an overview from the HTTP2 protocol including comparison with previous version, a deeper look over the protocol enhancements, compatibility matrix with the internet ecosystem and set of online demos that can show the performance optimization.
3. HTTP Today
Using HTTP 1.1 since 1997 / 1999
Connection: keep-alive
Head of Line Blocking
But we still use N TCP Connections per origin
And Many Hacks because requests are evil
Spriting of Images
Resource Inlining
Concatenation of files
Domain Sharding
CDNs
No Header Compression
4. HTTP Problems
Negotiation mechanism that allows clients and servers to elect to use HTTP 1.1, 2.0, or
potentially other non-HTTP protocols.
Maintain high-level compatibility with HTTP 1.1 (for example with methods, status
codes, and URIs, and most header fields)
Decrease latency to improve page load speed in web browsers by considering:
Data compression of HTTP headers
HTTP/2 Server Push
Pipelining of requests
Fixing the head-of-line blocking problem in HTTP 1.x
Multiplexing multiple requests over a single TCP connection
Support common existing use cases of HTTP, such as desktop web browsers, mobile
web browsers, web APIs, web servers at various scales, proxy servers, reverse proxy
servers, firewalls, and content delivery networks
5. 2009 .. SPDY
It came in a beautiful package
Header Compression
Now cookieless domains are useless
Multiplexing
Now we can say that sharding is BAD PRACTICE
Priority First (Ex. Bring my JS and CSS files first)
Server Push
With “Server Hint”, and “RST_STREAM” for HTTP/2
6. Why HTTP/2
Performance matters
HTTP/2 reduces the impact of latency on web applications
TLS is becoming the default
HTTP/2 amortizes TLS costs for the entire application
Enabling new web development
User perceivable improvement in web site performance
Work with today’s internet
Remain compatible with existing content
7. What is HTTP/2
Used SPDY3 as its first draft
Main Driven by Performance
But also includes
Security
Reliability
8. HTTP/2 vs SPDY
Binary instead of ASCII
Header Compression (HPACK - RFC 7541)
Fully multiplexed - Means: Parallelism and Out of Order Req/Res
Stream Prioritization
1 TCP Connection N Streams N Frames
Solves Head of Line Blocking
Server Push what it thinks that the client will need (e.g., assets)
10. HTTP/2 Units
Frames Streams Connections
• Flags
• Type
• Stream Identifier
• Payload
• Length
• Identifier
• State
• Priority
• Flow Control
• Flow Control
11. HTTP/1.1 – Request = Connection HTTP/2 – Request = Stream
…
Each request required dedicated TCP connection TCP connection can have multiple streams (requests)
Responses come in order per connection Responses can come out of order, server can optimize
Each connection requires setup + slow start No connection setup for new streams, no slow start
Application sees “connections” Streams are represented as “connections” to apps
HTTP/2 Connections and Streams
12. Header Compression
:path: /
accept-encoding: gzip,deflate
user-agent:
:authority:
…
Static Table
:authority: www.example.com
Dynamic Table
:method: GET
:scheme: http
:path: /
:authority: www.example.com
Lit-
Index
Name Value
(Huffman-encoded string)
HPACK
13. Header Compression
Each header is expressed as either…
Indexed: Reference to full header in static or dynamic table
Literal:
Name as reference to static/dynamic table entry, or as Huffman-encoded string
Value as Huffman-encoded string
Indexing behavior:
Add to dynamic table
Don’t add to dynamic table
NEVER add to dynamic table (supposed to be persisted through intermediaries)
18. Request Reliability
In HTTP no retry a request when an error occurs
Re-Attempt: It is only possible to some server to do some processing prior to
the error which could result in undesired effects
HTTP/2 Provides 2 mechanisms as guarantee to a client that a request has
not been processing
GOAWAY: the highest stream number that has been processed
REFUSED_STREAM: error code can be included in a RST_STREAM frame
19. Upgrade Request Anatomy
When you don’t know if it supports HTTP/2
GET / HTTP/1.1
Host: server.example.com
Connection: Upgrade, HTTP2-Settings
Upgrade: h2c
HTTP2-Settings:
Response
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: h2c
• “h2c” means no TLS connection
• “h2” means TLS connection [TLS-ALPN]
• Implicit acknowledgement of HTTP2-Settings
20. How To Upgrade
Change Text with Binary
HTTP2 is working over HTTP1.1
