0 || code() == NGHTTP3_H3_NO_ERROR)) ||
       type() == Type::IDLE_CLOSE) {
-    // Note that we only return undefined for *known* no-error application
-    // codes. It is possible that other application types use other specific
-    // no-error codes, but since we don't know which application is being used,
-    // we'll just return the error code value for those below.
+    // Application code 0 is the default no-error code for raw QUIC
+    // applications (DefaultApplication::GetNoErrorCode() returns 0).
+    // NGHTTP3_H3_NO_ERROR (0x100) is the HTTP/3 no-error code.
     // Idle close is always clean — the session timed out normally.
     return Undefined(env->isolate());
   }
diff --git a/src/quic/defs.h b/src/quic/defs.h
index 6b18c19f4c3c6d..75ae915335be93 100644
--- a/src/quic/defs.h
+++ b/src/quic/defs.h
@@ -360,6 +360,33 @@ constexpr auto kSocketAddressInfoTimeout = 60 * NGTCP2_SECONDS;
 constexpr size_t kMaxVectorCount = 16;
 constexpr stream_id kMaxStreamId = std::numeric_limits<stream_id>::max();
 
+// A token bucket rate limiter using lazy refill. No timer needed — tokens
+// are computed on demand from the elapsed time since the last check.
+// Used to cap the total rate of stateless responses (retry, reset,
+// version negotiation, immediate close) regardless of source address,
+// preventing spoofed-source floods from bypassing per-host limits.
+struct TokenBucket final {
+  double rate;       // tokens per second (refill rate)
+  double burst;      // maximum tokens (bucket capacity)
+  double tokens;     // current token count
+  uint64_t last_ts;  // last refill timestamp (nanoseconds, uv_hrtime)
+
+  TokenBucket() : rate(0), burst(0), tokens(0), last_ts(0) {}
+  TokenBucket(double rate, double burst);
+
+  // Reinitialize the bucket with new rate/burst parameters if it
+  // hasn't been initialized yet (last_ts == 0). Used for per-host
+  // buckets in the address LRU where the rate/burst aren't known
+  // at construction time.
+  void InitOnce(double r, double b, uint64_t now);
+
+  // Try to consume one token. Refills based on elapsed time, then
+  // attempts to consume. Returns true if the request is allowed.
+  // The caller provides the current timestamp to avoid redundant
+  // uv_hrtime() calls in hot paths.
+  bool consume(uint64_t now);
+};
+
 class DebugIndentScope final {
  public:
   inline DebugIndentScope() { ++indent_; }
diff --git a/src/quic/endpoint.cc b/src/quic/endpoint.cc
index 1a72113dc7bea4..5a728a0a2a147e 100644
--- a/src/quic/endpoint.cc
+++ b/src/quic/endpoint.cc
@@ -73,9 +73,15 @@ namespace quic {
   V(CLIENT_SESSIONS, client_sessions)                                          \
   V(SERVER_BUSY_COUNT, server_busy_count)                                      \
   V(RETRY_COUNT, retry_count)                                                  \
+  V(RETRY_RATE_LIMITED, retry_rate_limited)                                    \
   V(VERSION_NEGOTIATION_COUNT, version_negotiation_count)                      \
+  V(VERSION_NEGOTIATION_RATE_LIMITED, version_negotiation_rate_limited)        \
   V(STATELESS_RESET_COUNT, stateless_reset_count)                              \
-  V(IMMEDIATE_CLOSE_COUNT, immediate_close_count)
+  V(STATELESS_RESET_RATE_LIMITED, stateless_reset_rate_limited)                \
+  V(IMMEDIATE_CLOSE_COUNT, immediate_close_count)                              \
+  V(IMMEDIATE_CLOSE_RATE_LIMITED, immediate_close_rate_limited)                \
+  V(SESSION_CREATION_RATE_LIMITED, session_creation_rate_limited)              \
+  V(PACKETS_BLOCKED, packets_blocked)
 
 struct Endpoint::State {
 #define V(_, name, type) type name;
@@ -85,6 +91,31 @@ struct Endpoint::State {
 
 STAT_STRUCT(Endpoint, ENDPOINT)
 
+TokenBucket::TokenBucket(double rate, double burst)
+    : rate(rate), burst(burst), tokens(burst), last_ts(uv_hrtime()) {}
+
+void TokenBucket::InitOnce(double r, double b, uint64_t now) {
+  if (last_ts == 0) {
+    rate = r;
+    burst = b;
+    tokens = b;
+    last_ts = now;
+  }
+}
+
+// Try to consume one token. Refills based on elapsed time, then
+// attempts to consume. Returns true if the request is allowed.
+bool TokenBucket::consume(uint64_t now) {
+  double elapsed = static_cast<double>(now - last_ts) / 1e9;  // seconds
+  last_ts = now;
+  tokens = std::min(burst, tokens + elapsed * rate);
+  if (tokens >= 1.0) {
+    tokens -= 1.0;
+    return true;
+  }
+  return false;
+}
+
 // ============================================================================
 // Endpoint::Options
 namespace {
@@ -97,6 +128,7 @@ bool is_diagnostic_packet_loss(double probability) {
   CHECK(ncrypto::CSPRNG(&c, 1));
   return (static_cast<double>(c) / 255) < probability;
 }
+#endif  // DEBUG
 
 template <typename Opt, double Opt::*member>
 bool SetOption(Environment* env,
@@ -106,18 +138,24 @@ bool SetOption(Environment* env,
   Local<Value> value;
   if (!object->Get(env->context(), name).ToLocal(&value)) return false;
   if (!value->IsUndefined()) {
-    Local<Number> num;
-    if (!value->ToNumber(env->context()).ToLocal(&num)) {
+    if (!value->IsNumber()) {
       Utf8Value nameStr(env->isolate(), name);
       THROW_ERR_INVALID_ARG_VALUE(
           env, "The %s option must be a number", nameStr);
       return false;
     }
-    options->*member = num->Value();
+    Local<Number> num = value.As<Number>();
+    double dbl = num->Value();
+    if (dbl < 0) {
+      Utf8Value nameStr(env->isolate(), name);
+      THROW_ERR_INVALID_ARG_VALUE(
+          env, "The %s option must be a non-negative number", nameStr);
+      return false;
+    }
+    options->*member = dbl;
   }
   return true;
 }
-#endif  // DEBUG
 
 template <typename Opt, uint8_t Opt::*member>
 bool SetOption(Environment* env,
@@ -133,15 +171,15 @@ bool SetOption(Environment* env,
           env, "The %s option must be an uint8", nameStr);
       return false;
     }
-    Local<Uint32> num;
-    if (!value->ToUint32(env->context()).ToLocal(&num) ||
-        num->Value() > std::numeric_limits<uint8_t>::max()) {
+    Local<Uint32> num = value.As<Uint32>();
+    uint32_t val = num->Value();
+    if (val > std::numeric_limits<uint8_t>::max()) {
       Utf8Value nameStr(env->isolate(), name);
       THROW_ERR_INVALID_ARG_VALUE(
           env, "The %s option must be an uint8", nameStr);
       return false;
     }
-    options->*member = num->Value();
+    options->*member = val;
   }
   return true;
 }
@@ -195,9 +233,13 @@ Maybe<Endpoint::Options> Endpoint::Options::From(Environment* env,
       env, &options, params, state.name##_string())
 
   if (!SET(retry_token_expiration) || !SET(token_expiration) ||
-      !SET(max_stateless_resets) || !SET(address_lru_size) ||
-      !SET(max_retries) || !SET(validate_address) ||
+      !SET(address_lru_size) || !SET(validate_address) ||
       !SET(disable_stateless_reset) || !SET(ipv6_only) || !SET(reuse_port) ||
+      !SET(retry_rate) || !SET(retry_burst) || !SET(stateless_reset_rate) ||
+      !SET(stateless_reset_burst) || !SET(version_negotiation_rate) ||
+      !SET(version_negotiation_burst) || !SET(immediate_close_rate) ||
+      !SET(immediate_close_burst) || !SET(session_creation_rate) ||
+      !SET(session_creation_burst) ||
 #ifdef DEBUG
       !SET(rx_loss) || !SET(tx_loss) ||
 #endif
@@ -227,6 +269,42 @@ Maybe<Endpoint::Options> Endpoint::Options::From(Environment* env,
     }
   }
 
+  // Parse block list option. Expects the C++ SocketAddressBlockListWrap handle
+  // (the JS side extracts [kHandle] before passing it through).
+  Local<Value> block_list_val;
+  if (!params->Get(env->context(), state.block_list_string())
+           .ToLocal(&block_list_val)) {
+    return Nothing<Options>();
+  }
+  if (!block_list_val->IsUndefined()) {
+    if (!SocketAddressBlockListWrap::HasInstance(env, block_list_val)) {
+      THROW_ERR_INVALID_ARG_TYPE(
+          env, "The blockList option must be a BlockList handle");
+      return Nothing<Options>();
+    }
+    auto* wrap =
+        FromJSObject<SocketAddressBlockListWrap>(block_list_val.As<Object>());
+    options.block_list = wrap->blocklist();
+  }
+
+  // Parse block list policy.
+  Local<Value> policy_val;
+  if (!params->Get(env->context(), state.block_list_policy_string())
+           .ToLocal(&policy_val)) {
+    return Nothing<Options>();
+  }
+  if (!policy_val->IsUndefined()) {
+    if (policy_val->StrictEquals(state.allow_string())) {
+      options.block_list_policy = Options::BlockListPolicy::ALLOW;
+    } else if (policy_val->StrictEquals(state.deny_string())) {
+      options.block_list_policy = Options::BlockListPolicy::DENY;
+    } else {
+      THROW_ERR_INVALID_ARG_VALUE(
+          env, "The blockListPolicy option must be 'deny' or 'allow'");
+      return Nothing<Options>();
+    }
+  }
+
   return Just<Options>(options);
 
 #undef SET
@@ -251,10 +329,26 @@ std::string Endpoint::Options::ToString() const {
          " seconds";
   res += prefix + "token expiration: " + std::to_string(token_expiration) +
          " seconds";
-  res +=
-      prefix + "max stateless resets: " + std::to_string(max_stateless_resets);
   res += prefix + "address lru size: " + std::to_string(address_lru_size);
-  res += prefix + "max retries: " + std::to_string(max_retries);
+  res += prefix + "retry rate: " + std::to_string(retry_rate) + "/s";
+  res += prefix + "retry burst: " + std::to_string(retry_burst);
+  res += prefix +
+         "stateless reset rate: " + std::to_string(stateless_reset_rate) + "/s";
+  res += prefix +
+         "stateless reset burst: " + std::to_string(stateless_reset_burst);
+  res += prefix + "version negotiation rate: " +
+         std::to_string(version_negotiation_rate) + "/s";
+  res += prefix + "version negotiation burst: " +
+         std::to_string(version_negotiation_burst);
+  res += prefix +
+         "immediate close rate: " + std::to_string(immediate_close_rate) + "/s";
+  res += prefix +
+         "immediate close burst: " + std::to_string(immediate_close_burst);
+  res += prefix +
+         "session creation rate: " + std::to_string(session_creation_rate) +
+         "/s";
+  res += prefix +
+         "session creation burst: " + std::to_string(session_creation_burst);
   res += prefix + "validate address: " + boolToString(validate_address);
   res += prefix +
          "disable stateless reset: " + boolToString(disable_stateless_reset);
@@ -580,8 +674,6 @@ void Endpoint::InitPerContext(Realm* realm, Local<Object> target) {
 #undef V
 
   NODE_DEFINE_CONSTANT(target, DEFAULT_MAX_SOCKETADDRESS_LRU_SIZE);
-  NODE_DEFINE_CONSTANT(target, DEFAULT_MAX_STATELESS_RESETS);
-  NODE_DEFINE_CONSTANT(target, DEFAULT_MAX_RETRY_LIMIT);
 
   static constexpr auto DEFAULT_RETRYTOKEN_EXPIRATION =
       RetryToken::QUIC_DEFAULT_RETRYTOKEN_EXPIRATION / NGTCP2_SECONDS;
@@ -643,7 +735,14 @@ Endpoint::Endpoint(Environment* env,
                     HandleScope scope(this->env()->isolate());
                     Destroy();
                   }),
-      addr_validation_lru_(options_.address_lru_size) {
+      addr_validation_lru_(options_.address_lru_size),
+      retry_bucket_(options_.retry_rate, options_.retry_burst),
+      stateless_reset_bucket_(options_.stateless_reset_rate,
+                              options_.stateless_reset_burst),
+      version_negotiation_bucket_(options_.version_negotiation_rate,
+                                  options_.version_negotiation_burst),
+      immediate_close_bucket_(options_.immediate_close_rate,
+                              options_.immediate_close_burst) {
   MakeWeak();
   udp_.Unref();
   idle_timer_.Unref();
@@ -963,63 +1062,41 @@ void Endpoint::SendBatch(Packet::Ptr* packets, size_t count) {
   }
 }
 
-void Endpoint::SendRetry(const PathDescriptor& options) {
-  // Generating and sending retry packets does consume some system resources,
-  // and it is possible for a malicious peer to trigger sending a large number
-  // of retry packets, resulting in a potential DOS vector. To help ward that
-  // off, we track how many retry packets we send to a particular host and
-  // enforce limits. Note that since we are using an LRU cache these limits
-  // aren't strict. If a retry is sent, we increment the retry_count statistic
-  // to give application code a means of detecting and responding to abuse on
-  // its own. What this count does not give is the rate of retry, so it is still
-  // somewhat limited.
+void Endpoint::SendRetry(const PathDescriptor& options, uint64_t now) {
   Debug(this, "Sending retry on path %s", options);
-  auto info = addr_validation_lru_.Upsert(options.remote_address);
-  if (++(info->retry_count) <= options_.max_retries) {
-    auto packet =
-        Packet::CreateRetryPacket(*this, options, options_.token_secret);
-    if (packet) {
-      STAT_INCREMENT(Stats, retry_count);
-      Send(std::move(packet));
-    }
+  if (!retry_bucket_.consume(now)) {
+    Debug(this, "Retry rate limit exceeded (global)");
+    STAT_INCREMENT(Stats, retry_rate_limited);
+    return;
+  }
 
-    // If creating the retry is unsuccessful, we just drop things on the floor.
-    // It's not worth committing any further resources to this one packet. We
-    // might want to log the failure at some point tho.
+  auto packet =
+      Packet::CreateRetryPacket(*this, options, options_.token_secret);
+  if (packet) {
+    STAT_INCREMENT(Stats, retry_count);
+    Send(std::move(packet));
   }
 }
 
-void Endpoint::SendVersionNegotiation(const PathDescriptor& options) {
+void Endpoint::SendVersionNegotiation(const PathDescriptor& options,
+                                      uint64_t now) {
   Debug(this, "Sending version negotiation on path %s", options);
-  // A malicious peer can trivially force version negotiation packets by
-  // sending packets with unsupported QUIC versions, potentially from
-  // spoofed source addresses. Rate-limit per remote host to prevent
-  // amplification attacks.
-  const auto exceeds_limits = [&] {
-    SocketAddressInfoTraits::Type* counts =
-        addr_validation_lru_.Peek(options.remote_address);
-    auto count = counts != nullptr ? counts->version_negotiation_count : 0;
-    return count >= kMaxVersionNegotiations;
-  };
-
-  if (exceeds_limits()) {
-    Debug(this,
-          "Version negotiation rate limit exceeded for %s",
-          options.remote_address);
+  if (!version_negotiation_bucket_.consume(now)) {
+    Debug(this, "Version negotiation rate limit exceeded (global)");
+    STAT_INCREMENT(Stats, version_negotiation_rate_limited);
     return;
   }
 
   auto packet = Packet::CreateVersionNegotiationPacket(*this, options);
   if (packet) {
-    addr_validation_lru_.Upsert(options.remote_address)
-        ->version_negotiation_count++;
     STAT_INCREMENT(Stats, version_negotiation_count);
     Send(std::move(packet));
   }
 }
 
 bool Endpoint::SendStatelessReset(const PathDescriptor& options,
-                                  size_t source_len) {
+                                  size_t source_len,
+                                  uint64_t now) {
   if (options_.disable_stateless_reset) [[unlikely]] {
     return false;
   }
@@ -1028,17 +1105,9 @@ bool Endpoint::SendStatelessReset(const PathDescriptor& options,
         options,
         source_len);
 
-  const auto exceeds_limits = [&] {
-    SocketAddressInfoTraits::Type* counts =
-        addr_validation_lru_.Peek(options.remote_address);
-    auto count = counts != nullptr ? counts->reset_count : 0;
-    return count >= options_.max_stateless_resets;
-  };
-
-  // Per the QUIC spec, we need to protect against sending too many stateless
-  // reset tokens to an endpoint to prevent endless looping.
-  if (exceeds_limits()) {
-    Debug(this, "Stateless reset rate limit exceeded");
+  if (!stateless_reset_bucket_.consume(now)) {
+    Debug(this, "Stateless reset rate limit exceeded (global)");
+    STAT_INCREMENT(Stats, stateless_reset_rate_limited);
     return false;
   }
 
