an overview from the HTTP2 protocol including comparison with previous version, a deeper look over the protocol enhancements, compatibility matrix with the internet ecosystem and set of online demos that can show the performance optimization.

1. HTTP/2
ISLAM GAMAL

2. topics
HTTP Today
Why HTTP/2
How it works
Working with HTTP2
Demo

3. HTTP Today
 Using HTTP 1.1 since 1997 / 1999
 Connection: keep-alive
 Head of Line Blocking
 But we still use N TCP Connections per origin
 And Many Hacks because requests are evil
 Spriting of Images
 Resource Inlining
 Concatenation of files
 Domain Sharding
 CDNs
 No Header Compression

4. HTTP Problems
 Negotiation mechanism that allows clients and servers to elect to use HTTP 1.1, 2.0, or
potentially other non-HTTP protocols.
 Maintain high-level compatibility with HTTP 1.1 (for example with methods, status
codes, and URIs, and most header fields)
 Decrease latency to improve page load speed in web browsers by considering:
 Data compression of HTTP headers
 HTTP/2 Server Push
 Pipelining of requests
 Fixing the head-of-line blocking problem in HTTP 1.x
 Multiplexing multiple requests over a single TCP connection
 Support common existing use cases of HTTP, such as desktop web browsers, mobile
web browsers, web APIs, web servers at various scales, proxy servers, reverse proxy
servers, firewalls, and content delivery networks

5. 2009 .. SPDY
 It came in a beautiful package
 Header Compression
 Now cookieless domains are useless
 Multiplexing
 Now we can say that sharding is BAD PRACTICE
 Priority First (Ex. Bring my JS and CSS files first)
 Server Push
 With “Server Hint”, and “RST_STREAM” for HTTP/2

6. Why HTTP/2
 Performance matters
 HTTP/2 reduces the impact of latency on web applications
 TLS is becoming the default
 HTTP/2 amortizes TLS costs for the entire application
 Enabling new web development
 User perceivable improvement in web site performance
 Work with today’s internet
 Remain compatible with existing content

7. What is HTTP/2
 Used SPDY3 as its first draft
 Main Driven by Performance
 But also includes
 Security
 Reliability

8. HTTP/2 vs SPDY
 Binary instead of ASCII
 Header Compression (HPACK - RFC 7541)
 Fully multiplexed - Means: Parallelism and Out of Order Req/Res
 Stream Prioritization
 1 TCP Connection  N Streams  N Frames
 Solves Head of Line Blocking
 Server Push what it thinks that the client will need (e.g., assets)

9. HTTP 1.x vs HTTP/2

10. HTTP/2 Units
Frames Streams Connections
• Flags
• Type
• Stream Identifier
• Payload
• Length
• Identifier
• State
• Priority
• Flow Control
• Flow Control

11. HTTP/1.1 – Request = Connection HTTP/2 – Request = Stream
…
Each request required dedicated TCP connection TCP connection can have multiple streams (requests)
Responses come in order per connection Responses can come out of order, server can optimize
Each connection requires setup + slow start No connection setup for new streams, no slow start
Application sees “connections” Streams are represented as “connections” to apps
HTTP/2 Connections and Streams

12. Header Compression
:path: /
accept-encoding: gzip,deflate
user-agent:
:authority:
…
Static Table
:authority: www.example.com
Dynamic Table
:method: GET
:scheme: http
:path: /
:authority: www.example.com
Lit-
Index
Name Value
(Huffman-encoded string)
 HPACK

13. Header Compression
 Each header is expressed as either…
 Indexed: Reference to full header in static or dynamic table
 Literal:
 Name as reference to static/dynamic table entry, or as Huffman-encoded string
 Value as Huffman-encoded string
 Indexing behavior:
 Add to dynamic table
 Don’t add to dynamic table
 NEVER add to dynamic table (supposed to be persisted through intermediaries)