NO HTTP without TLS(HTTPS)
Then we have, Binary over Text
So, Implement APLN
22. HTTP/2 Adoption Rate
Browsers: Chrome and Firefox latest versions support already
Servers: Apache (mod_h2), jetty, Apache Traffic Server
Services: Google, Twitter
Proxy: Squid
CDN
Akamai said in the end of the 2015and
CloudFlare when ‘nginx supports HTTP/2’
24. Working With HTTP/2
Hosting
Hosting .NET Apps
IIS 10 on Windows 10
Windows Server 2016
Ngnix
Kestrel
Hosting Java Apps
Apache HTTP 2.4.17+
Jetty 9.3+
Tomcat 9 (still not fully supported)
Hosting Node Apps
Node-http2
Node-spdy
ExpressJS 5.0(Still has issues)
25. Working With HTTP/2
Server software
Apache 2.4.12 Apache Traffic Server supports
HTTP/2.[58]
Caddy supports HTTP/2.[59]
Citrix NetScaler 11.x supports HTTP/2.[60]
Sucuri Supports HTTP/2.[61]
F5 BIG-IP Local Traffic Manager 11.6 supports
HTTP/2.[62]
h2o was built from the ground up for HTTP/2
support.[63]
Jetty 9.3 supports HTTP/2.[64]
LiteSpeed Web Server 5.0 supports
HTTP/2.[65]
Warp (Haskell web server, used by default in
Yesod) supports HTTP/2.
Microsoft IIS supports HTTP/2 in Windows
10[66] and Windows Server 2016.
Netty 4.1 supports HTTP/2.[67]
nginx 1.9.5 supports HTTP/2.[68]
node.js 5.0 supports HTTP/2.[69]
OpenLiteSpeed 1.3.11 and 1.4.8 supports
HTTP/2.[70]
Proxygen supports HTTP/2.
Radware Alteon NG supports HTTP/2.[71]
ShimmerCat was built from the ground up for
HTTP/2 support.[72]
Vert.x 3.3 supports HTTP/2
Wildfly 9 supports HTTP/2.
26. What About .NET
ASP.NET Core is an open source and cross-platform technology by Microsoft
for developing web-based applications. In .NET Framework 4.6.0 Microsoft
announced support for HTTP/2. So the .NET Framework 4.6.0 & 4.6.1 supports
HTTP/2.
Head of Line Blocking HOL: occurs when a line of packets is held up by the first packet, for example in input buffered network switches, out-of-order delivery, and multiple requests in HTTP pipelining.
N: usually 6 connections
Reduce latency
Reduce total number of TCP connections i.e., reduce number of open sockets
Better web security.
Maintain compatibility with HTTP/1.1 clients and server.
Maintain same usability as HTTP/1.1 i.e., can be used wherever we use HTTP/1.1
Better web security.
Multiplexing: Multiple asynchronous HTTP requests over a single TCP connection.
Server Push: Multiple responses for single request
Header Compression: Compress HTTP headers along with content.
Request prioritization: While making multiple HTTP requests to a same domain they can be prioritized.
Binary Protocol: HTTP/2 is binary protocol whereas HTTP/1.1 is text protocol.
HTTP/2 was developed by the IETF’s HTTP Working Group, which maintains the HTTP protocol. It’s made up of a number of HTTP implementers, users, network operators and HTTP experts.
Binary Instead of Text
TLS: Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network.
Server Push: HTTP/2 Server Push is a modern, more efficient equivalent to the common practice of inlining assets in HTTP/1.1. Inlining is when you convert your external JavaScript and CSS resources into <script> and <style> elements in your HTML page. The goal is to minimize the number of HTTP requests between the browser and the server. Server Push accomplishes the same thing, but allows assets to be cached independently so that you’re not sending the same inline CSS styles with every single web page your visitors request.
TCP/IP: TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network (either an intranet or an extranet). When you are set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP.
Why is HTTP/2 binary?
Binary protocols are more efficient to parse, more compact “on the wire”, and most importantly, they are much less error-prone, compared to textual protocols like HTTP/1.x, because they often have a number of affordances to “help” with things like whitespace handling, capitalization, line endings, blank lines and so on.
Inner Structure of Frames/Streams/Connections
To remove the redundant headers, Huffman Coding with static and dynamic tables(Create index address space)
Instead of send the all header we only send indexes to lookup the corresponding key and value
HPack Behavior, How does it works
again, followed by zero or more CONTINUATION frames
RST_STREAM reset stream
Application Layer Protocol Negotiation
TLS: point to point connection and send encrypted information