@@ -1047,7 +1116,6 @@ bool Endpoint::SendStatelessReset(const PathDescriptor& options,
 
   if (packet) {
     Debug(this, "Sending stateless reset packet (%zu bytes)", packet->length());
-    addr_validation_lru_.Upsert(options.remote_address)->reset_count++;
     STAT_INCREMENT(Stats, stateless_reset_count);
     Send(std::move(packet));
     return true;
@@ -1057,33 +1125,21 @@ bool Endpoint::SendStatelessReset(const PathDescriptor& options,
 }
 
 void Endpoint::SendImmediateConnectionClose(const PathDescriptor& options,
-                                            QuicError reason) {
+                                            QuicError reason,
+                                            uint64_t now) {
   Debug(this,
         "Sending immediate connection close on path %s with reason %s",
         options,
         reason);
-  // A malicious peer can trigger immediate connection close packets by
-  // sending Initial packets with invalid tokens or when the server is
-  // busy. Rate-limit per remote host to prevent amplification attacks.
-  const auto exceeds_limits = [&] {
-    SocketAddressInfoTraits::Type* counts =
-        addr_validation_lru_.Peek(options.remote_address);
-    auto count = counts != nullptr ? counts->immediate_close_count : 0;
-    return count >= kMaxImmediateCloses;
-  };
-
-  if (exceeds_limits()) {
-    Debug(this,
-          "Immediate connection close rate limit exceeded for %s",
-          options.remote_address);
+  if (!immediate_close_bucket_.consume(now)) {
+    Debug(this, "Immediate connection close rate limit exceeded (global)");
+    STAT_INCREMENT(Stats, immediate_close_rate_limited);
     return;
   }
 
   auto packet =
       Packet::CreateImmediateConnectionClosePacket(*this, options, reason);
   if (packet) {
-    addr_validation_lru_.Upsert(options.remote_address)
-        ->immediate_close_count++;
     STAT_INCREMENT(Stats, immediate_close_count);
     Send(std::move(packet));
   }
@@ -1297,6 +1353,22 @@ void Endpoint::CloseGracefully() {
 void Endpoint::Receive(const uint8_t* data,
                        size_t len,
                        const SocketAddress& remote_address) {
+  const uint64_t now = uv_hrtime();
+
+  // Block list filtering — applied before any packet processing to
+  // minimize resource expenditure on blocked sources.
+  if (options_.block_list) {
+    bool matched = options_.block_list->Apply(remote_address);
+    bool drop = (options_.block_list_policy == Options::BlockListPolicy::DENY)
+                    ? matched    // deny list: drop if address matches
+                    : !matched;  // allow list: drop if address doesn't match
+    if (drop) {
+      Debug(this, "Packet from %s blocked by block list", remote_address);
+      STAT_INCREMENT(Stats, packets_blocked);
+      return;
+    }
+  }
+
   const auto receive = [&](Session* session,
                            const uint8_t* pkt_data,
                            size_t pkt_len,
@@ -1311,7 +1383,12 @@ void Endpoint::Receive(const uint8_t* data,
     // are generated. The deferred flush via BindingData's uv_check
     // callback calls SendPendingData once per dirty session after all
     // packets in the burst have been read.
-    if (session->ReadPacket(pkt_data, pkt_len, local_address, remote_address)) {
+    if (session->ReadPacket(pkt_data,
+                            pkt_len,
+                            local_address,
+                            remote_address,
+                            PacketInfo(),
+                            now)) {
       STAT_INCREMENT_N(Stats, bytes_received, pkt_len);
       STAT_INCREMENT(Stats, packets_received);
     }
@@ -1331,6 +1408,19 @@ void Endpoint::Receive(const uint8_t* data,
     // as a server, then we cannot accept the initial packet.
     if (is_closed() || is_closing() || !is_listening()) return;
 
+    // Per-host session creation rate limit. The bucket is initialized
+    // on first access with the configured rate/burst from options.
+    auto info = addr_validation_lru_.Upsert(config.remote_address, now);
+    info->session_creation_bucket.InitOnce(
+        options_.session_creation_rate, options_.session_creation_burst, now);
+    if (!info->session_creation_bucket.consume(now)) {
+      Debug(this,
+            "Session creation rate limit exceeded for %s",
+            config.remote_address);
+      STAT_INCREMENT(Stats, session_creation_rate_limited);
+      return;
+    }
+
     Debug(this, "Creating new session for %s", config.dcid);
 
     std::optional<SessionTicket> no_ticket = std::nullopt;
@@ -1422,7 +1512,8 @@ void Endpoint::Receive(const uint8_t* data,
       if (state_->busy) STAT_INCREMENT(Stats, server_busy_count);
       SendImmediateConnectionClose(
           PathDescriptor{version, dcid, scid, local_address, remote_address},
-          QuicError::ForTransport(NGTCP2_CONNECTION_REFUSED));
+          QuicError::ForTransport(NGTCP2_CONNECTION_REFUSED),
+          now);
       // The packet was successfully processed, even if we did refuse the
       // connection.
       STAT_INCREMENT(Stats, packets_received);
@@ -1496,7 +1587,8 @@ void Endpoint::Receive(const uint8_t* data,
         Debug(this, "Retry token from %s is invalid.", remote_address);
         SendImmediateConnectionClose(
             PathDescriptor{version, scid, dcid, local_address, remote_address},
-            QuicError::ForTransport(NGTCP2_CONNECTION_REFUSED));
+            QuicError::ForTransport(NGTCP2_CONNECTION_REFUSED),
+            now);
         STAT_INCREMENT(Stats, packets_received);
         return;
       }
@@ -1512,7 +1604,7 @@ void Endpoint::Receive(const uint8_t* data,
       // Mark the address as validated since the retry round-trip proves
       // reachability.
       Debug(this, "Remote address %s is validated", remote_address);
-      addr_validation_lru_.Upsert(remote_address)->validated = true;
+      addr_validation_lru_.Upsert(remote_address, now)->validated = true;
     }
 
     // Step 2: Address validation — decide whether to send a Retry or
@@ -1528,13 +1620,15 @@ void Endpoint::Receive(const uint8_t* data,
                     "Initial packet has no token. Sending retry to %s to start "
                     "validation",
                     remote_address);
-              SendRetry(PathDescriptor{
-                  version,
-                  dcid,
-                  scid,
-                  local_address,
-                  remote_address,
-              });
+              SendRetry(
+                  PathDescriptor{
+                      version,
+                      dcid,
+                      scid,
+                      local_address,
+                      remote_address,
+                  },
+                  now);
               STAT_INCREMENT(Stats, packets_received);
               return;
             }
@@ -1555,13 +1649,15 @@ void Endpoint::Receive(const uint8_t* data,
                   Debug(this,
                         "Regular token from %s is invalid.",
                         remote_address);
-                  SendRetry(PathDescriptor{
-                      version,
-                      dcid,
-                      scid,
-                      local_address,
-                      remote_address,
-                  });
+                  SendRetry(
+                      PathDescriptor{
+                          version,
+                          dcid,
+                          scid,
+                          local_address,
+                          remote_address,
+                      },
+                      now);
                   STAT_INCREMENT(Stats, packets_received);
                   return;
                 }
@@ -1573,20 +1669,22 @@ void Endpoint::Receive(const uint8_t* data,
                 Debug(this,
                       "Initial packet from %s has unknown token type",
                       remote_address);
-                SendRetry(PathDescriptor{
-                    version,
-                    dcid,
-                    scid,
-                    local_address,
-                    remote_address,
-                });
+                SendRetry(
+                    PathDescriptor{
+                        version,
+                        dcid,
+                        scid,
+                        local_address,
+                        remote_address,
+                    },
+                    now);
                 STAT_INCREMENT(Stats, packets_received);
                 return;
               }
             }
 
             Debug(this, "Remote address %s is validated", remote_address);
-            addr_validation_lru_.Upsert(remote_address)->validated = true;
+            addr_validation_lru_.Upsert(remote_address, now)->validated = true;
           } else if (hd.tokenlen > 0) {
             Debug(this,
                   "Ignoring initial packet from %s with unexpected token",
@@ -1598,13 +1696,15 @@ void Endpoint::Receive(const uint8_t* data,
           if (options_.validate_address) {
             Debug(
                 this, "Sending retry to %s due to 0RTT packet", remote_address);
-            SendRetry(PathDescriptor{
-                version,
-                dcid,
-                scid,
-                local_address,
-                remote_address,
-            });
+            SendRetry(
+                PathDescriptor{
+                    version,
+                    dcid,
+                    scid,
+                    local_address,
+                    remote_address,
+                },
+                now);
             STAT_INCREMENT(Stats, packets_received);
             return;
           }
@@ -1684,12 +1784,6 @@ void Endpoint::Receive(const uint8_t* data,
   }
 #endif  // DEBUG
 
-  // TODO(@jasnell): Implement blocklist support
-  // if (block_list_->Apply(remote_address)) [[unlikely]] {
-  //   Debug(this, "Ignoring blocked remote address: %s", remote_address);
-  //   return;
-  // }
-
   Debug(this, "Received %zu-byte packet from %s", len, remote_address);
 
   ngtcp2_version_cid pversion_cid;
@@ -1713,8 +1807,12 @@ void Endpoint::Receive(const uint8_t* data,
             pversion_cid.version);
       CID dcid(pversion_cid.dcid, pversion_cid.dcidlen);
       CID scid(pversion_cid.scid, pversion_cid.scidlen);
-      SendVersionNegotiation(PathDescriptor{
-          pversion_cid.version, dcid, scid, local_address(), remote_address});
+      SendVersionNegotiation(PathDescriptor{pversion_cid.version,
+                                            dcid,
+                                            scid,
+                                            local_address(),
+                                            remote_address},
+                             now);
       STAT_INCREMENT(Stats, packets_received);
       return;
     }
@@ -1793,7 +1891,8 @@ void Endpoint::Receive(const uint8_t* data,
       SendStatelessReset(
           PathDescriptor{
               pversion_cid.version, dcid, scid, addr, remote_address},
-          len);
+          len,
+          now);
       return;
     }
 
@@ -1855,13 +1954,14 @@ void Endpoint::MemoryInfo(MemoryTracker* tracker) const {
 // Endpoint::SocketAddressInfoTraits
 
 bool Endpoint::SocketAddressInfoTraits::CheckExpired(
-    const SocketAddress& address, const Type& type) {
-  return (uv_hrtime() - type.timestamp) > kSocketAddressInfoTimeout;
+    const SocketAddress& address, const Type& type, uint64_t now) {
+  return (now - type.timestamp) > kSocketAddressInfoTimeout;
 }
 
 void Endpoint::SocketAddressInfoTraits::Touch(const SocketAddress& address,
-                                              Type* type) {
-  type->timestamp = uv_hrtime();
+                                              Type* type,
+                                              uint64_t now) {
+  type->timestamp = now;
 }
 
 // ======================================================================================
diff --git a/src/quic/endpoint.h b/src/quic/endpoint.h
index da2ea253dd8d88..f54e028ead4554 100644
--- a/src/quic/endpoint.h
+++ b/src/quic/endpoint.h
@@ -29,37 +29,28 @@ class Endpoint final : public AsyncWrap, public Packet::Listener {
   // The socket address LRU is used for tracking validated remote addresses.
   static constexpr uint64_t DEFAULT_MAX_SOCKETADDRESS_LRU_SIZE = 1024;
 
-  // The max stateless resets is the maximum number of stateless reset packets
-  // that the Endpoint will generate for a given remote host within a window of
-  // time (while tracking that host in the socket address LRU). This is not
-  // mandated by QUIC, and the limit is arbitrary. We can set it to whatever
-  // we'd like. The purpose is to prevent a malicious peer from intentionally
-  // triggering generation of a large number of stateless resets. Once the
-  // limit is reached, packets that would have otherwise triggered generation
-  // of a stateless reset will simply be dropped instead.
-  static constexpr uint64_t DEFAULT_MAX_STATELESS_RESETS = 10;
-
-  // Similar to stateless resets, the max retry limit is the maximum number of
-  // retry packets that the Endpoint will generate for a given remote host
-  // within a window of time (while tracking that host in the socket address
-  // LRU). This is not mandated by QUIC, and the limit is arbitrary. We can set
-  // it to whatever we'd like. The purpose is to prevent a malicious peer from
-  // intentionally triggering generation of a large number of retries.
-  static constexpr uint64_t DEFAULT_MAX_RETRY_LIMIT = 10;
-
-  // Maximum number of version negotiation packets that will be sent to a
-  // given remote host within the LRU tracking window. Version negotiation
-  // packets are cheap to generate but can be used as an amplification
-  // vector with spoofed source addresses.
-  // TODO(@jasnell): Consider making this configurable via Endpoint::Options.
-  static constexpr uint64_t kMaxVersionNegotiations = 10;
-
-  // Maximum number of immediate connection close packets that will be sent
-  // to a given remote host within the LRU tracking window. These are sent
-  // when the server is busy or a token is invalid — a malicious peer could
-  // trigger a large number of them.
-  // TODO(@jasnell): Consider making this configurable via Endpoint::Options.
-  static constexpr uint64_t kMaxImmediateCloses = 10;
+  // Default rate limits for stateless responses. These are global token
+  // bucket limits that cap the total rate of each response type regardless
+  // of source address. This prevents spoofed-source floods from bypassing
+  // per-host limits (which are keyed by source IP and trivially defeated
+  // by rotating spoofed addresses). The rate is in responses per second
+  // and the burst is the maximum tokens the bucket can hold.
+  static constexpr double DEFAULT_RETRY_RATE = 100;
+  static constexpr double DEFAULT_RETRY_BURST = 200;
+  static constexpr double DEFAULT_STATELESS_RESET_RATE = 100;
+  static constexpr double DEFAULT_STATELESS_RESET_BURST = 200;
+  static constexpr double DEFAULT_VERSION_NEGOTIATION_RATE = 100;
+  static constexpr double DEFAULT_VERSION_NEGOTIATION_BURST = 200;
+  static constexpr double DEFAULT_IMMEDIATE_CLOSE_RATE = 100;
+  static constexpr double DEFAULT_IMMEDIATE_CLOSE_BURST = 200;
+
+  // Per-host session creation rate limit. This is tracked per validated
+  // remote address in the address LRU, preventing a single source from
+  // churning through sessions faster than the server can handle. Unlike
+  // the global stateless response buckets, this only applies after address
+  // validation (spoofed sources can't reach this path).
+  static constexpr double DEFAULT_SESSION_CREATION_RATE = 50;
+  static constexpr double DEFAULT_SESSION_CREATION_BURST = 100;
 
   // Endpoint configuration options
   struct Options final : public MemoryRetainer {
@@ -83,30 +74,28 @@ class Endpoint final : public AsyncWrap, public Packet::Listener {
     uint64_t token_expiration =
         RegularToken::QUIC_DEFAULT_REGULARTOKEN_EXPIRATION / NGTCP2_SECONDS;
 
-    // A stateless reset in QUIC is a discrete mechanism that one endpoint can
-    // use to communicate to a peer that it has lost whatever state it
-    // previously held about a session. Because generating a stateless reset
-    // consumes resources (even very modestly), they can be a DOS vector in
-    // which a malicious peer intentionally sends a large number of stateless
-    // reset eliciting packets. To protect against that risk, we limit the
-    // number of stateless resets that may be generated for a given remote host
-    // within a window of time. This is not mandated by QUIC, and the limit is
-    // arbitrary. We can set it to whatever we'd like.
-    uint64_t max_stateless_resets = DEFAULT_MAX_STATELESS_RESETS;
-
-    // For tracking the number of connections per host, the number of stateless
-    // resets that have been sent, and tracking the path verification status of
-    // a remote host, we maintain an LRU cache of the most recently seen hosts.
-    // The address_lru_size parameter determines the size of that cache. The
-    // default is set modestly at 10 times the default max connections per host.
+    // For tracking the path verification status of remote hosts, we maintain
+    // an LRU cache of the most recently seen hosts.
     uint64_t address_lru_size = DEFAULT_MAX_SOCKETADDRESS_LRU_SIZE;
 
-    // Similar to stateless resets, we enforce a limit on the number of retry
-    // packets that can be generated and sent for a remote host. Generating
-    // retry packets consumes a modest amount of resources and it's fairly
-    // trivial for a malicious peer to trigger generation of a large number of
-    // retries, so limiting them helps prevent a DOS vector.
-    uint64_t max_retries = DEFAULT_MAX_RETRY_LIMIT;
+    // Global token bucket rate limits for stateless responses. These cap
+    // the total rate of each response type regardless of source address,
+    // preventing spoofed-source floods. Rate is in responses per second,
+    // burst is the maximum number of responses that can be sent in a burst.
+    double retry_rate = DEFAULT_RETRY_RATE;
+    double retry_burst = DEFAULT_RETRY_BURST;
+    double stateless_reset_rate = DEFAULT_STATELESS_RESET_RATE;
+    double stateless_reset_burst = DEFAULT_STATELESS_RESET_BURST;
+    double version_negotiation_rate = DEFAULT_VERSION_NEGOTIATION_RATE;
+    double version_negotiation_burst = DEFAULT_VERSION_NEGOTIATION_BURST;
+    double immediate_close_rate = DEFAULT_IMMEDIATE_CLOSE_RATE;
+    double immediate_close_burst = DEFAULT_IMMEDIATE_CLOSE_BURST;
+
+    // Per-host session creation rate limit. Tracked per validated remote
+    // address in the address LRU. Set to high values for benchmarking
+    // where traffic comes from a single source.
+    double session_creation_rate = DEFAULT_SESSION_CREATION_RATE;
+    double session_creation_burst = DEFAULT_SESSION_CREATION_BURST;
 
