While I am no expert, my limited understanding is that these are encrypted UDP tunnels.
All the congestion control, packet loss etc, and Sauasage-Pizza-Away layers, are handled by software on the remote server and in client side software?
Makes it a little harder for Network Admin's to identify traffic in my opinion, all connections are port 443.
No more checking known ports and services-just an opaque wall..who knows whats flowing through the tunnel, WireShark is not my friend here....
I wonder how long until miscreants start utilizing this protocol for data exfiltration, command and control, etc?