14. HTTP/2 Frame Types
1. DATA
2. HEADERS
3. PRIORITY
4. RST_STREAM
5. SETTINGS
1. SETTINGS_HEADER_TABLE_SIZE
2. SETTINGS_ENABLE_PUSH
3. SETTINGS_MAX_CONCURRENT_STREAMS
4. SETTINGS_INITIAL_WINDOW_SIZE
5. SETTINGS_MAX_FRAME_SIZE
6. SETTINGS_MAX_HEADER_LIST_SIZE
6. PUSH_PROMISE
7. PING
8. GOAWAY
9. WINDOW_UPDATE
10. CONTINUATION

15. HTTP/2 GET

16. HTTP/2 POST Request

17. HTTP/2 POST Response

18. Request Reliability
 In HTTP no retry a request when an error occurs
 Re-Attempt: It is only possible to some server to do some processing prior to
the error which could result in undesired effects
 HTTP/2 Provides 2 mechanisms as guarantee to a client that a request has
not been processing
 GOAWAY: the highest stream number that has been processed
 REFUSED_STREAM: error code can be included in a RST_STREAM frame

19. Upgrade Request Anatomy
 When you don’t know if it supports HTTP/2
GET / HTTP/1.1
Host: server.example.com
Connection: Upgrade, HTTP2-Settings
Upgrade: h2c
HTTP2-Settings:
Response
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: h2c
• “h2c” means no TLS connection
• “h2” means TLS connection [TLS-ALPN]
• Implicit acknowledgement of HTTP2-Settings

20. How To Upgrade
 Change Text with Binary
 HTTP2 is working over HTTP1.1
 NO HTTP without TLS(HTTPS)
 Then we have, Binary over Text
 So, Implement APLN

21. Upgrade Sample

22. HTTP/2 Adoption Rate
 Browsers: Chrome and Firefox latest versions support already
 Servers: Apache (mod_h2), jetty, Apache Traffic Server
 Services: Google, Twitter
 Proxy: Squid
 CDN
 Akamai said in the end of the 2015and
 CloudFlare when ‘nginx supports HTTP/2’

23. Working With HTTP/2

24. Working With HTTP/2
Hosting
 Hosting .NET Apps
 IIS 10 on Windows 10
 Windows Server 2016
 Ngnix
 Kestrel
 Hosting Java Apps
 Apache HTTP 2.4.17+
 Jetty 9.3+
 Tomcat 9 (still not fully supported)
 Hosting Node Apps
 Node-http2
 Node-spdy
 ExpressJS 5.0(Still has issues)

25. Working With HTTP/2
Server software
 Apache 2.4.12 Apache Traffic Server supports
HTTP/2.[58]
 Caddy supports HTTP/2.[59]
 Citrix NetScaler 11.x supports HTTP/2.[60]
 Sucuri Supports HTTP/2.[61]
 F5 BIG-IP Local Traffic Manager 11.6 supports
HTTP/2.[62]
 h2o was built from the ground up for HTTP/2
support.[63]
 Jetty 9.3 supports HTTP/2.[64]
 LiteSpeed Web Server 5.0 supports
HTTP/2.[65]
 Warp (Haskell web server, used by default in
Yesod) supports HTTP/2.
 Microsoft IIS supports HTTP/2 in Windows
10[66] and Windows Server 2016.
 Netty 4.1 supports HTTP/2.[67]
 nginx 1.9.5 supports HTTP/2.[68]
 node.js 5.0 supports HTTP/2.[69]
 OpenLiteSpeed 1.3.11 and 1.4.8 supports
HTTP/2.[70]
 Proxygen supports HTTP/2.
 Radware Alteon NG supports HTTP/2.[71]
 ShimmerCat was built from the ground up for
HTTP/2 support.[72]
 Vert.x 3.3 supports HTTP/2
 Wildfly 9 supports HTTP/2.

26. What About .NET
ASP.NET Core is an open source and cross-platform technology by Microsoft
for developing web-based applications. In .NET Framework 4.6.0 Microsoft
announced support for HTTP/2. So the .NET Framework 4.6.0 & 4.6.1 supports
HTTP/2.

27. Examples
 http://www.http2demo.io/
 https://http2.akamai.com/
 https://http2.golang.org/
 chrome://net-internals/
 http://caniuse.com/

28. Thank You!