     // The validate_address parameter instructs the Endpoint to perform explicit
     // address validation using retry tokens. This is strongly recommended and
@@ -170,6 +159,17 @@ class Endpoint final : public AsyncWrap, public Packet::Listener {
     static constexpr uint64_t DEFAULT_IDLE_TIMEOUT = 0;
     uint64_t idle_timeout = DEFAULT_IDLE_TIMEOUT;
 
+    // Optional block list for filtering incoming packets by source address.
+    // When block_list_policy is DENY, packets from addresses matching the
+    // block list are dropped. When ALLOW, only packets from addresses
+    // matching the block list are accepted (all others dropped).
+    enum class BlockListPolicy : uint8_t {
+      DENY,   // Drop packets from matching addresses (blocklist)
+      ALLOW,  // Drop packets from non-matching addresses (allowlist)
+    };
+    std::shared_ptr<SocketAddressBlockList> block_list;
+    BlockListPolicy block_list_policy = BlockListPolicy::DENY;
+
     void MemoryInfo(MemoryTracker* tracker) const override;
     SET_MEMORY_INFO_NAME(Endpoint::Config)
     SET_SELF_SIZE(Options)
@@ -263,24 +263,27 @@ class Endpoint final : public AsyncWrap, public Packet::Listener {
   // ellicit retry packets (It can do so by intentionally sending initial
   // packets that ignore the retry token). To help mitigate that risk, we limit
   // the number of retries we send to a given remote endpoint.
-  void SendRetry(const PathDescriptor& options);
+  void SendRetry(const PathDescriptor& options, uint64_t now);
 
   // Sends a version negotiation packet. This is terminal for the connection and
   // is sent only when a QUIC packet is received for an unsupported QUIC
   // version. It is possible that a malicious packet triggered this so we need
   // to be careful not to commit too many resources.
-  void SendVersionNegotiation(const PathDescriptor& options);
+  void SendVersionNegotiation(const PathDescriptor& options, uint64_t now);
 
   // Possibly generates and sends a stateless reset packet. This is terminal for
   // the connection. It is possible that a malicious packet triggered this so we
   // need to be careful not to commit too many resources.
-  bool SendStatelessReset(const PathDescriptor& options, size_t source_len);
+  bool SendStatelessReset(const PathDescriptor& options,
+                          size_t source_len,
+                          uint64_t now);
 
   // Shutdown a connection prematurely, before a Session is created. This should
   // only be called at the start of a session before the crypto keys have been
   // established.
   void SendImmediateConnectionClose(const PathDescriptor& options,
-                                    QuicError error);
+                                    QuicError error,
+                                    uint64_t now);
 
   // Listen for connections (act as a server).
   void Listen(const Session::Options& options);
@@ -475,20 +478,27 @@ class Endpoint final : public AsyncWrap, public Packet::Listener {
 
   struct SocketAddressInfoTraits final {
     struct Type final {
-      size_t reset_count;
-      size_t retry_count;
-      size_t version_negotiation_count;
-      size_t immediate_close_count;
       uint64_t timestamp;
       bool validated;
+      TokenBucket session_creation_bucket;
     };
 
-    static bool CheckExpired(const SocketAddress& address, const Type& type);
-    static void Touch(const SocketAddress& address, Type* type);
+    static bool CheckExpired(const SocketAddress& address,
+                             const Type& type,
+                             uint64_t now);
+    static void Touch(const SocketAddress& address, Type* type, uint64_t now);
   };
 
   SocketAddressLRU<SocketAddressInfoTraits> addr_validation_lru_;
 
+  // Global token buckets for stateless response rate limiting.
+  // These cap the total server-wide rate of each response type,
+  // regardless of source address.
+  TokenBucket retry_bucket_;
+  TokenBucket stateless_reset_bucket_;
+  TokenBucket version_negotiation_bucket_;
+  TokenBucket immediate_close_bucket_;
+
   // Per-IP connection counts for maxConnectionsPerHost enforcement.
   // Only populated when max_connections_per_host > 0. Entries are
   // added in AddSession and removed when the count reaches 0 in
diff --git a/src/quic/http3.cc b/src/quic/http3.cc
index c9e249682f3a00..bf4bfb42b57611 100644
--- a/src/quic/http3.cc
+++ b/src/quic/http3.cc
@@ -177,10 +177,13 @@ class Http3ApplicationImpl final : public Session::Application {
     // When 0-RTT is rejected, destroy the nghttp3 connection and all
     // open streams — ngtcp2 has discarded their internal state.
     // Reset started_ so Start() is called again via on_receive_rx_key
-    // at 1RTT to recreate the nghttp3 connection.
+    // at 1RTT to recreate the nghttp3 connection. Use the
+    // application's internal error code since this is an error
+    // condition (code 0 would be treated as a clean close).
     conn_.reset();
     started_ = false;
-    session().DestroyAllStreams(QuicError::ForApplication(0));
+    session().DestroyAllStreams(
+        QuicError::ForApplication(GetInternalErrorCode()));
     if (!session().is_destroyed()) {
       session().EmitEarlyDataRejected();
     }
diff --git a/src/quic/preferredaddress.cc b/src/quic/preferredaddress.cc
index ca7908dda35c59..7ce27798a63423 100644
--- a/src/quic/preferredaddress.cc
+++ b/src/quic/preferredaddress.cc
@@ -140,7 +140,7 @@ void PreferredAddress::Initialize(Environment* env, Local<Object> target) {
   static constexpr auto PREFERRED_ADDRESS_IGNORE =
       static_cast<uint8_t>(Policy::IGNORE_PREFERRED);
   static constexpr auto DEFAULT_PREFERRED_ADDRESS_POLICY =
-      static_cast<uint8_t>(Policy::USE_PREFERRED);
+      static_cast<uint8_t>(Policy::IGNORE_PREFERRED);
 
   NODE_DEFINE_CONSTANT(target, PREFERRED_ADDRESS_IGNORE);
   NODE_DEFINE_CONSTANT(target, PREFERRED_ADDRESS_USE);
diff --git a/src/quic/session.cc b/src/quic/session.cc
index b42d19d0c0a307..04a69d32cd9a09 100644
--- a/src/quic/session.cc
+++ b/src/quic/session.cc
@@ -174,7 +174,8 @@ uint64_t MaxDatagramPayload(uint64_t max_frame_size) {
   V(DATAGRAMS_RECEIVED, datagrams_received)                                    \
   V(DATAGRAMS_SENT, datagrams_sent)                                            \
   V(DATAGRAMS_ACKNOWLEDGED, datagrams_acknowledged)                            \
-  V(DATAGRAMS_LOST, datagrams_lost)
+  V(DATAGRAMS_LOST, datagrams_lost)                                            \
+  V(STREAMS_IDLE_TIMED_OUT, streams_idle_timed_out)
 
 #define NO_SIDE_EFFECT true
 #define SIDE_EFFECT false
@@ -617,7 +618,7 @@ Maybe<Session::Options> Session::Options::From(Environment* env,
       !SET(keep_alive_timeout) || !SET(max_stream_window) || !SET(max_window) ||
       !SET(max_payload_size) || !SET(unacknowledged_packet_threshold) ||
       !SET(cc_algorithm) || !SET(draining_period_multiplier) ||
-      !SET(max_datagram_send_attempts)) {
+      !SET(max_datagram_send_attempts) || !SET(stream_idle_timeout)) {
     return Nothing<Options>();
   }
 
@@ -2371,13 +2372,15 @@ bool Session::ReadPacket(const uint8_t* data,
       DCHECK(is_server());
       Debug(this, "Receiving packet failed: Server must send a retry packet");
       if (!is_destroyed()) {
-        endpoint().SendRetry(PathDescriptor{
-            version(),
-            config().dcid,
-            config().scid,
-            impl_->local_address_,
-            impl_->remote_address_,
-        });
+        endpoint().SendRetry(
+            PathDescriptor{
+                version(),
+                config().dcid,
+                config().scid,
+                impl_->local_address_,
+                impl_->remote_address_,
+            },
+            uv_hrtime());
         Close(CloseMethod::SILENT);
       }
       return false;
@@ -2809,24 +2812,36 @@ void Session::ShutdownStream(stream_id id, QuicError error) {
   DCHECK(!is_destroyed());
   Debug(this, "Shutting down stream %" PRIi64 " with error %s", id, error);
   SendPendingDataScope send_scope(this);
-  ngtcp2_conn_shutdown_stream(*this,
-                              0,
-                              id,
-                              error.type() == QuicError::Type::APPLICATION
-                                  ? error.code()
-                                  : application().GetNoErrorCode());
+  // STOP_SENDING and RESET_STREAM frames carry application-level error
+  // codes (RFC 9000 §19.4, §19.5). Map the QuicError to an appropriate
+  // application code: APPLICATION errors pass through directly; transport
+  // no-error maps to the application's no-error code; any other error
+  // maps to the application's internal error code.
+  error_code code;
+  if (error.type() == QuicError::Type::APPLICATION) {
+    code = error.code();
+  } else if (error.code() == NGTCP2_NO_ERROR) {
+    code = application().GetNoErrorCode();
+  } else {
+    code = application().GetInternalErrorCode();
+  }
+  ngtcp2_conn_shutdown_stream(*this, 0, id, code);
 }
 
-void Session::ShutdownStreamWrite(stream_id id, QuicError code) {
+void Session::ShutdownStreamWrite(stream_id id, QuicError error) {
   DCHECK(!is_destroyed());
-  Debug(this, "Shutting down stream %" PRIi64 " write with error %s", id, code);
+  Debug(
+      this, "Shutting down stream %" PRIi64 " write with error %s", id, error);
   SendPendingDataScope send_scope(this);
-  ngtcp2_conn_shutdown_stream_write(*this,
-                                    0,
-                                    id,
-                                    code.type() == QuicError::Type::APPLICATION
-                                        ? code.code()
-                                        : application().GetNoErrorCode());
+  error_code code;
+  if (error.type() == QuicError::Type::APPLICATION) {
+    code = error.code();
+  } else if (error.code() == NGTCP2_NO_ERROR) {
+    code = application().GetNoErrorCode();
+  } else {
+    code = application().GetInternalErrorCode();
+  }
+  ngtcp2_conn_shutdown_stream_write(*this, 0, id, code);
 }
 
 void Session::StreamDataBlocked(stream_id id) {
@@ -3025,6 +3040,39 @@ void Session::UpdateDataStats() {
       std::max(STAT_GET(Stats, max_bytes_in_flight), info.bytes_in_flight));
 }
 
+void Session::CheckStreamIdleTimeout(uint64_t now) {
+  if (is_destroyed()) return;
+  uint64_t timeout = options().stream_idle_timeout;
+  if (timeout == 0) return;
+
+  uint64_t timeout_ns = timeout * NGTCP2_MILLISECONDS;
+  auto all_streams = streams();
+
+  for (const auto& [id, stream] : all_streams) {
+    if (!stream) continue;
+
+    // Only check peer-initiated streams. Locally-initiated streams
+    // that haven't been written to are the application's concern.
+    if (ngtcp2_conn_is_local_stream(*this, id)) continue;
+
+    uint64_t last_activity = stream->last_activity_timestamp();
+    if (last_activity > 0 && (now - last_activity) > timeout_ns) {
+      Debug(this, "Stream %" PRId64 " idle timeout exceeded, destroying", id);
+      // Notify the peer before destroying. ShutdownStream sends both
+      // STOP_SENDING and RESET_STREAM as appropriate, using the
+      // application's no-error code for non-APPLICATION errors (since
+      // these frames carry application-level error codes per RFC 9000).
+      // Without this, the peer's stream sits orphaned until the
+      // session closes.
+      auto error =
+          QuicError::ForTransport(NGTCP2_ERR_PROTO, "stream idle timeout");
+      ShutdownStream(id, error);
+      stream->Destroy(error);
+      STAT_INCREMENT(Stats, streams_idle_timed_out);
+    }
+  }
+}
+
 void Session::SendConnectionClose() {
   // Method is a non-op if the session is already destroyed or the
   // endpoint cannot send. Note: we intentionally do NOT check
@@ -3109,6 +3157,8 @@ void Session::OnTimeout() {
   if (is_destroyed()) return;
   if (NGTCP2_OK(ret) && !is_in_closing_period() && !is_in_draining_period()) {
     application().SendPendingData();
+    if (is_destroyed()) return;
+    CheckStreamIdleTimeout(uv_hrtime());
     return;
   }
   if (is_destroyed()) return;
@@ -3155,6 +3205,15 @@ void Session::UpdateTimer() {
   auto timeout = (expiry - now) / NGTCP2_MILLISECONDS;
   Debug(this, "Updating timeout to %zu milliseconds", timeout);
 
+  // If a stream idle timeout is configured, ensure the timer fires at
+  // least that often so CheckStreamIdleTimeout runs. Without this, an
+  // idle session with idle streams might not fire the timer until the
+  // connection idle timeout, which could be much longer.
+  uint64_t stream_idle = options().stream_idle_timeout;
+  if (stream_idle > 0 && timeout > stream_idle) {
+    timeout = stream_idle;
+  }
+
   // If timeout is zero here, it means our timer is less than a millisecond
   // off from expiry. Let's bump the timer to 1.
   impl_->timer_.Update(timeout == 0 ? 1 : timeout);
diff --git a/src/quic/session.h b/src/quic/session.h
index 9fb67fb918d818..64c9b8a84d7cf0 100644
--- a/src/quic/session.h
+++ b/src/quic/session.h
@@ -72,7 +72,11 @@ class Session final : public AsyncWrap, private SessionTicket::AppData::Source {
     uint64_t max_header_length = DEFAULT_MAX_HEADER_LENGTH;
 
     // HTTP/3 specific options.
-    uint64_t max_field_section_size = 0;
+    // The maximum header section size advertised to the peer in SETTINGS.
+    // Defaults to match max_header_length so the SETTINGS frame accurately
+    // reflects the enforcement limit. A value of 0 would incorrectly tell
+    // the peer not to send any headers at all.
+    uint64_t max_field_section_size = DEFAULT_MAX_HEADER_LENGTH;
     uint64_t qpack_max_dtable_capacity = 4096;
     uint64_t qpack_encoder_max_dtable_capacity = 4096;
     uint64_t qpack_blocked_streams = 100;
@@ -223,6 +227,14 @@ class Session final : public AsyncWrap, private SessionTicket::AppData::Source {
     // 10.2 requires at least 3x PTO. Range: 3-255. Default: 3.
     uint8_t draining_period_multiplier = 3;
 
+    // The amount of time (in milliseconds) that a stream can be idle
+    // (no data received) before it is automatically destroyed. This
+    // protects against slowloris-style attacks where a peer opens streams
+    // but never sends data, holding server resources indefinitely.
+    // Only applies to peer-initiated streams. Set to 0 to disable.
+    static constexpr uint64_t DEFAULT_STREAM_IDLE_TIMEOUT = 30'000;
+    uint64_t stream_idle_timeout = DEFAULT_STREAM_IDLE_TIMEOUT;
+
     // An optional NEW_TOKEN from a previous connection to the same
     // server. When set, the token is included in the Initial packet
     // to skip address validation. Client-side only.
@@ -565,6 +577,7 @@ class Session final : public AsyncWrap, private SessionTicket::AppData::Source {
   // Has to be called after certain operations that generate packets.
   void UpdatePacketTxTime();
   void UpdateDataStats();
+  void CheckStreamIdleTimeout(uint64_t now);
   void UpdatePath(const PathStorage& path);
 
   void ProcessPendingBidiStreams();
diff --git a/src/quic/streams.cc b/src/quic/streams.cc
index a48b5243f26b03..7186aed89a78e9 100644
--- a/src/quic/streams.cc
+++ b/src/quic/streams.cc
@@ -1270,7 +1270,8 @@ void Stream::NotifyStreamOpened(stream_id id) {
       // Headers were enqueued while the application was not yet known
       // (headers_supported == 0), and the negotiated application does
       // not support headers. This is a fatal mismatch.
-      Destroy(QuicError::ForApplication(0));
+      Destroy(QuicError::ForApplication(
+          session().application().GetInternalErrorCode()));
       return;
     }
     decltype(pending_headers_queue_) queue;
@@ -1347,6 +1348,11 @@ Session& Stream::session() const {
   return *session_;
 }
 
+uint64_t Stream::last_activity_timestamp() const {
+  uint64_t ts = stats()->received_at;
+  return ts != 0 ? ts : stats()->created_at;
+}
+
 bool Stream::is_local_unidirectional() const {
   return direction() == Direction::UNIDIRECTIONAL &&
          ngtcp2_conn_is_local_stream(*session_, id());
@@ -1625,6 +1631,7 @@ void Stream::EndReadable(std::optional<uint64_t> maybe_final_size) {
 
 void Stream::Destroy(QuicError error) {
   if (stats()->destroyed_at != 0) return;
+
   // Record the destroyed at timestamp before notifying the JavaScript side
   // that the stream is being destroyed.
   STAT_RECORD_TIMESTAMP(Stats, destroyed_at);
@@ -1884,6 +1891,7 @@ void Stream::EmitClose(const QuicError& error) {
 }
 
 void Stream::EmitHeaders() {
+  STAT_RECORD_TIMESTAMP(Stats, received_at);
   // state()->wants_headers will be set from the javascript side if the
   // stream object has a handler for the headers event.
   if (!env()->can_call_into_js() || !state()->wants_headers) {
diff --git a/src/quic/streams.h b/src/quic/streams.h
index 775ba6a33c9168..86cb36b2668985 100644
--- a/src/quic/streams.h
+++ b/src/quic/streams.h
@@ -258,6 +258,11 @@ class Stream final : public AsyncWrap,
 
