HTTP/2 Introduction
-
Upload
walter-liu -
Category
Technology
-
view
254 -
download
0
Transcript of HTTP/2 Introduction
Negate TCP flow control
Unfair resource sharing
Duplicated data
- DNS lookup (domain sharding)
- TCP 3-way handshaking
- TCP network buffer
- HTTP request/respond header
Workaround – data inlining
<imgsrc="data:image/gif;base64,R0lGODlhEAAOALMAAOazToeHh0tLS/7LZv/0jvb29t/f3//Ub//ge8WSLf/rhf/3kdbW1mxsbP//mf///yH5BAAAAAAALAAAAAAQAA4AAARe8L1Ekyky67QZ1hLnjM5UUde0ECwLJoExKcppV0aCcGCmTIHEIUEqjgaORCMxIC6e0CcguWw6aFjsVMkkIr7g77ZKPJjPZqIyd7sJAgVGoEGv2xsBxqNgYPj/gAwXEQA7” width="16" height="14" alt="embedded folder icon”>
Good: No additional request.
No additional connection
No additional HTTP request/response header
Bad:
Base64 is larger.
Resources are not sharable.
Workaround - Domain sharding
Browser: WAS 2 TCP connection for each domain.
New browsers use 6~8, mobile browsers use 4~6 TCP connections.
Good
Parallel content download
Bad:
More TCP connection, negate TCP flow control, etc.
More Overhead and unfair resource sharing
Workaround - Concatenation
$ cat *.js > site_global.js
* Reduce number of requests
* Reuse cached resources
Key differences with HTTP/1.x
Binary format
Multiplex
Server push
Header compression
Stream Prioritization
Flow Control
HTTP/2 binary format (2/2)
Frame Type: DATA, HEADERS, PRIORITY, RST_STREAM, SETTINGS,
PUSH_PROMISE, PING, GOAWAY, WINDOW_UPDATE, CONTINUATION
* begin with a fixed 9-octet header followed by a variable-length payload
Stream Identifier: incremental, client odd, server even. New connection if
exhausted.
HTTP/2 Stream Prioritization
Advisory
Example,
Highest: main html
High: css files
Mid: Javascript files
Low: images
HTTP/2 Flow Control
Like SSH sliding window flow control
With each individual stream or the entire connection.
Receiver advise the window size, both client and server.
Only DATA frame are flow controled.
Hop-by-hop, not end-to-end
in SETTTINGS frames.
No algorithm in SPEC. Depends on implementers.
Frame Extensions
Not in SPEC right now. F.Y.I.
Alternative Services (ALTSVC frame)
Advisory and OPTIONAL
Alternative service could be multiple. A client chooses the most suitable one.
Example,
("http", "www.example.com", "80") => ("h2", "new.example.com", "81"), <TTL>
Not work like redirect. Origin URI is not changed.
Security context is applied on origin URI.
Like TLS certificates.
Security.consideration?
Must use TLS or strong server authentication if host is changed..
(Study more about how browsers implement this.)
BLOCKED frame
For flow control experiment.
Connect or Upgrade to HTTP/2
1. Send request with Upgrade header2. SETTINGS is bas64 encoded.3. Server declines upgrade.4. Server accepts and change to HTTP/2.
• New HTTPS connection via TLS and ALPN.• New HTTP connection with prior knowledge• New HTTP connection without prior knowledge (Upgrade)
Core concepts of HTTP/2
Preserve HTTP/1.1 paradigms
Change
How data is framed.
How data is transported.
Advantages
Same HTTP APIs
Cheaper Requests
Network-server friendliness
Cache pushing
Like, if the server foresees the client will need below data.
Or invalidate client side cache.
Be able to change your mind (Need to close connection in HTTP/1.x)
Send RST_STREAM to the server to stop sending data of a request.
More encryption
Firefox and Chrom will only support HTTP/2 over TLS.
No more text
Browsers
Firefox
Supported in Firefox 35
TLS only
Chrome
Supported in Chrome 40
TLS only
Chrome will remove SPDY in early 2016.
IE
Also support HTTP/2 over TCP
Supported in IE 11 running on Windows 10.
Safari
Not announced yet.
Server/CDN/Proxy/L4
Nginx: End of 2015
Apache: Not announced yet. (mod_h2?)
IIS: Supported in Windows 10
Akamai: Limited beta right now.
Squid: Supported in 3.6 (Now stable version is 3.5)
L4: unknown.
Tools
Wireshark: Yes
Fiddler: Not announced yet.
CURL/libcurl
Support both TLS and in-secure TCP
URLLib in Python: Seems no
Requests in Python: Seems no
gRPC (http/2+ProtoBuff): RPC framework
References
http://http2.github.io
http://daniel.haxx.se/http2/
http://www.slideshare.net/bagder/http2-right-now-fosdem2015
http://www.slideshare.net/edburns/http2-comes-to-java-what-servlet-
40-means-to-you-devnexus-2015
http://chimera.labs.oreilly.com/books/1230000000545/ch12.html