Download - Http2
![Page 1: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/1.jpg)
http2
Daniel Stenberg, June 12th 2014
![Page 2: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/2.jpg)
Agenda
✗ HTTP today
✗ http2 fundamentals
✗ what http2 improves
✗ implementations
✗ future
![Page 3: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/3.jpg)
Daniel Stenberg
Email: [email protected]: @bagderWeb: daniel.haxx.seBlog: daniel.haxx.se/blog
network hacker at
![Page 4: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/4.jpg)
Please ask!
Feel free to interrupt and ask at any time!
![Page 5: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/5.jpg)
Today
•HTTP 1.1 for everything, huge investments done on top
•The HTTP protocol not as small and easy as once imagined
•Numerous optional parts never implemented widely•HTTP 1.1 does not use TCP optimally•The web has changed significantly since 1997
![Page 6: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/6.jpg)
Requests and payloads grow
![Page 7: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/7.jpg)
connections per page
Average number of TCP connections used to show the front page of the most popular 300,000 sites:
37
![Page 8: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/8.jpg)
Latency kills
![Page 9: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/9.jpg)
Head of line blocking
Pipelining is a troubled child
![Page 10: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/10.jpg)
Things done to overcome RTT pains
Facing problems, creative people find work-arounds
![Page 11: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/11.jpg)
Spriting
Send one big image and use parts of it for different things
![Page 12: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/12.jpg)
Inlining
•data: urls instead of sprites•CSS graphics
.icon1 { background: url(data:image/png;base64,<data>) no-repeat;}
.icon2 { background: url(data:image/png;base64,<data>) no-repeat;}
![Page 13: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/13.jpg)
Concatenation
•Merge multiple javascript files into one big monster•Too much data when only little is needed•Too much to reload when a change is needed•Annoyance for developers
![Page 14: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/14.jpg)
Sharding
•Browsers use 6-8 connections per host•Sites use many host names to allow even more connections
•Still suffers from head of line blocking
![Page 15: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/15.jpg)
So let's...
•Make a protocol less RTT sensitive•Fix pipelining and head of line blocking•Stop the need for ever increasing the number of connections
•… while keeping all “interfaces”
![Page 16: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/16.jpg)
Based on fun with SPDY
•Google driven•Google servers•Google Chrome•Spearheaded the concepts that lead to http2•IETF wanted http2 and SPDY proved to work•SPDY/3 basically became http2 draft-01
![Page 17: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/17.jpg)
Enter http2
•It has to maintain HTTP paradigms•http:// and https:// URLs cannot be changed•HTTP1 servers and clients will be around for decades
•Proxies must be able to convert 1:1•No more optional parts•No more minor version!
![Page 18: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/18.jpg)
Who's making http2 then?
•The IETF...•… working group called HTTPbis ...•… was set out to create an update to HTTP 1.1 ...•… and has continued on to work on http2
![Page 19: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/19.jpg)
How do “normal URLs” work?
![Page 20: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/20.jpg)
Http2 for https://
•Clients use a TLS extension to tell the server what protocol it wants. HTTP1.1, http2, or …
•The selected extension is called ALPN, Application Level Protocol Negotiation.
•NPN was used for SPDY•But...•http2 over TLS has a higher success rate
![Page 21: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/21.jpg)
Http2 for http://
•Clients asks for an upgrade in their HTTP1.1 request using Upgrade:
•A http2 server can then respond “101 Switching” and return a http2 response
•The Chrome and Firefox teams will not do plain text http2
•Internet Explorer will do plain text http2•Infected area
![Page 22: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/22.jpg)
“Opportunistic Encryption”
•Really “Opportunistic Security”•Allows HTTP to transparently use unauthenticated TLS
•ALTSVC enables this•ALTSVC also helps long lived sessions “stuck” on a single server
•HTTP:// URLs over TLS will never be “secure” nor feature the padlock
•Wildly debated. Does it prevent HTTPS adoption or does it help HTTP?
![Page 23: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/23.jpg)
How's the new protocol?