   Session& session() const;
 
+  // Returns the most recent activity timestamp for this stream in
+  // nanoseconds (uv_hrtime). Uses received_at if data has been received,
+  // otherwise falls back to created_at. Returns 0 if neither is set.
+  uint64_t last_activity_timestamp() const;
+
   // True if this stream was created in a pending state and is still waiting
   // to be created.
   bool is_pending() const;
diff --git a/src/quic/tlscontext.cc b/src/quic/tlscontext.cc
index 2eba97ab8ad2a2..c0a1610540ed3a 100644
--- a/src/quic/tlscontext.cc
+++ b/src/quic/tlscontext.cc
@@ -261,6 +261,18 @@ bool OSSLContext::set_hostname(std::string_view hostname) const {
                   const_cast<char*>(name.c_str())) == 1;
 }
 
+bool OSSLContext::set_verify_hostname(std::string_view hostname) const {
+  // SSL_set1_host tells OpenSSL to verify the peer certificate's
+  // subject name (SAN/CN) matches this hostname. This is separate
+  // from SSL_set_tlsext_host_name which only sets the SNI extension.
+  static const char* kDefaultHostname = "localhost";
+  if (hostname.empty()) {
+    return SSL_set1_host(*this, kDefaultHostname) == 1;
+  } else {
+    return SSL_set1_host(*this, hostname.data()) == 1;
+  }
+}
+
 bool OSSLContext::set_early_data_enabled() const {
   return SSL_set_quic_tls_early_data_enabled(*this, 1) == 1;
 }
@@ -500,6 +512,14 @@ SSLCtxPointer TLSContext::Initialize(Environment* env) {
       SSL_CTX_set_session_cache_mode(
           ctx.get(), SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL);
       SSL_CTX_sess_set_new_cb(ctx.get(), OnNewSession);
+
+      // In strict mode, set SSL_VERIFY_PEER so OpenSSL aborts the
+      // handshake if the server's certificate fails validation. In
+      // non-strict modes, verification still occurs but the handshake
+      // completes regardless — the result is surfaced to JS.
+      if (options_.verify_peer_strict) {
+        SSL_CTX_set_verify(ctx.get(), SSL_VERIFY_PEER, nullptr);
+      }
       break;
     }
   }
@@ -706,6 +726,7 @@ Maybe<TLSContext::Options> TLSContext::Options::From(Environment* env,
       env, &options, params, state.name##_string())
 
   if (!SET(verify_client) || !SET(reject_unauthorized) ||
+      !SET(verify_hostname) || !SET(verify_peer_strict) ||
       !SET(enable_early_data) || !SET(enable_tls_trace) || !SET(alpn) ||
       !SET(servername) || !SET(ciphers) || !SET(groups) ||
       !SET(verify_private_key) || !SET(keylog) || !SET(port) ||
@@ -730,6 +751,8 @@ std::string TLSContext::Options::ToString() const {
          (verify_client ? std::string("yes") : std::string("no"));
   res += prefix + "reject unauthorized: " +
          (reject_unauthorized ? std::string("yes") : std::string("no"));
+  res += prefix + "verify peer strict: " +
+         (verify_peer_strict ? std::string("yes") : std::string("no"));
   res += prefix + "enable early data: " +
          (enable_early_data ? std::string("yes") : std::string("no"));
   res += prefix + "enable_tls_trace: " +
@@ -844,6 +867,14 @@ void TLSSession::Initialize(
         return;
       }
 
+      if (options.verify_hostname) {
+        if (!ossl_context_.set_verify_hostname(options.servername)) {
+          validation_error_ = "Failed to set verify hostname";
+          ossl_context_.reset();
+          return;
+        }
+      }
+
       if (maybeSessionTicket.has_value()) {
         const auto& sessionTicket = *maybeSessionTicket;
         uv_buf_t buf = sessionTicket.ticket();
diff --git a/src/quic/tlscontext.h b/src/quic/tlscontext.h
index c1d9b95d5613b4..ba502cf1f868df 100644
--- a/src/quic/tlscontext.h
+++ b/src/quic/tlscontext.h
@@ -51,6 +51,7 @@ class OSSLContext final {
 
   bool set_alpn_protocols(std::string_view protocols) const;
   bool set_hostname(std::string_view hostname) const;
+  bool set_verify_hostname(std::string_view hostname) const;
   bool set_early_data_enabled() const;
   bool set_transport_params(const ngtcp2_vec& tp) const;
 
@@ -207,6 +208,21 @@ class TLSContext final : public MemoryRetainer,
     // This option is only used by the server side.
     bool reject_unauthorized = true;
 
+    // When true, the client will set SSL_VERIFY_PEER so that OpenSSL
+    // aborts the handshake if the server's certificate fails validation.
+    // This is the "strict" verify_peer mode. When false (the default),
+    // the handshake completes regardless and VerifyPeerIdentity is
+    // called after to surface errors to JS. This option is only used
+    // by the client side.
+    bool verify_peer_strict = false;
+
+    // When true, OpenSSL verifies that the server's certificate matches
+    // the servername (hostname verification via SSL_set1_host). Should
+    // be true for 'strict' and 'auto' verifyPeer modes, false for
+    // 'manual'. Without this, a valid certificate for any domain would
+    // be accepted. This option is only used by the client side.
+    bool verify_hostname = false;
+
     // When true (the default), the server accepts 0-RTT early data
     // from clients with valid session tickets. When false, early data
     // is disabled and clients must complete a full handshake before
diff --git a/src/quic/tokens.cc b/src/quic/tokens.cc
index fb348b02e01b24..f9a429cef66279 100644
--- a/src/quic/tokens.cc
+++ b/src/quic/tokens.cc
@@ -170,10 +170,9 @@ ngtcp2_vec GenerateRetryToken(uint8_t* buffer,
                                          odcid,
                                          uv_hrtime());
   DCHECK_GE(ret, 0);
-  DCHECK_LE(ret, RetryToken::kRetryTokenLen);
   DCHECK_EQ(buffer[0], RetryToken::kTokenMagic);
   // This shouldn't be possible but we handle it anyway just to be safe.
-  if (ret == 0) return {nullptr, 0};
+  if (ret <= 0) return {nullptr, 0};
   return {buffer, static_cast<size_t>(ret)};
 }
 
@@ -189,10 +188,9 @@ ngtcp2_vec GenerateRegularToken(uint8_t* buffer,
                                            address.length(),
                                            uv_hrtime());
   DCHECK_GE(ret, 0);
-  DCHECK_LE(ret, RegularToken::kRegularTokenLen);
   DCHECK_EQ(buffer[0], RegularToken::kTokenMagic);
   // This shouldn't be possible but we handle it anyway just to be safe.
-  if (ret == 0) return {nullptr, 0};
+  if (ret <= 0) return {nullptr, 0};
   return {buffer, static_cast<size_t>(ret)};
 }
 }  // namespace
diff --git a/test/cctest/test_quic_tokenbucket.cc b/test/cctest/test_quic_tokenbucket.cc
new file mode 100644
index 00000000000000..5c5ef5b3cbc975
--- /dev/null
+++ b/test/cctest/test_quic_tokenbucket.cc
@@ -0,0 +1,125 @@
+#if HAVE_OPENSSL && HAVE_QUIC
+#include "quic/guard.h"
+#ifndef OPENSSL_NO_QUIC
+#include <env-inl.h>
+#include <gtest/gtest.h>
+#include <quic/defs.h>
+#include <uv.h>
+
+namespace node::quic {
+namespace {
+
+// Helper: nanoseconds from seconds
+static constexpr uint64_t secs(double s) {
+  return static_cast<uint64_t>(s * 1e9);
+}
+
+TEST(QuicTokenBucket, AllowsBurst) {
+  TokenBucket bucket(10, 5);  // 10/sec rate, burst of 5
+  uint64_t now = secs(1000);
+
+  // Should allow up to burst count immediately
+  for (int i = 0; i < 5; i++) {
+    EXPECT_TRUE(bucket.consume(now)) << "consume " << i << " should succeed";
+  }
+
+  // Bucket should be empty now
+  EXPECT_FALSE(bucket.consume(now));
+}
+
+TEST(QuicTokenBucket, RefillsOverTime) {
+  TokenBucket bucket(1000, 1);  // 1000/sec rate, burst of 1
+  uint64_t now = secs(1000);
+
+  // Drain the bucket
+  EXPECT_TRUE(bucket.consume(now));
+  EXPECT_FALSE(bucket.consume(now));
+
+  // Advance 2ms — at 1000/sec that's ~2 tokens, but burst is 1
+  now += secs(0.002);
+
+  // Should have refilled to 1 (capped by burst)
+  EXPECT_TRUE(bucket.consume(now));
+  EXPECT_FALSE(bucket.consume(now));
+}
+
+TEST(QuicTokenBucket, BurstCapacity) {
+  TokenBucket bucket(10000, 3);  // high rate, burst of 3
+  uint64_t now = secs(1000);
+
+  // Drain
+  EXPECT_TRUE(bucket.consume(now));
+  EXPECT_TRUE(bucket.consume(now));
+  EXPECT_TRUE(bucket.consume(now));
+  EXPECT_FALSE(bucket.consume(now));
+
+  // Advance enough to fully refill
+  now += secs(1);
+
+  // Should be capped at burst (3), not more
+  int count = 0;
+  while (bucket.consume(now)) count++;
+  EXPECT_EQ(count, 3);
+}
+
+TEST(QuicTokenBucket, ZeroRateAlwaysDenies) {
+  TokenBucket bucket(0, 0);
+  uint64_t now = secs(1000);
+  EXPECT_FALSE(bucket.consume(now));
+  now += secs(10);
+  EXPECT_FALSE(bucket.consume(now));
+}
+
+TEST(QuicTokenBucket, HighRateAllowsRapidConsume) {
+  TokenBucket bucket(1000000, 1000);  // 1M/sec, burst 1000
+  uint64_t now = secs(1000);
+
+  // Should be able to consume the full burst
+  int count = 0;
+  for (int i = 0; i < 1000; i++) {
+    if (bucket.consume(now)) count++;
+  }
+  EXPECT_EQ(count, 1000);
+}
+
+TEST(QuicTokenBucket, InitOnce) {
+  TokenBucket bucket;  // default: rate=0, burst=0, last_ts=0
+  uint64_t now = secs(1000);
+
+  // Init with rate=100, burst=5
+  bucket.InitOnce(100, 5, now);
+  EXPECT_TRUE(bucket.consume(now));
+
+  // InitOnce is idempotent — second call is a no-op
+  bucket.InitOnce(0, 0, now);        // would make it deny-all if applied
+  EXPECT_TRUE(bucket.consume(now));  // still has tokens from first init
+}
+
+TEST(QuicTokenBucket, DefaultConstructorDenies) {
+  TokenBucket bucket;  // default: rate=0, burst=0, last_ts=0
+  uint64_t now = secs(1000);
+  EXPECT_FALSE(bucket.consume(now));
+}
+
+TEST(QuicTokenBucket, GradualRefill) {
+  TokenBucket bucket(10, 10);  // 10/sec rate, burst of 10
+  uint64_t now = secs(1000);
+
+  // Drain fully
+  for (int i = 0; i < 10; i++) {
+    EXPECT_TRUE(bucket.consume(now));
+  }
+  EXPECT_FALSE(bucket.consume(now));
+
+  // Advance 500ms — should get 5 tokens
+  now += secs(0.5);
+  int count = 0;
+  while (bucket.consume(now)) count++;
+  EXPECT_EQ(count, 5);
+}
+
+}  // namespace
+}  // namespace node::quic
+
+#endif  // OPENSSL_NO_QUIC
+#endif  // HAVE_OPENSSL && HAVE_QUIC
diff --git a/test/cctest/test_sockaddr.cc b/test/cctest/test_sockaddr.cc
index 9d589482f0188f..a4feefd6f4b3f6 100644
--- a/test/cctest/test_sockaddr.cc
+++ b/test/cctest/test_sockaddr.cc
@@ -146,11 +146,13 @@ TEST(SocketAddressLRU, SocketAddressLRU) {
   struct FooLRUTraits {
     using Type = Foo;
 
-    static bool CheckExpired(const SocketAddress& address, const Type& type) {
+    static bool CheckExpired(const SocketAddress& address,
+                             const Type& type,
+                             uint64_t now) {
       return type.expired;
     }
 
-    static void Touch(const SocketAddress& address, Type* type) {
+    static void Touch(const SocketAddress& address, Type* type, uint64_t now) {
       type->expired = false;
     }
   };
@@ -169,7 +171,8 @@ TEST(SocketAddressLRU, SocketAddressLRU) {
   SocketAddress addr3(reinterpret_cast<const sockaddr*>(&storage[2]));
   SocketAddress addr4(reinterpret_cast<const sockaddr*>(&storage[3]));
 
-  Foo* foo = lru.Upsert(addr1);
+  uint64_t now = uv_hrtime();
+  Foo* foo = lru.Upsert(addr1, now);
   CHECK_NOT_NULL(foo);
   CHECK_EQ(foo->c, 0);
   CHECK_EQ(foo->expired, false);
@@ -177,14 +180,14 @@ TEST(SocketAddressLRU, SocketAddressLRU) {
   foo->c = 1;
   foo->expired = true;
 
-  foo = lru.Upsert(addr1);
+  foo = lru.Upsert(addr1, now);
   CHECK_NOT_NULL(lru.Peek(addr1));
   CHECK_EQ(lru.Peek(addr1), lru.Peek(addr4));
   CHECK_EQ(lru.Peek(addr1)->c, 1);
   CHECK_EQ(lru.Peek(addr1)->expired, false);
   CHECK_EQ(lru.size(), 1);
 
-  foo = lru.Upsert(addr2);
+  foo = lru.Upsert(addr2, now);
   foo->c = 2;
   foo->expired = true;
   CHECK_NOT_NULL(lru.Peek(addr2));
@@ -193,7 +196,7 @@ TEST(SocketAddressLRU, SocketAddressLRU) {
 
   foo->expired = true;
 
-  foo = lru.Upsert(addr3);
+  foo = lru.Upsert(addr3, now);
   foo->c = 3;
   foo->expired = false;
   CHECK_NOT_NULL(lru.Peek(addr3));
@@ -283,11 +286,11 @@ TEST(SocketAddressBlockList, Simple) {
   bl.AddSocketAddress(addr1);
   bl.AddSocketAddress(addr2);
 
-  CHECK(bl.Apply(addr1));
-  CHECK(bl.Apply(addr2));
+  CHECK(bl.Apply(*addr1));
+  CHECK(bl.Apply(*addr2));
 
   bl.RemoveSocketAddress(addr1);
 
