HTTP/2

Intro & Practice

Old Problems

- FIFO can't use duplex  connection

- browsers use a lot of connections in concurrency

- big header problem

- setup a connection is expensive and we don't reuse it

- server push is hard to implement

Key features

- Binary Framing

- Multiplexing

- Header Compression

- Server Push

- Others ref to RFC 7540: https://tools.ietf.org/html/rfc7540

Verify plan

- Setup a simple website in HTTP/1.1

- Setup two websites with different HTTP/2 features

- Use docker-compose to map different ports

- Use wireshark to verify binary framing

- Setup self-signed certificate to use TLS in default

Practice location: https://github.com/yc-zhang/http2-practice

Binary Framing & Multiplexing

  • Goal: one domain, one connection
  • Implementation:  Binary Framing & Streams
  • Binary Framing: instead of RAW ASCII, seal data into different frames
    • HEADERS\DATA\PRIORITY\SETTINGS...
  • Streams: the carrier of frame in logical, HTTP2 use it to deal with multiplexing
    • 1 connection - N streams
    • could be used for single or shared
    • independent, bidirectional sequence of frame exchange
    • stream groups share context & flow-control
  • One connection:  TCP-SLOW START problem & bandwidth 

Header compression

  • Save bits: find a algorithm and apply it
  • HPACK - rfc7541
  • GZIP security risk:
    • CRIME could attack with stream compression
    • https://en.wikipedia.org/wiki/CRIME

Server push

  • Server to provide content to clients without waiting for a request
  • Save time & Improve user experience
  • It's not designed to replace web-socket
  • Suitable time and consider the cache
  • Not EASY to deal, follow the best practice before you go

Others

  • Security consideration
  • HTTP/2 is a new protocol which supports HTTP/1.1 syntax
  • Hard to implement below the application layer
  • What about keep-alive
  • What about load balance (HTTP LB or TCP LB)
  • What about customized forwarder or PROXY?
  • Could server push replace web-socket or the other RPC?
  • Impact to WebServices
  • ...

Thanks~

Made with Slides.com