![Page 24: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/24.jpg)
Binary
•No more telnet tricks•Easier framing•TLS and compression anyway...•Wireshark inspector•A handful set frame types, like HEADERS and DATA
![Page 25: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/25.jpg)
Header compression
•HTTP headers are big and are growing•HTTP 1 had no header compression•TCP slow start and initial window size•Headers are notoriously repetitive•Cookies•HPACK•Not a CRIME victim•Padding
![Page 26: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/26.jpg)
Multiplexed (1/2)
•Multiple streams over a single physical connection•Number of parallel streams set by client
![Page 27: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/27.jpg)
Multiplexed (2/2)
![Page 28: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/28.jpg)
Flow control
•Each stream is individually flow controlled•After a default window, they must be given more•Especially useful in proxy cases
![Page 29: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/29.jpg)
change your mind
•In HTTP1 you had to keep receiving or keep sending to maintain the connection
•Leads to data traffic and RTT “waste” every now and then
•In HTTP2 all streams can be cut off at any time
![Page 30: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/30.jpg)
Server push
•HTTP 1 is only client to server requests•Push is a request initiated from the server end•Like a CSS for a HTML page•If allowed by client•RST_STREAM if not wanted•“Pre-populate the cache”
![Page 31: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/31.jpg)
Priorities and dependencies
•client knows what it wants received first•HTML before images. video frame 1 before video frame 2. Viewable images before non-viewable.
•Switching tabs or scrolling page change what's interesting right now
•Dependencies allow fast re-ordering
![Page 32: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/32.jpg)
Extensible
•New frame types can be introduced•Unaware implementations must ignore the new frames
•Discussed extensions include...
•BLOCKED
•ALTSVC
![Page 33: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/33.jpg)
How will http2 affect ordinary humans?
•A better web experience!
•Lower RTT
•Faster page loads
•How much faster?
•We'll find out!
![Page 34: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/34.jpg)
How will http2 affect web development?
•Many “tricks” for HTTP1 performance probably hurt http2 performance
•Tools and authors need to do separate tweaks to optimize
•It will take some time before sites will truly utilize http2's capabilities
![Page 35: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/35.jpg)
Implementations
•Firefox•Twitter•Chrome•curl + nghttp2•Wireshark•Lots of more•Apache•nginx•proxies!
![Page 36: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/36.jpg)
Schedule
•http2 last inter-op met in NYC in June•draft 13 on Friday, June 13•Wide scale deployments planned for autumn 2014•http2 RFC in Q1 2015•Join in and help out!
![Page 37: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/37.jpg)
Will http2 become widely deployed?
•“Look at IPv6”•For some use cases, http2 is not a major boost compared to version 1
•SPDY showed fast growth can happen•Major browsers are on the train•Major services already did SPDY and are likely to go http2. Google, twitter, Facebook, ...
![Page 38: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/38.jpg)
http2 in Firefox
•“about:config”•network.http.spdy.enabled.http2draft•https://twitter.com
![Page 39: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/39.jpg)
http2 in Chrome
•Chrome Canary•--enable-spdy4
![Page 40: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/40.jpg)
http3
•http2 is a foundation for the future•Time to drop legacy HTTP work-arounds?
![Page 41: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/41.jpg)
Thank you!
http2 explained: http://daniel.haxx.se/http2
![Page 42: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/42.jpg)
![Page 43: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/43.jpg)
Doing good is part of our code
![Page 44: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/44.jpg)
Credits
•Inspiration and http2 Lego image from Mark Nottingham: http://www.mnot.net/talks/http2-n-you/
•HTTP trend image and stats from http://httparchive.org
•RTT graph by Mike Belshe
![Page 45: Http2](https://reader030.vdocument.in/reader030/viewer/2022012916/54bd159a4a79593d448b45b2/html5/thumbnails/45.jpg)
License
This presentation and its contents are licensed under the Creative Commons Attribution 4.0 license: http://creativecommons.org/licenses/by/4.0/
This is presentation version 1.1