-  CHECK(!bl.Apply(addr1));
-  CHECK(bl.Apply(addr2));
+  CHECK(!bl.Apply(*addr1));
+  CHECK(bl.Apply(*addr2));
 }
diff --git a/test/common/quic.mjs b/test/common/quic.mjs
index 7bc7a427b992ac..d05ee634f5e5ea 100644
--- a/test/common/quic.mjs
+++ b/test/common/quic.mjs
@@ -44,9 +44,13 @@ async function listen(callback, options = {}) {
 async function connect(address, options = {}) {
   const {
     alpn = 'quic-test',
+    // Test helper defaults to 'manual' because tests use self-signed
+    // certs without a CA. Tests that want to verify cert validation
+    // behavior should set verifyPeer explicitly.
+    verifyPeer = 'manual',
     ...rest
   } = options;
-  return quic.connect(address, { alpn, ...rest });
+  return quic.connect(address, { alpn, verifyPeer, ...rest });
 }
 
 export {
diff --git a/test/parallel/test-permission-net-quic.mjs b/test/parallel/test-permission-net-quic.mjs
index 1855dcca0f40e6..0ad5639432f7b9 100644
--- a/test/parallel/test-permission-net-quic.mjs
+++ b/test/parallel/test-permission-net-quic.mjs
@@ -19,7 +19,7 @@ const cert = fixtures.readKey('agent1-cert.pem');
 // Test: connect() should reject with ERR_ACCESS_DENIED
 {
   await assert.rejects(
-    connect('127.0.0.1:12345', { alpn: 'h3' }),
+    connect('127.0.0.1:12345', { alpn: 'h3', verifyPeer: 'manual' }),
     {
       code: 'ERR_ACCESS_DENIED',
       permission: 'Net',
diff --git a/test/parallel/test-quic-address-validation.mjs b/test/parallel/test-quic-address-validation.mjs
index 7f6c57dfee8f52..6be0681ff49902 100644
--- a/test/parallel/test-quic-address-validation.mjs
+++ b/test/parallel/test-quic-address-validation.mjs
@@ -37,6 +37,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   servername: 'localhost',
 });
 
diff --git a/test/parallel/test-quic-alpn-h3.mjs b/test/parallel/test-quic-alpn-h3.mjs
index 431175a743d502..e9adca59d1aeca 100644
--- a/test/parallel/test-quic-alpn-h3.mjs
+++ b/test/parallel/test-quic-alpn-h3.mjs
@@ -35,6 +35,7 @@ notStrictEqual(serverEndpoint.address, undefined);
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 
 async function checkClient() {
diff --git a/test/parallel/test-quic-alpn.mjs b/test/parallel/test-quic-alpn.mjs
index babb945d9d0c33..020fea3d308a86 100644
--- a/test/parallel/test-quic-alpn.mjs
+++ b/test/parallel/test-quic-alpn.mjs
@@ -41,6 +41,7 @@ notStrictEqual(serverEndpoint.address, undefined);
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'proto-b',
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 
 await Promise.all([serverOpened.promise, checkSession(clientSession)]);
diff --git a/test/parallel/test-quic-blocklist.mjs b/test/parallel/test-quic-blocklist.mjs
new file mode 100644
index 00000000000000..5a3d4e98310f4b
--- /dev/null
+++ b/test/parallel/test-quic-blocklist.mjs
@@ -0,0 +1,79 @@
+// Flags: --experimental-quic --no-warnings
+
+// Test: endpoint block list filtering.
+// Deny mode: packets from blocked addresses are dropped.
+// Allow mode: only packets from listed addresses are accepted.
+
+import { hasQuic, skip, mustCall, mustNotCall } from '../common/index.mjs';
+import assert from 'node:assert';
+import net from 'node:net';
+
+const { ok, rejects, strictEqual } = assert;
+
+if (!hasQuic) {
+  skip('QUIC is not enabled');
+}
+
+const { listen, connect } = await import('../common/quic.mjs');
+
+// --- Deny mode: block 127.0.0.1 ---
+{
+  const blockList = new net.BlockList();
+  blockList.addAddress('127.0.0.1');
+
+  const serverEndpoint = await listen(mustNotCall(), {
+    endpoint: {
+      blockList,
+      blockListPolicy: 'deny',
+    },
+  });
+
+  // Connecting from 127.0.0.1 should be silently dropped.
+  // The client will time out waiting for a response.
+  const clientSession = await connect(serverEndpoint.address, {
+    handshakeTimeout: 500,
+    verifyPeer: 'manual',
+    onerror: mustCall((err) => {
+      strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
+    }),
+  });
+
+  // The session should fail — the server never sees the packet.
+  await rejects(clientSession.opened, {
+    code: 'ERR_QUIC_TRANSPORT_ERROR',
+  });
+
+  // Verify the stat counter.
+  ok(serverEndpoint.stats.packetsBlocked > 0n,
+     'packetsBlocked should be non-zero');
+
+  await serverEndpoint.close();
+}
+
+// --- Allow mode: only allow 127.0.0.1 ---
+{
+  const allowList = new net.BlockList();
+  allowList.addAddress('127.0.0.1');
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    await serverSession.opened;
+    serverSession.close();
+  }), {
+    endpoint: {
+      blockList: allowList,
+      blockListPolicy: 'allow',
+    },
+  });
+
+  // Connecting from 127.0.0.1 should succeed — it's in the allow list.
+  const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
+  });
+  await clientSession.opened;
+  await clientSession.close();
+
+  strictEqual(serverEndpoint.stats.packetsBlocked, 0n,
+              'No packets should be blocked for allowed address');
+
+  await serverEndpoint.close();
+}
diff --git a/test/parallel/test-quic-callback-error-onpathvalidation.mjs b/test/parallel/test-quic-callback-error-onpathvalidation.mjs
index e4f4cb4de8b14f..d60033e3efe304 100644
--- a/test/parallel/test-quic-callback-error-onpathvalidation.mjs
+++ b/test/parallel/test-quic-callback-error-onpathvalidation.mjs
@@ -36,6 +36,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   reuseEndpoint: false,
+  preferredAddressPolicy: 'use',
   onpathvalidation() {
     throw testError;
   },
diff --git a/test/parallel/test-quic-connection-limits.mjs b/test/parallel/test-quic-connection-limits.mjs
index 2f41c388805dc4..7d2f4b07119f7b 100644
--- a/test/parallel/test-quic-connection-limits.mjs
+++ b/test/parallel/test-quic-connection-limits.mjs
@@ -49,6 +49,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 // First connection should succeed.
 const cs1 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxIdleTimeout: 2 },
 });
 await cs1.opened;
@@ -56,6 +57,7 @@ await cs1.opened;
 // Second connection — server rejects with CONNECTION_REFUSED.
 const cs2 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxIdleTimeout: 1 },
   onerror: mustCall((err) => {
     strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
diff --git a/test/parallel/test-quic-datagram-drop-newest.mjs b/test/parallel/test-quic-datagram-drop-newest.mjs
index 45f568af91687a..7225ea9cd08e0a 100644
--- a/test/parallel/test-quic-datagram-drop-newest.mjs
+++ b/test/parallel/test-quic-datagram-drop-newest.mjs
@@ -48,6 +48,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 1200 },
   datagramDropPolicy: 'drop-newest',
   ondatagramstatus: mustCall((_, status) => {
diff --git a/test/parallel/test-quic-datagram-drop-oldest.mjs b/test/parallel/test-quic-datagram-drop-oldest.mjs
index 1471323caf2e06..923e80bf73460a 100644
--- a/test/parallel/test-quic-datagram-drop-oldest.mjs
+++ b/test/parallel/test-quic-datagram-drop-oldest.mjs
@@ -48,6 +48,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 1200 },
   datagramDropPolicy: 'drop-oldest',
   ondatagramstatus: mustCall((_, status) => {
diff --git a/test/parallel/test-quic-datagram-echo.mjs b/test/parallel/test-quic-datagram-echo.mjs
index ad6a08b67443c8..a0870ba49ce77a 100644
--- a/test/parallel/test-quic-datagram-echo.mjs
+++ b/test/parallel/test-quic-datagram-echo.mjs
@@ -48,6 +48,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 10 },
   // Client receives datagram from server.
   ondatagram: mustCall(function(data) {
diff --git a/test/parallel/test-quic-datagram-multiple.mjs b/test/parallel/test-quic-datagram-multiple.mjs
index f8deef3ead2cd9..96e86bec8a99e7 100644
--- a/test/parallel/test-quic-datagram-multiple.mjs
+++ b/test/parallel/test-quic-datagram-multiple.mjs
@@ -56,6 +56,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 1200 },
 });
 
diff --git a/test/parallel/test-quic-datagram-status.mjs b/test/parallel/test-quic-datagram-status.mjs
index b3391b7655ff23..98e6bf56cee986 100644
--- a/test/parallel/test-quic-datagram-status.mjs
+++ b/test/parallel/test-quic-datagram-status.mjs
@@ -45,6 +45,7 @@ let statusValue;
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 1200 },
   ondatagramstatus: mustCall((id, status) => {
     strictEqual(typeof id, 'bigint');
diff --git a/test/parallel/test-quic-datagram.mjs b/test/parallel/test-quic-datagram.mjs
index f35966b19be3ec..acd2d88356239a 100644
--- a/test/parallel/test-quic-datagram.mjs
+++ b/test/parallel/test-quic-datagram.mjs
@@ -45,6 +45,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxDatagramFrameSize: 1200 },
 });
 
diff --git a/test/parallel/test-quic-diagnostics-channel-path.mjs b/test/parallel/test-quic-diagnostics-channel-path.mjs
index a5464c07076101..63305025e6efbf 100644
--- a/test/parallel/test-quic-diagnostics-channel-path.mjs
+++ b/test/parallel/test-quic-diagnostics-channel-path.mjs
@@ -47,6 +47,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   reuseEndpoint: false,
+  preferredAddressPolicy: 'use',
   // The onpathvalidation must be set for the JS handler to fire,
   // which in turn publishes to the diagnostics channel.
   onpathvalidation: mustCall(),
diff --git a/test/parallel/test-quic-enable-early-data.mjs b/test/parallel/test-quic-enable-early-data.mjs
index 90524aaf19d1da..0c868025240fbf 100644
--- a/test/parallel/test-quic-enable-early-data.mjs
+++ b/test/parallel/test-quic-enable-early-data.mjs
@@ -45,6 +45,7 @@ const serverEndpoint = await listen(mustCall((serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   servername: 'localhost',
   enableEarlyData: false,
 });
diff --git a/test/parallel/test-quic-endpoint-bind.mjs b/test/parallel/test-quic-endpoint-bind.mjs
index 0f9c359075db75..dc91ccda01b73f 100644
--- a/test/parallel/test-quic-endpoint-bind.mjs
+++ b/test/parallel/test-quic-endpoint-bind.mjs
@@ -46,6 +46,7 @@ const cert = readKey('agent1-cert.pem');
   // Verify a client can connect to the bound address.
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await clientSession.opened;
diff --git a/test/parallel/test-quic-endpoint-busy.mjs b/test/parallel/test-quic-endpoint-busy.mjs
index b6c874943a0164..5df58ce5886542 100644
--- a/test/parallel/test-quic-endpoint-busy.mjs
+++ b/test/parallel/test-quic-endpoint-busy.mjs
@@ -36,6 +36,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 // First connection before busy — should succeed.
 const cs1 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxIdleTimeout: 2 },
 });
 await cs1.opened;
@@ -48,6 +49,7 @@ strictEqual(endpoint.busy, true);
 // Second connection while busy — server rejects.
 const cs2 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   transportParams: { maxIdleTimeout: 1 },
   onerror: mustCall((err) => {
     strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
diff --git a/test/parallel/test-quic-endpoint-idle-timeout.mjs b/test/parallel/test-quic-endpoint-idle-timeout.mjs
index aa75d16a82b7ed..90d19ca455411c 100644
--- a/test/parallel/test-quic-endpoint-idle-timeout.mjs
+++ b/test/parallel/test-quic-endpoint-idle-timeout.mjs
@@ -31,6 +31,7 @@ const { listen, connect } = await import('../common/quic.mjs');
   const clientEndpoint = new QuicEndpoint();
   const client = await connect(serverEndpoint.address, {
     endpoint: clientEndpoint,
+    verifyPeer: 'manual',
   });
   await client.opened;
 
@@ -57,6 +58,7 @@ const { listen, connect } = await import('../common/quic.mjs');
   const clientEndpoint = new QuicEndpoint({ idleTimeout: 1 });
   const client = await connect(serverEndpoint.address, {
     endpoint: clientEndpoint,
+    verifyPeer: 'manual',
   });
   await client.opened;
   await client.close();
diff --git a/test/parallel/test-quic-endpoint-state-transitions.mjs b/test/parallel/test-quic-endpoint-state-transitions.mjs
index 559356893379ff..5997f812ae8d72 100644
--- a/test/parallel/test-quic-endpoint-state-transitions.mjs
+++ b/test/parallel/test-quic-endpoint-state-transitions.mjs
@@ -40,7 +40,10 @@ const cert = readKey('agent1-cert.pem');
   strictEqual(serverEndpoint.closing, false);
   strictEqual(serverEndpoint.destroyed, false);
 
-  const cs = await connect(serverEndpoint.address, { alpn: 'quic-test' });
+  const cs = await connect(serverEndpoint.address, {
+    alpn: 'quic-test',
+    verifyPeer: 'manual',
+  });
   await cs.opened;
   await cs.close();
 
@@ -75,6 +78,7 @@ const cert = readKey('agent1-cert.pem');
   // Connect via 127.0.0.1 since 0.0.0.0 listens on all interfaces.
   const cs = await connect(`127.0.0.1:${addr.port}`, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await cs.opened;
diff --git a/test/parallel/test-quic-h3-callback-errors.mjs b/test/parallel/test-quic-h3-callback-errors.mjs
index b6fa8e9422dfaf..226a3f6b96fbd5 100644
--- a/test/parallel/test-quic-h3-callback-errors.mjs
+++ b/test/parallel/test-quic-h3-callback-errors.mjs
@@ -56,6 +56,7 @@ async function makeServer(onheadersHandler, extraOpts = {}) {
 
   const c = await connect(ep.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await c.opened;
@@ -95,6 +96,7 @@ async function makeServer(onheadersHandler, extraOpts = {}) {
 
   const c = await connect(ep.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await c.opened;
@@ -139,6 +141,7 @@ async function makeServer(onheadersHandler, extraOpts = {}) {
 
   const c = await connect(ep.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await c.opened;
@@ -187,6 +190,7 @@ async function makeServer(onheadersHandler, extraOpts = {}) {
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'example.com',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
     onorigin: mustCall(function() {
       throw new Error('onorigin error');
@@ -251,6 +255,7 @@ async function makeServer(onheadersHandler, extraOpts = {}) {
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 1 },
   });
   await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-close-behavior.mjs b/test/parallel/test-quic-h3-close-behavior.mjs
index 6b36909a9f6b1c..02b34945087267 100644
--- a/test/parallel/test-quic-h3-close-behavior.mjs
+++ b/test/parallel/test-quic-h3-close-behavior.mjs
@@ -53,6 +53,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-concurrent-requests.mjs b/test/parallel/test-quic-h3-concurrent-requests.mjs
index 69ab450cb7e445..6f0aa50b7f02ae 100644
--- a/test/parallel/test-quic-h3-concurrent-requests.mjs
+++ b/test/parallel/test-quic-h3-concurrent-requests.mjs
@@ -57,6 +57,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-datagram.mjs b/test/parallel/test-quic-h3-datagram.mjs
index 2c3ea0aad77138..ea00cec42bc8f4 100644
--- a/test/parallel/test-quic-h3-datagram.mjs
+++ b/test/parallel/test-quic-h3-datagram.mjs
@@ -66,6 +66,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     application: { enableDatagrams: true },
     transportParams: { maxDatagramFrameSize: 100 },
     // Client receives datagram from server.
@@ -139,6 +140,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     application: { enableDatagrams: true },
     transportParams: { maxDatagramFrameSize: 100 },
   });
diff --git a/test/parallel/test-quic-h3-error-codes.mjs b/test/parallel/test-quic-h3-error-codes.mjs
index f8d520d3fdbffe..f9aebadc85cfd2 100644
--- a/test/parallel/test-quic-h3-error-codes.mjs
+++ b/test/parallel/test-quic-h3-error-codes.mjs
@@ -46,6 +46,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
@@ -96,6 +97,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-goaway-non-h3.mjs b/test/parallel/test-quic-h3-goaway-non-h3.mjs
index 86931ec46fb51a..e0dd89d20279a0 100644
--- a/test/parallel/test-quic-h3-goaway-non-h3.mjs
+++ b/test/parallel/test-quic-h3-goaway-non-h3.mjs
@@ -45,6 +45,7 @@ const serverEndpoint = await listen(mustCall(async (ss) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   alpn: 'quic-test',
   // Ongoaway must NOT fire for non-H3 sessions.
   ongoaway: mustNotCall(),
diff --git a/test/parallel/test-quic-h3-goaway.mjs b/test/parallel/test-quic-h3-goaway.mjs
index c8a597b6f2e115..7542849f35eeed 100644
--- a/test/parallel/test-quic-h3-goaway.mjs
+++ b/test/parallel/test-quic-h3-goaway.mjs
@@ -71,6 +71,7 @@ dc.subscribe('quic.session.goaway', mustCall((msg) => {
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     // Ongoaway fires when the peer sends GOAWAY.
     ongoaway: mustCall(function(lastStreamId) {
       strictEqual(lastStreamId, -1n);
diff --git a/test/parallel/test-quic-h3-handshake-failure.mjs b/test/parallel/test-quic-h3-handshake-failure.mjs
index 128acab8fffe3d..640f7e54c40209 100644
--- a/test/parallel/test-quic-h3-handshake-failure.mjs
+++ b/test/parallel/test-quic-h3-handshake-failure.mjs
@@ -40,6 +40,7 @@ const serverEndpoint = await listen(async (serverSession) => {
 // exists but hasn't started (control streams not yet bound).
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   // h3 ALPN — must match the server so the H3 application is selected
   // on the server side before we tear it down.
 });
diff --git a/test/parallel/test-quic-h3-header-validation.mjs b/test/parallel/test-quic-h3-header-validation.mjs
index 0388137148b0a1..43673e0cc00f1e 100644
--- a/test/parallel/test-quic-h3-header-validation.mjs
+++ b/test/parallel/test-quic-h3-header-validation.mjs
@@ -77,6 +77,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
@@ -138,6 +139,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-headers-support.mjs b/test/parallel/test-quic-h3-headers-support.mjs
index d513fb15978c93..8807adde6ef276 100644
--- a/test/parallel/test-quic-h3-headers-support.mjs
+++ b/test/parallel/test-quic-h3-headers-support.mjs
@@ -61,6 +61,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   alpn: 'quic-test',
 });
 await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-informational-headers.mjs b/test/parallel/test-quic-h3-informational-headers.mjs
index 0f05d08c9bf0ae..6fa950b7bccbd6 100644
--- a/test/parallel/test-quic-h3-informational-headers.mjs
+++ b/test/parallel/test-quic-h3-informational-headers.mjs
@@ -77,6 +77,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-origin.mjs b/test/parallel/test-quic-h3-origin.mjs
index 0e801b8e54408b..4f1fdf50e58d6d 100644
--- a/test/parallel/test-quic-h3-origin.mjs
+++ b/test/parallel/test-quic-h3-origin.mjs
@@ -55,6 +55,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'example.com',
+    verifyPeer: 'manual',
     // Client receives ORIGIN frame via onorigin callback.
     onorigin: mustCall(function(origins) {
       ok(Array.isArray(origins));
@@ -132,6 +133,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'custom-port.example.com',
+    verifyPeer: 'manual',
     onorigin: mustCall(function(origins) {
       ok(Array.isArray(origins));
 
diff --git a/test/parallel/test-quic-h3-pending-stream.mjs b/test/parallel/test-quic-h3-pending-stream.mjs
index 39f5a4d833d89e..fd269e64e0543a 100644
--- a/test/parallel/test-quic-h3-pending-stream.mjs
+++ b/test/parallel/test-quic-h3-pending-stream.mjs
@@ -51,6 +51,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
 
   // Create the stream BEFORE awaiting opened. The stream is pending
diff --git a/test/parallel/test-quic-h3-post-filehandle.mjs b/test/parallel/test-quic-h3-post-filehandle.mjs
index 8264a55cecc30b..46e30d8376d6cd 100644
--- a/test/parallel/test-quic-h3-post-filehandle.mjs
+++ b/test/parallel/test-quic-h3-post-filehandle.mjs
@@ -61,6 +61,7 @@ writeFileSync(testFile, testContent);
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
 
   const info = await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-post-request.mjs b/test/parallel/test-quic-h3-post-request.mjs
index 1bd9100810aa58..a12458ef10df30 100644
--- a/test/parallel/test-quic-h3-post-request.mjs
+++ b/test/parallel/test-quic-h3-post-request.mjs
@@ -68,6 +68,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 
 const info = await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-priority.mjs b/test/parallel/test-quic-h3-priority.mjs
index 9aac69bd6d2f22..fc7ca231f0d63a 100644
--- a/test/parallel/test-quic-h3-priority.mjs
+++ b/test/parallel/test-quic-h3-priority.mjs
@@ -55,6 +55,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
@@ -194,6 +195,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-qpack-settings.mjs b/test/parallel/test-quic-h3-qpack-settings.mjs
index 6d059b4cbee175..6ca5671ef5b91f 100644
--- a/test/parallel/test-quic-h3-qpack-settings.mjs
+++ b/test/parallel/test-quic-h3-qpack-settings.mjs
@@ -71,6 +71,7 @@ async function makeRequest(clientSession, path) {
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     // Client also disables QPACK dynamic table.
     application: { qpackMaxDTableCapacity: 0, qpackBlockedStreams: 0 },
   });
@@ -108,6 +109,7 @@ async function makeRequest(clientSession, path) {
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     application: { qpackMaxDTableCapacity: 8192, qpackBlockedStreams: 200 },
   });
   await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-request-response.mjs b/test/parallel/test-quic-h3-request-response.mjs
index 817f620c89f8ee..1610f8deec1d41 100644
--- a/test/parallel/test-quic-h3-request-response.mjs
+++ b/test/parallel/test-quic-h3-request-response.mjs
@@ -77,6 +77,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   // Default ALPN is h3.
 });
 
diff --git a/test/parallel/test-quic-h3-settings.mjs b/test/parallel/test-quic-h3-settings.mjs
index 2b3b9a628f1c15..363aa985c23a82 100644
--- a/test/parallel/test-quic-h3-settings.mjs
+++ b/test/parallel/test-quic-h3-settings.mjs
@@ -60,6 +60,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
@@ -118,6 +119,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
   });
   await clientSession.opened;
 
@@ -164,6 +166,7 @@ const decoder = new TextDecoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     application: { enableConnectProtocol: true, enableDatagrams: true },
   });
   await clientSession.opened;
diff --git a/test/parallel/test-quic-h3-stream-destroy-with-headers.mjs b/test/parallel/test-quic-h3-stream-destroy-with-headers.mjs
index 135d0301b00386..67286d9a5ad6a9 100644
--- a/test/parallel/test-quic-h3-stream-destroy-with-headers.mjs
+++ b/test/parallel/test-quic-h3-stream-destroy-with-headers.mjs
@@ -34,6 +34,7 @@ const serverEndpoint = await listen(mustCall(async (ss) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-stream-idle-timeout.mjs b/test/parallel/test-quic-h3-stream-idle-timeout.mjs
new file mode 100644
index 00000000000000..5c851caca42465
--- /dev/null
+++ b/test/parallel/test-quic-h3-stream-idle-timeout.mjs
@@ -0,0 +1,185 @@
+// Flags: --experimental-quic --experimental-stream-iter --no-warnings
+
+// Test: HTTP/3 stream idle timeout.
+// Peer-initiated streams that receive no data within the configured
+// timeout are automatically destroyed. This test verifies the behavior
+// with HTTP/3 bidirectional streams, where ShutdownStream maps
+// transport errors to the application's internal error code
+// (NGHTTP3_H3_INTERNAL_ERROR = 0x102) on the wire.
+
+import { hasQuic, skip, mustCall } from '../common/index.mjs';
+import assert from 'node:assert';
+import { setTimeout } from 'node:timers/promises';
+import * as fixtures from '../common/fixtures.mjs';
+import { text } from 'node:stream/iter';
+
+const { rejects, strictEqual } = assert;
+const { readKey } = fixtures;
+
+if (!hasQuic) {
+  skip('QUIC is not enabled');
+}
+
+const { listen, connect } = await import('node:quic');
+const { createPrivateKey } = await import('node:crypto');
+
+const key = createPrivateKey(readKey('agent1-key.pem'));
+const cert = readKey('agent1-cert.pem');
+
+const encoder = new TextEncoder();
+
+// --- H3 stream destroyed after idle timeout ---
+{
+  const streamDestroyed = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+      // Don't read — let the stream sit idle after the initial headers.
+      // The stream idle timeout should destroy it, rejecting stream.closed.
+      await rejects(stream.closed, {
+        code: 'ERR_QUIC_TRANSPORT_ERROR',
+      });
+      streamDestroyed.resolve();
+    });
+  }), {
+    sni: { '*': { keys: [key], certs: [cert] } },
+    streamIdleTimeout: 100,
+    onheaders() {
+      // Receive headers but do nothing — let the stream go idle.
+    },
+  });
+
+  const clientSession = await connect(serverEndpoint.address, {
+    servername: 'localhost',
+    verifyPeer: 'manual',
+    transportParams: { maxIdleTimeout: 1 },
+  });
+
+  await clientSession.opened;
+
+  // Send a POST request with a body byte so the server creates the
+  // stream, then stop sending (don't end the write side).
+  const stream = await clientSession.createBidirectionalStream({
+    headers: {
+      ':method': 'POST',
+      ':path': '/',
+      ':scheme': 'https',
+      ':authority': 'localhost',
+    },
+    onheaders() {},
+  });
+  const writer = stream.writer;
+  writer.writeSync(encoder.encode('x'));
+
+  // Wait for the server to destroy the idle stream.
+  await streamDestroyed.promise;
+
+  // The server sent STOP_SENDING / RESET_STREAM when it destroyed the
+  // idle stream. ShutdownStream maps the transport error to the H3
+  // internal error code (0x102) on the wire.
+  await rejects(stream.closed, {
+    code: 'ERR_QUIC_APPLICATION_ERROR',
+  });
+
+  await clientSession.close();
+  await serverEndpoint.close();
+}
+
+// --- H3 stream with ongoing data is NOT destroyed ---
+{
+  const serverGotData = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+      const data = await text(stream);
+      strictEqual(data, 'xy');
+      serverGotData.resolve();
+      await serverSession.close();
+    });
+  }), {
+    sni: { '*': { keys: [key], certs: [cert] } },
+    streamIdleTimeout: 500,
+    onheaders: mustCall(function(headers) {
+      strictEqual(headers[':method'], 'POST');
+      // Send response headers so the stream is fully established.
+      this.sendHeaders({ ':status': '200' }, { terminal: true });
+    }),
+  });
+
+  const clientSession = await connect(serverEndpoint.address, {
+    servername: 'localhost',
+    verifyPeer: 'manual',
+  });
+  await clientSession.opened;
+
+  const stream = await clientSession.createBidirectionalStream({
+    onheaders() {},
+  });
+  stream.sendHeaders({
+    ':method': 'POST',
+    ':path': '/',
+    ':scheme': 'https',
+    ':authority': 'localhost',
+    'content-length': '2',
+  }, { terminal: false });
+  const writer = stream.writer;
+  writer.writeSync(encoder.encode('x'));
+
+  // Wait less than the 500ms idle timeout, then send more data.
+  await setTimeout(300);
+
+  writer.writeSync(encoder.encode('y'));
+  writer.endSync();
+
+  await Promise.all([serverGotData.promise, clientSession.closed]);
+  await serverEndpoint.close();
+}
+
+// --- Disabled when set to 0 ---
+{
+  const streamSurvived = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+      const data = await text(stream);
+      strictEqual(data, 'xy');
+      streamSurvived.resolve();
+    });
+
+    await setTimeout(700);
+    await serverSession.close();
+  }), {
+    sni: { '*': { keys: [key], certs: [cert] } },
+    streamIdleTimeout: 0,  // Disabled
+    onheaders: mustCall(function(headers) {
+      this.sendHeaders({ ':status': '200' }, { terminal: true });
+    }),
+  });
+
+  const clientSession = await connect(serverEndpoint.address, {
+    servername: 'localhost',
+    verifyPeer: 'manual',
+  });
+  await clientSession.opened;
+
+  const stream = await clientSession.createBidirectionalStream({
+    onheaders() {},
+  });
+  stream.sendHeaders({
+    ':method': 'POST',
+    ':path': '/',
+    ':scheme': 'https',
+    ':authority': 'localhost',
+  }, { terminal: false });
+  const writer = stream.writer;
+  writer.writeSync(encoder.encode('x'));
+
+  // Pause beyond any reasonable idle timeout to verify it's disabled.
+  await setTimeout(600);
+
+  writer.writeSync(encoder.encode('y'));
+  writer.endSync();
+
+  await Promise.all([streamSurvived.promise, clientSession.closed]);
+  await serverEndpoint.close();
+}
diff --git a/test/parallel/test-quic-h3-trailing-headers.mjs b/test/parallel/test-quic-h3-trailing-headers.mjs
index c620488a920798..436cb243b3dd99 100644
--- a/test/parallel/test-quic-h3-trailing-headers.mjs
+++ b/test/parallel/test-quic-h3-trailing-headers.mjs
@@ -82,6 +82,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
 });
 await clientSession.opened;
 
diff --git a/test/parallel/test-quic-h3-zero-rtt-bogus-ticket.mjs b/test/parallel/test-quic-h3-zero-rtt-bogus-ticket.mjs
index de542310f0a011..e724b6b04a485b 100644
--- a/test/parallel/test-quic-h3-zero-rtt-bogus-ticket.mjs
+++ b/test/parallel/test-quic-h3-zero-rtt-bogus-ticket.mjs
@@ -30,6 +30,7 @@ const serverEndpoint = await listen(mustNotCall(), {
 await rejects(
   connect(serverEndpoint.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     sessionTicket: randomBytes(256),
   }),
   { code: 'ERR_INVALID_ARG_VALUE' },
diff --git a/test/parallel/test-quic-h3-zero-rtt-rejected-settings.mjs b/test/parallel/test-quic-h3-zero-rtt-rejected-settings.mjs
index bbc0cd48fe13f5..41f77a63a1f980 100644
--- a/test/parallel/test-quic-h3-zero-rtt-rejected-settings.mjs
+++ b/test/parallel/test-quic-h3-zero-rtt-rejected-settings.mjs
@@ -53,6 +53,7 @@ async function getTicket(endpointOptions) {
 
   const cs = await connect(ep.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     ...endpointOptions,
     onsessionticket(ticket) {
       ok(Buffer.isBuffer(ticket));
@@ -102,6 +103,7 @@ async function attemptRejected0RTT(endpointOptions, ticket, token) {
 
   const cs = await connect(ep.address, {
     servername: 'localhost',
+    verifyPeer: 'manual',
     ...endpointOptions,
     sessionTicket: ticket,
     token,
diff --git a/test/parallel/test-quic-h3-zero-rtt.mjs b/test/parallel/test-quic-h3-zero-rtt.mjs
index 18a841eb938516..4e51958d7c864a 100644
--- a/test/parallel/test-quic-h3-zero-rtt.mjs
+++ b/test/parallel/test-quic-h3-zero-rtt.mjs
@@ -58,6 +58,7 @@ const serverEndpoint = await listen(mustCall((ss) => {
 // --- First connection: establish H3 session, receive ticket ---
 const cs1 = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   onsessionticket: mustCall(function(ticket) {
     ok(Buffer.isBuffer(ticket));
     ok(ticket.length > 0);
@@ -99,6 +100,7 @@ ok(savedToken);
 // --- Second connection: 0-RTT with H3 ---
 const cs2 = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   sessionTicket: savedTicket,
   token: savedToken,
 });
diff --git a/test/parallel/test-quic-handshake-ipv6-only.mjs b/test/parallel/test-quic-handshake-ipv6-only.mjs
index 03531b6ce42ca0..3b3c6a2aa08a42 100644
--- a/test/parallel/test-quic-handshake-ipv6-only.mjs
+++ b/test/parallel/test-quic-handshake-ipv6-only.mjs
@@ -60,6 +60,7 @@ ok(serverEndpoint.address !== undefined);
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   endpoint: {
     address: {
       address: '::',
diff --git a/test/parallel/test-quic-handshake.mjs b/test/parallel/test-quic-handshake.mjs
index 1779ceaa23fbf8..1a8a90d1f32516 100644
--- a/test/parallel/test-quic-handshake.mjs
+++ b/test/parallel/test-quic-handshake.mjs
@@ -54,6 +54,7 @@ ok(serverEndpoint.address !== undefined);
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
 });
 
 const info = await clientSession.opened;
diff --git a/test/parallel/test-quic-internal-endpoint-options.mjs b/test/parallel/test-quic-internal-endpoint-options.mjs
index 306d0c523f4611..1d922b1ce77136 100644
--- a/test/parallel/test-quic-internal-endpoint-options.mjs
+++ b/test/parallel/test-quic-internal-endpoint-options.mjs
@@ -11,6 +11,7 @@ if (!hasQuic) {
 
 // Import after the hasQuic check
 const { QuicEndpoint } = await import('node:quic');
+const { BlockList } = await import('node:net');
 
 // Reject invalid options
 ['a', null, false, NaN].forEach((i) => {
@@ -53,25 +54,71 @@ const cases = [
     invalid: [-1, 65536, 1.5, 'a', null, false, true, {}, [], () => {}]
   },
   {
-    key: 'maxStatelessResetsPerHost',
+    key: 'addressLRUSize',
     valid: [
       1, 10, 100, 1000, 10000, 10000n,
     ],
     invalid: [-1, -1n, 'a', null, false, true, {}, [], () => {}]
   },
   {
-    key: 'addressLRUSize',
-    valid: [
-      1, 10, 100, 1000, 10000, 10000n,
-    ],
-    invalid: [-1, -1n, 'a', null, false, true, {}, [], () => {}]
+    key: 'retryRate',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
   },
   {
-    key: 'maxRetries',
-    valid: [
-      1, 10, 100, 1000, 10000, 10000n,
-    ],
-    invalid: [-1, -1n, 'a', null, false, true, {}, [], () => {}]
+    key: 'retryBurst',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'statelessResetRate',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'statelessResetBurst',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'versionNegotiationRate',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'versionNegotiationBurst',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'immediateCloseRate',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'immediateCloseBurst',
+    valid: [0, 1, 10, 100.5, 1000],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'sessionCreationRate',
+    valid: [0, 1, 10, 100.5, 1000, Infinity],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'sessionCreationBurst',
+    valid: [0, 1, 10, 100.5, 1000, Infinity],
+    invalid: [-1, 'a', null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'blockList',
+    valid: [new BlockList()],
+    invalid: ['a', 0, null, false, true, {}, [], () => {}]
+  },
+  {
+    key: 'blockListPolicy',
+    valid: ['deny', 'allow'],
+    invalid: ['invalid', 0, null, false, true, {}, [], () => {}]
   },
   {
     key: 'validateAddress',
diff --git a/test/parallel/test-quic-internal-endpoint-stats-state.mjs b/test/parallel/test-quic-internal-endpoint-stats-state.mjs
index c8e6cb89beaaef..2af27724eb4e18 100644
--- a/test/parallel/test-quic-internal-endpoint-stats-state.mjs
+++ b/test/parallel/test-quic-internal-endpoint-stats-state.mjs
@@ -88,9 +88,15 @@ const {
   strictEqual(typeof endpoint.stats.clientSessions, 'bigint');
   strictEqual(typeof endpoint.stats.serverBusyCount, 'bigint');
   strictEqual(typeof endpoint.stats.retryCount, 'bigint');
+  strictEqual(typeof endpoint.stats.retryRateLimited, 'bigint');
   strictEqual(typeof endpoint.stats.versionNegotiationCount, 'bigint');
+  strictEqual(typeof endpoint.stats.versionNegotiationRateLimited, 'bigint');
   strictEqual(typeof endpoint.stats.statelessResetCount, 'bigint');
+  strictEqual(typeof endpoint.stats.statelessResetRateLimited, 'bigint');
   strictEqual(typeof endpoint.stats.immediateCloseCount, 'bigint');
+  strictEqual(typeof endpoint.stats.immediateCloseRateLimited, 'bigint');
+  strictEqual(typeof endpoint.stats.sessionCreationRateLimited, 'bigint');
+  strictEqual(typeof endpoint.stats.packetsBlocked, 'bigint');
 
   deepStrictEqual(Object.keys(endpoint.stats.toJSON()), [
     'connected',
@@ -104,9 +110,15 @@ const {
     'clientSessions',
     'serverBusyCount',
     'retryCount',
+    'retryRateLimited',
     'versionNegotiationCount',
+    'versionNegotiationRateLimited',
     'statelessResetCount',
+    'statelessResetRateLimited',
     'immediateCloseCount',
+    'immediateCloseRateLimited',
+    'sessionCreationRateLimited',
+    'packetsBlocked',
   ]);
   strictEqual(typeof inspect(endpoint.stats), 'string');
 }
@@ -219,6 +231,7 @@ strictEqual(typeof sessionStats.datagramsReceived, 'bigint');
 strictEqual(typeof sessionStats.datagramsSent, 'bigint');
 strictEqual(typeof sessionStats.datagramsAcknowledged, 'bigint');
 strictEqual(typeof sessionStats.datagramsLost, 'bigint');
+strictEqual(typeof sessionStats.streamsIdleTimedOut, 'bigint');
 strictEqual(typeof sessionStats.toJSON(), 'object');
 strictEqual(typeof inspect(sessionStats), 'string');
 streamStats[kFinishClose]();
diff --git a/test/parallel/test-quic-module-exports.mjs b/test/parallel/test-quic-module-exports.mjs
index 73f69d6bcf8711..1b4b368c60ce61 100644
--- a/test/parallel/test-quic-module-exports.mjs
+++ b/test/parallel/test-quic-module-exports.mjs
@@ -37,6 +37,7 @@ ok(quic.QuicEndpoint);
   });
 
   const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
     onsessionticket(ticket) {
       savedTicket = ticket;
       gotTicket.resolve();
diff --git a/test/parallel/test-quic-new-token.mjs b/test/parallel/test-quic-new-token.mjs
index cafff1146e0da0..5304fa66ccdfc5 100644
--- a/test/parallel/test-quic-new-token.mjs
+++ b/test/parallel/test-quic-new-token.mjs
@@ -40,6 +40,7 @@ const serverEndpoint = await listen(mustCall((serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   servername: 'localhost',
   // Set onnewtoken at connection time to avoid missing the event.
   onnewtoken: mustCall(function(token, address) {
diff --git a/test/parallel/test-quic-reject-unauthorized.mjs b/test/parallel/test-quic-reject-unauthorized.mjs
index e9900fbf31d990..33fa3661a857f2 100644
--- a/test/parallel/test-quic-reject-unauthorized.mjs
+++ b/test/parallel/test-quic-reject-unauthorized.mjs
@@ -25,30 +25,77 @@ await rejects(connect({ port: 1234 }, {
   code: 'ERR_INVALID_ARG_TYPE',
 });
 
-// With rejectUnauthorized: true (the default), connecting with self-signed
-// certs and no CA should produce a validation error in the handshake info.
+// verifyPeer must be one of 'strict', 'auto', 'manual'
+await rejects(connect({ port: 1234 }, {
+  alpn: 'quic-test',
+  verifyPeer: 'invalid',
+}), {
+  code: 'ERR_INVALID_ARG_VALUE',
+});
 
-const serverEndpoint = await listen(mustCall(async (serverSession) => {
-  await serverSession.opened;
+const serverEndpoint = await listen(async (serverSession) => {
+  serverSession.onerror = () => {};
+  await rejects(serverSession.opened, (err) => {
+    ok(err.code === 'ERR_QUIC_TRANSPORT_ERROR' ||
+        err.code === 'ERR_INVALID_STATE');
+    return true;
+  });
   serverSession.close();
-  await serverSession.closed;
-}), {
+}, {
   sni: { '*': { keys: [key], certs: [cert] } },
   alpn: ['quic-test'],
 });
 
-const clientSession = await connect(serverEndpoint.address, {
-  alpn: 'quic-test',
-  servername: 'localhost',
-  // Default: rejectUnauthorized: true
-});
+// --- verifyPeer: 'manual' (current behavior) ---
+// The session.opened promise resolves even with an invalid cert.
+// The validation error is available in the info object.
+{
+  const clientSession = await connect(serverEndpoint.address, {
+    alpn: 'quic-test',
+    servername: 'localhost',
+    verifyPeer: 'manual',
+  });
+
+  const info = await clientSession.opened;
+  // Self-signed cert without CA should produce a validation error.
+  strictEqual(typeof info.validationErrorReason, 'string');
+  ok(info.validationErrorReason.length > 0);
+  strictEqual(typeof info.validationErrorCode, 'string');
+  ok(info.validationErrorCode.length > 0);
 
-const info = await clientSession.opened;
-// Self-signed cert without CA should produce a validation error.
-strictEqual(typeof info.validationErrorReason, 'string');
-ok(info.validationErrorReason.length > 0);
-strictEqual(typeof info.validationErrorCode, 'string');
-ok(info.validationErrorCode.length > 0);
+  await clientSession.close();
+}
+
+// --- verifyPeer: 'auto' (default) ---
+// The session.opened promise rejects when the cert is invalid.
+{
+  const clientSession = await connect(serverEndpoint.address, {
+    alpn: 'quic-test',
+    servername: 'localhost',
+    // verifyPeer defaults to 'auto'
+  });
+
+  await rejects(clientSession.opened, {
+    code: 'ERR_QUIC_TRANSPORT_ERROR',
+  });
+}
+
+// --- verifyPeer: 'strict' ---
+// The TLS handshake itself fails. The session.opened promise rejects.
+{
+  const clientSession = await connect(serverEndpoint.address, {
+    alpn: 'quic-test',
+    servername: 'localhost',
+    verifyPeer: 'strict',
+    // The TLS failure triggers onerror before opened rejects.
+    onerror: mustCall((err) => {
+      ok(err, 'strict mode should fire onerror on invalid cert');
+    }),
+  });
+
+  await rejects(clientSession.opened, {
+    code: 'ERR_QUIC_TRANSPORT_ERROR',
+  });
+}
 
-await clientSession.close();
 await serverEndpoint.close();
diff --git a/test/parallel/test-quic-session-opened-early-destroy.mjs b/test/parallel/test-quic-session-opened-early-destroy.mjs
index 897f6653495884..9c1cbd7f71f3e0 100644
--- a/test/parallel/test-quic-session-opened-early-destroy.mjs
+++ b/test/parallel/test-quic-session-opened-early-destroy.mjs
@@ -44,6 +44,7 @@ const transportParams = { maxIdleTimeout: 1 };
   }, { transportParams });
 
   const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
     transportParams,
   });
 
@@ -70,6 +71,7 @@ const transportParams = { maxIdleTimeout: 1 };
   const serverEndpoint = await listen(mustNotCall, { transportParams });
 
   const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
     transportParams,
   });
 
@@ -96,6 +98,7 @@ const transportParams = { maxIdleTimeout: 1 };
   const clientEndpoint = new QuicEndpoint();
 
   const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
     transportParams,
     endpoint: clientEndpoint,
   });
@@ -127,6 +130,7 @@ const transportParams = { maxIdleTimeout: 1 };
   }), { transportParams });
 
   const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
     transportParams,
   });
 
diff --git a/test/parallel/test-quic-session-opened-validation.mjs b/test/parallel/test-quic-session-opened-validation.mjs
index d9f3d758f6df04..a73fd18734dbff 100644
--- a/test/parallel/test-quic-session-opened-validation.mjs
+++ b/test/parallel/test-quic-session-opened-validation.mjs
@@ -27,7 +27,9 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
   serverSession.close();
 }));
 
-const clientSession = await connect(serverEndpoint.address);
+const clientSession = await connect(serverEndpoint.address, {
+  verifyPeer: 'manual',
+});
 const clientInfo = await clientSession.opened;
 
 // validationErrorReason is a non-empty string describing
diff --git a/test/parallel/test-quic-session-preferred-address-ipv6.mjs b/test/parallel/test-quic-session-preferred-address-ipv6.mjs
index 3eda4a0b04a678..e9f23c3bf554d5 100644
--- a/test/parallel/test-quic-session-preferred-address-ipv6.mjs
+++ b/test/parallel/test-quic-session-preferred-address-ipv6.mjs
@@ -81,6 +81,7 @@ console.log(serverEndpoint.address);
 const clientSession = await connect(serverEndpoint.address, {
   // We don't want this endpoint to reuse either of the two listening endpoints.
   reuseEndpoint: false,
+  preferredAddressPolicy: 'use',
   transportParams: { maxDatagramFrameSize: 1200 },
   ondatagramstatus: mustCall((id, status) => {
     if (++statusCount >= 4) allStatusDone.resolve();
diff --git a/test/parallel/test-quic-session-preferred-address.mjs b/test/parallel/test-quic-session-preferred-address.mjs
index 59858649bec29a..c4a55ee4d42b74 100644
--- a/test/parallel/test-quic-session-preferred-address.mjs
+++ b/test/parallel/test-quic-session-preferred-address.mjs
@@ -65,6 +65,7 @@ const serverEndpoint = await listen(handleSession, {
 const clientSession = await connect(serverEndpoint.address, {
   // We don't want this endpoint to reuse either of the two listening endpoints.
   reuseEndpoint: false,
+  preferredAddressPolicy: 'use',
   transportParams: { maxDatagramFrameSize: 1200 },
   ondatagramstatus: mustCall((id, status) => {
     if (++statusCount >= 4) allStatusDone.resolve();
diff --git a/test/parallel/test-quic-session-stream-lifecycle.mjs b/test/parallel/test-quic-session-stream-lifecycle.mjs
index 2eb35145dfe9fe..a4bd287cdc6dcd 100644
--- a/test/parallel/test-quic-session-stream-lifecycle.mjs
+++ b/test/parallel/test-quic-session-stream-lifecycle.mjs
@@ -52,7 +52,9 @@ strictEqual(epStats.isConnected, true);
 ok(epStats.createdAt > 0n);
 
 // Connect with a client
-const clientSession = await quic.connect(serverEndpoint.address);
+const clientSession = await quic.connect(serverEndpoint.address, {
+  verifyPeer: 'manual',
+});
 
 strictEqual(clientSession.destroyed, false);
 ok(clientSession.endpoint !== null);
diff --git a/test/parallel/test-quic-shared-endpoint-stream-close.mjs b/test/parallel/test-quic-shared-endpoint-stream-close.mjs
index 1a76decd4e2937..19e530e50b9ec0 100644
--- a/test/parallel/test-quic-shared-endpoint-stream-close.mjs
+++ b/test/parallel/test-quic-shared-endpoint-stream-close.mjs
@@ -51,6 +51,7 @@ const clientEndpoint = new QuicEndpoint();
 // The client receives the stateless reset and closes session 1.
 const client1 = await connect(serverEndpoint.address, {
   endpoint: clientEndpoint,
+  verifyPeer: 'manual',
   onerror: mustCall((err) => { assert.ok(err); }),
 });
 await client1.opened;
@@ -75,6 +76,7 @@ await assert.rejects(client1.closed, { code: 'ERR_QUIC_TRANSPORT_ERROR' });
 // for session 2 hangs.
 const client2 = await connect(serverEndpoint.address, {
   endpoint: clientEndpoint,
+  verifyPeer: 'manual',
   onerror(err) { /* marks promises as handled */ },
 });
 await client2.opened;
diff --git a/test/parallel/test-quic-sni-mismatch.mjs b/test/parallel/test-quic-sni-mismatch.mjs
index ea77672101355a..dbb2de4c011a30 100644
--- a/test/parallel/test-quic-sni-mismatch.mjs
+++ b/test/parallel/test-quic-sni-mismatch.mjs
@@ -44,6 +44,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
   servername: 'wrong.example.com',
+  verifyPeer: 'manual',
   transportParams: { maxIdleTimeout: 1 },
   onerror: mustCall((err) => {
     strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
diff --git a/test/parallel/test-quic-sni-multi-entry.mjs b/test/parallel/test-quic-sni-multi-entry.mjs
index 254e90e29e3211..2348c844fc96d6 100644
--- a/test/parallel/test-quic-sni-multi-entry.mjs
+++ b/test/parallel/test-quic-sni-multi-entry.mjs
@@ -48,6 +48,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 {
   const cs = await connect(serverEndpoint.address, {
     servername: 'host1.example.com',
+    verifyPeer: 'manual',
     alpn: 'quic-test',
   });
   const info = await cs.opened;
@@ -59,6 +60,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 {
   const cs = await connect(serverEndpoint.address, {
     servername: 'host2.example.com',
+    verifyPeer: 'manual',
     alpn: 'quic-test',
   });
   const info = await cs.opened;
@@ -70,6 +72,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 {
   const cs = await connect(serverEndpoint.address, {
     servername: 'unknown.example.com',
+    verifyPeer: 'manual',
     alpn: 'quic-test',
   });
   const info = await cs.opened;
diff --git a/test/parallel/test-quic-sni-setcontexts.mjs b/test/parallel/test-quic-sni-setcontexts.mjs
index af0c6dc048f1d7..5ad665cdeac960 100644
--- a/test/parallel/test-quic-sni-setcontexts.mjs
+++ b/test/parallel/test-quic-sni-setcontexts.mjs
@@ -42,6 +42,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 {
   const cs = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 2 },
   });
   const info = await cs.opened;
@@ -58,6 +59,7 @@ endpoint.setSNIContexts(
 {
   const cs = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     transportParams: { maxIdleTimeout: 2 },
   });
   const info = await cs.opened;
diff --git a/test/parallel/test-quic-sni.mjs b/test/parallel/test-quic-sni.mjs
index e8669380ba855e..fe93260aceb1f5 100644
--- a/test/parallel/test-quic-sni.mjs
+++ b/test/parallel/test-quic-sni.mjs
@@ -39,6 +39,7 @@ ok(serverEndpoint.address !== undefined);
 // Client connects with servername 'localhost' — should match the SNI entry.
 const clientSession = await connect(serverEndpoint.address, {
   servername: 'localhost',
+  verifyPeer: 'manual',
   alpn: 'quic-test',
 });
 const clientInfo = await clientSession.opened;
diff --git a/test/parallel/test-quic-stateless-reset.mjs b/test/parallel/test-quic-stateless-reset.mjs
index b9fdb397e00c6f..3af4fcc75dfddf 100644
--- a/test/parallel/test-quic-stateless-reset.mjs
+++ b/test/parallel/test-quic-stateless-reset.mjs
@@ -6,8 +6,7 @@
 //        session closes.
 // When disableStatelessReset is true, the server does NOT
 //        send a stateless reset.
-// maxStatelessResetsPerHost rate limits the number of resets
-//        sent to a single remote address.
+// Global token bucket rate limits the total number of resets.
 
 import { hasQuic, skip, mustCall } from '../common/index.mjs';
 import assert from 'node:assert';
@@ -48,6 +47,7 @@ const encoder = new TextEncoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     reuseEndpoint: false,
+    verifyPeer: 'manual',
     onerror: mustCall((err) => {
       strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
     }),
@@ -104,6 +104,7 @@ const encoder = new TextEncoder();
 
   const clientSession = await connect(serverEndpoint.address, {
     reuseEndpoint: false,
+    verifyPeer: 'manual',
     // Short idle timeout so the client doesn't hang waiting for
     // a stateless reset that will never arrive.
     transportParams: { maxIdleTimeout: 1 },
@@ -138,9 +139,8 @@ const encoder = new TextEncoder();
   await serverEndpoint.close();
 }
 
-// maxStatelessResetsPerHost rate limits resets per remote address.
-// The LRU tracks resets per IP+port, so both sessions must share a
-// client endpoint to have the same source address.
+// Global token bucket rate limits stateless resets.
+// With burst=1 and rate=0, only one reset can be sent.
 {
   let sessionCount = 0;
   const serverDestroyed1 = Promise.withResolvers();
@@ -161,12 +161,12 @@ const encoder = new TextEncoder();
       deferred.resolve();
     });
   }, 2), {
-    endpoint: { maxStatelessResetsPerHost: 1 },
+    endpoint: { statelessResetBurst: 1, statelessResetRate: 0 },
     onerror(err) { ok(err); },
   });
 
-  // Both clients share an endpoint so the server sees the same
-  // remote IP+port for both, making the rate limiter apply.
+  // The global token bucket rate limiter applies regardless of
+  // client source address.
   const { QuicEndpoint } = await import('node:quic');
   const clientEndpoint = new QuicEndpoint();
 
@@ -174,6 +174,7 @@ const encoder = new TextEncoder();
 
   const client1 = await connect(serverEndpoint.address, {
     endpoint: clientEndpoint,
+    verifyPeer: 'manual',
     onerror: mustCall((err) => {
       strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
     }),
@@ -200,6 +201,7 @@ const encoder = new TextEncoder();
 
   const client2 = await connect(serverEndpoint.address, {
     endpoint: clientEndpoint,
+    verifyPeer: 'manual',
     // Short idle timeout so the client closes after the server
     // destroys (no stateless reset will arrive, rate-limited).
     transportParams: { maxIdleTimeout: 1 },
@@ -215,7 +217,7 @@ const encoder = new TextEncoder();
   await serverDestroyed2.promise;
 
   // Send a packet — the server would normally send a stateless reset,
-  // but the rate limit (1 per host) is already exhausted.
+  // but the global rate limit (burst of 1) is already exhausted.
   // eslint-disable-next-line no-unused-vars
   const s2b = await client2.createBidirectionalStream({
     body: encoder.encode('after destroy 2'),
@@ -226,6 +228,8 @@ const encoder = new TextEncoder();
 
   strictEqual(serverEndpoint.stats.statelessResetCount, 1n,
               'Second reset should have been rate-limited');
+  ok(serverEndpoint.stats.statelessResetRateLimited > 0n,
+     'Rate-limited counter should be non-zero');
 
   await clientEndpoint.close();
   await serverEndpoint.close();
diff --git a/test/parallel/test-quic-stream-destroy-emits-reset.mjs b/test/parallel/test-quic-stream-destroy-emits-reset.mjs
index 280e25bc293a2d..e8289e13ec84b7 100644
--- a/test/parallel/test-quic-stream-destroy-emits-reset.mjs
+++ b/test/parallel/test-quic-stream-destroy-emits-reset.mjs
@@ -28,11 +28,7 @@ const { listen, connect } = await import('../common/quic.mjs');
 const serverResetSeen = Promise.withResolvers();
 
 const serverEndpoint = await listen(mustCall((serverSession) => {
-  serverSession.onstream = mustCall((stream) => {
-    // The cascade-driven destroy of the server-side stream after the
-    // peer reset rejects `stream.closed` with the wire error; the
-    // test does not assert on its specific shape, only that `onreset`
-    // fired with the expected code.
+  serverSession.onstream = mustCall(async (stream) => {
     stream.onreset = mustCall((err) => {
       strictEqual(err.code, 'ERR_QUIC_APPLICATION_ERROR');
       // The DefaultApplication's internal error code is 0x1n, which
@@ -41,6 +37,12 @@ const serverEndpoint = await listen(mustCall((serverSession) => {
          `expected '1n' in message, got: ${err.message}`);
       serverResetSeen.resolve();
     });
+
+    // The peer's reset causes stream.closed to reject with the reset
+    // error code.
+    await rejects(stream.closed, {
+      code: 'ERR_QUIC_APPLICATION_ERROR',
+    });
   });
 }));
 
diff --git a/test/parallel/test-quic-stream-destroy-emits-stop-sending.mjs b/test/parallel/test-quic-stream-destroy-emits-stop-sending.mjs
index dc78908af7a3b1..47a6d8f1857e4f 100644
--- a/test/parallel/test-quic-stream-destroy-emits-stop-sending.mjs
+++ b/test/parallel/test-quic-stream-destroy-emits-stop-sending.mjs
@@ -35,7 +35,7 @@ const { listen, connect } = await import('../common/quic.mjs');
 const serverObservation = Promise.withResolvers();
 
 const serverEndpoint = await listen(mustCall((serverSession) => {
-  serverSession.onstream = mustCall((stream) => {
+  serverSession.onstream = mustCall(async (stream) => {
     const writer = stream.writer;
     // Sanity: the writer is active before the peer tears the stream
     // down, so desiredSize is a number reflecting the initial
@@ -58,6 +58,11 @@ const serverEndpoint = await listen(mustCall((serverSession) => {
         serverObservation.resolve(writer.desiredSize);
       });
     });
+
+    // The peer's reset causes stream.closed to reject.
+    await assert.rejects(stream.closed, {
+      code: 'ERR_QUIC_APPLICATION_ERROR',
+    });
   });
 }));
 
diff --git a/test/parallel/test-quic-stream-destroy-options-code.mjs b/test/parallel/test-quic-stream-destroy-options-code.mjs
index bdb64329b477bb..6caf9ef794bd3b 100644
--- a/test/parallel/test-quic-stream-destroy-options-code.mjs
+++ b/test/parallel/test-quic-stream-destroy-options-code.mjs
@@ -24,13 +24,19 @@ const { listen, connect } = await import('../common/quic.mjs');
 const serverResetSeen = Promise.withResolvers();
 
 const serverEndpoint = await listen(mustCall((serverSession) => {
-  serverSession.onstream = mustCall((stream) => {
+  serverSession.onstream = mustCall(async (stream) => {
     stream.onreset = mustCall((err) => {
       strictEqual(err.code, 'ERR_QUIC_APPLICATION_ERROR');
       ok(err.message.includes('66n'),
          `expected '66n' in message, got: ${err.message}`);
       serverResetSeen.resolve();
     });
+
+    // The peer's reset causes stream.closed to reject with the reset
+    // error code.
+    await rejects(stream.closed, {
+      code: 'ERR_QUIC_APPLICATION_ERROR',
+    });
   });
 }));
 
diff --git a/test/parallel/test-quic-stream-idle-timeout.mjs b/test/parallel/test-quic-stream-idle-timeout.mjs
new file mode 100644
index 00000000000000..9b2b36b41a8e47
--- /dev/null
+++ b/test/parallel/test-quic-stream-idle-timeout.mjs
@@ -0,0 +1,141 @@
+// Flags: --experimental-quic --experimental-stream-iter --no-warnings
+
+// Test: stream idle timeout.
+// Peer-initiated streams that receive no data within the configured
+// timeout are automatically destroyed.
+
+import { hasQuic, skip, mustCall } from '../common/index.mjs';
+import assert from 'node:assert';
+import { setTimeout } from 'node:timers/promises';
+import { text } from 'node:stream/iter';
+
+const { rejects, strictEqual } = assert;
+
+if (!hasQuic) {
+  skip('QUIC is not enabled');
+}
+
+const { listen, connect } = await import('../common/quic.mjs');
+
+// --- Stream destroyed after idle timeout ---
+{
+  const streamDestroyed = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+      // Don't read — let the stream sit idle after the initial data.
+      // The stream idle timeout should destroy it, rejecting stream.closed.
+      await rejects(stream.closed, {
+        code: 'ERR_QUIC_TRANSPORT_ERROR',
+      });
+      streamDestroyed.resolve();
+    });
+  }), {
+    // Short idle timeout for the test — 500ms.
+    streamIdleTimeout: 100,
+  });
+
+  const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
+    transportParams: { maxIdleTimeout: 1 },
+  });
+
+  await clientSession.opened;
+
+  // Open a stream and send one byte so the server creates the
+  // peer-initiated stream, then stop sending.
+  const clientStream = await clientSession.createUnidirectionalStream();
+  const writer = clientStream.writer;
+  writer.writeSync('x');
+
+  // Wait for the server to destroy the idle stream.
+  await streamDestroyed.promise;
+
+  // The server sent STOP_SENDING when it destroyed the idle stream.
+  // ShutdownStream maps the transport error to the application's
+  // internal error code on the wire, so the client sees an application
+  // error indicating the server rejected the stream.
+  await rejects(clientStream.closed, {
+    code: 'ERR_QUIC_APPLICATION_ERROR',
+  });
+
+  await clientSession.close();
+  await serverEndpoint.close();
+}
+
+// --- Stream with data is NOT destroyed ---
+{
+  const encoder = new TextEncoder();
+  const serverGotData = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+      const data = await text(stream);
+      strictEqual(data, 'xy');
+      serverGotData.resolve();
+      await serverSession.close();
+    });
+  }), {
+    streamIdleTimeout: 500,
+  });
+
+  const clientSession = await connect(serverEndpoint.address, {
+    verifyPeer: 'manual',
+  });
+  await clientSession.opened;
+
+  // Open a stream and send data immediately.
+  const clientStrema = await clientSession.createUnidirectionalStream();
+  const writer = clientStrema.writer;
+  writer.writeSync(encoder.encode('x'));
+
+  // Less than the 500ms idle timeout.
+  await setTimeout(300);
+
+  writer.writeSync(encoder.encode('y'));
+  writer.endSync();
+
+  await Promise.all([serverGotData.promise, clientSession.closed]);
+  await serverEndpoint.close();
+}
+
+// --- Disabled when set to 0 ---
+{
+  const streamSurvived = Promise.withResolvers();
+
+  const serverEndpoint = await listen(mustCall(async (serverSession) => {
+    serverSession.onstream = mustCall(async (stream) => {
+
+      // Do not await this yet.
+      const data = await text(stream);
+
+      // We should receive all the data, even though it is sent with a pause
+      // longer than the default idle timeout.
+      strictEqual(data, 'xy');
+      streamSurvived.resolve();
+    });
+
+    await setTimeout(700);
+    await serverSession.close();
+  }), {
+    streamIdleTimeout: 0,  // Disabled
+  });
+
+  const clientSession = await connect(serverEndpoint.address);
+  await clientSession.opened;
+
+  // Send one byte so the server creates the stream, then stop.
+  const clientStream = await clientSession.createUnidirectionalStream();
+  const writer = clientStream.writer;
+  writer.writeSync('x');
+
+  // Now pause beyond the 500ms default timeout to verify the stream is not
+  // killed by idle timeout.
+  await setTimeout(600);
+
+  writer.writeSync('y');
+  writer.endSync();
+
+  await Promise.all([streamSurvived.promise, clientSession.closed]);
+  await serverEndpoint.close();
+}
diff --git a/test/parallel/test-quic-stream-priority.mjs b/test/parallel/test-quic-stream-priority.mjs
index 1b8128ed6cbe29..bed1fd065fdfc9 100644
--- a/test/parallel/test-quic-stream-priority.mjs
+++ b/test/parallel/test-quic-stream-priority.mjs
@@ -27,6 +27,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
 });
 await clientSession.opened;
 
diff --git a/test/parallel/test-quic-stream-writer-fail-error-code.mjs b/test/parallel/test-quic-stream-writer-fail-error-code.mjs
index 75a680ec4fa8bf..4bf2c2365e9cfe 100644
--- a/test/parallel/test-quic-stream-writer-fail-error-code.mjs
+++ b/test/parallel/test-quic-stream-writer-fail-error-code.mjs
@@ -60,7 +60,7 @@ const allDone = Promise.withResolvers();
 const observed = [];
 
 const serverEndpoint = await listen(mustCall((serverSession) => {
-  serverSession.onstream = mustCall((stream) => {
+  serverSession.onstream = mustCall(async (stream) => {
     const i = nextStreamIndex++;
     stream.onreset = mustCall((err) => {
       observed[i] = wireCodeOf(err);
@@ -69,10 +69,17 @@ const serverEndpoint = await listen(mustCall((serverSession) => {
         allDone.resolve();
       }
     });
+
+    // The peer's reset causes stream.closed to reject.
+    await assert.rejects(stream.closed, {
+      code: 'ERR_QUIC_APPLICATION_ERROR',
+    });
   }, 2);
 }));
 
-const clientSession = await connect(serverEndpoint.address);
+const clientSession = await connect(serverEndpoint.address, {
+  verifyPeer: 'manual',
+});
 await clientSession.opened;
 
 // 1. Plain Error -> session.internalErrorCode (0x1n for non-h3).
diff --git a/test/parallel/test-quic-tls-ca.mjs b/test/parallel/test-quic-tls-ca.mjs
index dae35e975a6760..560d1eb412a43e 100644
--- a/test/parallel/test-quic-tls-ca.mjs
+++ b/test/parallel/test-quic-tls-ca.mjs
@@ -36,6 +36,7 @@ const serverEndpoint = await listen(mustCall(async (serverSession) => {
 const clientSession = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
   servername: 'localhost',
+  verifyPeer: 'manual',
   ca,
 });
 
diff --git a/test/parallel/test-quic-tls-crl.mjs b/test/parallel/test-quic-tls-crl.mjs
index 78a854759695c8..fe5ac007aadefb 100644
--- a/test/parallel/test-quic-tls-crl.mjs
+++ b/test/parallel/test-quic-tls-crl.mjs
@@ -38,6 +38,7 @@ const agent3Cert = readKey('agent3-cert.pem');
 
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     ca: [ca2Cert],
     crl: [ca2Crl],
   });
@@ -64,6 +65,7 @@ const agent3Cert = readKey('agent3-cert.pem');
 
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     ca: [ca2Cert],
     crl: [ca2CrlAgent3],
   });
diff --git a/test/parallel/test-quic-tls-options.mjs b/test/parallel/test-quic-tls-options.mjs
index ccf6488b8a076c..e903f8a64bcad3 100644
--- a/test/parallel/test-quic-tls-options.mjs
+++ b/test/parallel/test-quic-tls-options.mjs
@@ -37,6 +37,7 @@ const cert = readKey('agent1-cert.pem');
 
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     servername: 'localhost',
     ciphers: 'TLS_AES_256_GCM_SHA384',
   });
@@ -62,6 +63,7 @@ const cert = readKey('agent1-cert.pem');
 
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     servername: 'localhost',
     groups: 'P-256',
   });
diff --git a/test/parallel/test-quic-tls-verify-client.mjs b/test/parallel/test-quic-tls-verify-client.mjs
index ae2e89c8785f72..5d893fe8899a2b 100644
--- a/test/parallel/test-quic-tls-verify-client.mjs
+++ b/test/parallel/test-quic-tls-verify-client.mjs
@@ -42,6 +42,7 @@ const clientCert = readKey('agent2-cert.pem');
 
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     keys: [clientKey],
     certs: [clientCert],
   });
@@ -72,6 +73,7 @@ const clientCert = readKey('agent2-cert.pem');
   // Client connects WITHOUT providing a certificate.
   const clientSession = await connect(serverEndpoint.address, {
     alpn: 'quic-test',
+    verifyPeer: 'manual',
     onerror: mustCall((err) => {
       strictEqual(err.code, 'ERR_QUIC_TRANSPORT_ERROR');
     }),
diff --git a/test/parallel/test-quic-token-expired.mjs b/test/parallel/test-quic-token-expired.mjs
index f0f24ac8e891a3..527bb0caac6847 100644
--- a/test/parallel/test-quic-token-expired.mjs
+++ b/test/parallel/test-quic-token-expired.mjs
@@ -41,6 +41,7 @@ const serverEndpoint = await listen((serverSession) => {
 // First connection: receive the token.
 const cs1 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   onnewtoken: mustCall((token) => {
     savedToken = token;
     gotToken.resolve();
@@ -58,6 +59,7 @@ await setTimeout(1500);
 // connection should still succeed (Retry is transparent).
 const cs2 = await connect(serverEndpoint.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   token: savedToken,
 });
 await cs2.opened;
diff --git a/test/parallel/test-quic-token-secret.mjs b/test/parallel/test-quic-token-secret.mjs
index cbafd679d772b6..d50ec343848b87 100644
--- a/test/parallel/test-quic-token-secret.mjs
+++ b/test/parallel/test-quic-token-secret.mjs
@@ -41,6 +41,7 @@ const ep1 = await listen(async (serverSession) => {
 // Get a token from the first server.
 const cs1 = await connect(ep1.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   onnewtoken: mustCall((token) => {
     savedToken = token;
     gotToken.resolve();
@@ -63,6 +64,7 @@ const ep2 = await listen(async (serverSession) => {
 
 const cs2 = await connect(ep2.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   token: savedToken,
 });
 await cs2.opened;
@@ -82,6 +84,7 @@ const ep3 = await listen(async (serverSession) => {
 
 const cs3 = await connect(ep3.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   token: savedToken,
 });
 await cs3.opened;
diff --git a/test/parallel/test-quic-zero-rtt-disabled-server.mjs b/test/parallel/test-quic-zero-rtt-disabled-server.mjs
index 0dffb304c68818..879b3d6779132a 100644
--- a/test/parallel/test-quic-zero-rtt-disabled-server.mjs
+++ b/test/parallel/test-quic-zero-rtt-disabled-server.mjs
@@ -49,6 +49,7 @@ const serverEndpoint1 = await listen((serverSession) => {
 
 const cs1 = await connect(serverEndpoint1.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   onsessionticket(ticket) {
     savedTicket = ticket;
     gotTicket.resolve();
@@ -77,6 +78,7 @@ const serverEndpoint2 = await listen(async (serverSession) => {
 
 const cs2 = await connect(serverEndpoint2.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   sessionTicket: savedTicket,
   token: savedToken,
 });
diff --git a/test/parallel/test-quic-zero-rtt-rejected-settings.mjs b/test/parallel/test-quic-zero-rtt-rejected-settings.mjs
index f29eaec8b6d478..596499f1524207 100644
--- a/test/parallel/test-quic-zero-rtt-rejected-settings.mjs
+++ b/test/parallel/test-quic-zero-rtt-rejected-settings.mjs
@@ -53,6 +53,7 @@ const ep1 = await listen(async (serverSession) => {
 
 const cs1 = await connect(ep1.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   onsessionticket: mustCall((ticket) => {
     savedTicket = ticket;
     gotTicket.resolve();
@@ -88,6 +89,7 @@ const ep2 = await listen((serverSession) => {
 
 const cs2 = await connect(ep2.address, {
   alpn: 'quic-test',
+  verifyPeer: 'manual',
   sessionTicket: savedTicket,
   token: savedToken,
   onerror(err) { ok(err); },