Daniel Stenberg, profile picture
Uploaded byDaniel Stenberg
PDF, PPTX1,294 views

Http3 fullstackfest-2019

Daniel Stenberg gave a presentation on the evolution of HTTP from versions 1 to 2 to the upcoming version 3. He explained the problems with HTTP/1 and how HTTP/2 aimed to address these by using a single TCP connection with multiple streams. However, middleboxes in the internet slow the adoption of upgrades. QUIC was developed as a new transport protocol to run over UDP and enable always-encrypted connections with fewer head-of-line blocking problems. HTTP/3 defines how HTTP can be run over QUIC, providing features like independent streams and faster handshakes while keeping the basic request-response model of HTTP the same. Several challenges around implementations and tooling remain before HTTP/3 is widely adopted.

Embed presentation

Download as PDF, PPTX
Full Stack Fest – Sep 6, 2019
Daniel Stenberg @bagder
Daniel Stenberg @bagder
Daniel Stenberg @bagder
HTTP 1 to 2 to 3HTTP 1 to 2 to 3 ProblemsProblems Why QUIC and how it worksWhy QUIC and how it works HTTP/3HTTP/3 ChallengesChallenges Coming soon!Coming soon! @bagder@bagder
Let the fun begin! specifications haven’t shipped yetspecifications haven’t shipped yet This presentation is public. Photos andThis presentation is public. Photos and sharing are fine!sharing are fine! Questions at the end!Questions at the end! @bagder@bagder
HTTP/1 HTTP/2 HTTP/3 @bagder@bagder
Under the hood GET / HTTP/1.1 Host: www.example.com Accept: */* User-Agent: HTTP-eats-the-world/2019 HTTP/1.1 200 OK Date: Thu, 09 Nov 2018 14:49:00 GMT Server: my-favorite v3 Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Content-Length: 12345 Set-Cookie: this-is-simple=yeah-really; Content-Type: text/html [content] @bagder@bagder
HTTP started done over TCP @bagder@bagder
TCPTCP TCP/IP works over IP Establishes a “connection” 3-way handshake Resends lost packages Delivers a byte stream Clear text @bagder@bagder
HTTPS means TCP + TLS + HTTP @bagder@bagder
@bagder@bagder
@bagder@bagder
TLSTLS TLS is done over TCP for HTTP/1 or 2 Transport Layer Security Additional handshake Privacy and security @bagder@bagder
Classic HTTP Network Stack IP TCP TLS 1.2+ HTTP @bagder@bagder
HTTP over TCP @bagder@bagder
HTTP/1.1HTTP/1.1 Shipped January 1997 Many parallel TCP connections Better but ineffective TCP use HTTP head-of-line-blocking Numerous work-arounds @bagder@bagder
HTTP/2HTTP/2 Shipped May 2015 Uses single connection per host Many parallel streams TCP head-of-line-blocking @bagder@bagder
OssificationOssification Internet is full of boxes Routers, gateways, firewalls, load balancers, NATs... Boxes run software to handle network data Middle-boxes work on existing protocols Upgrade much slower than edges @bagder@bagder
Internet WWW @bagder@bagder
Ossification casualties HTTP/2 in clear textHTTP/2 in clear text TCP improvements like TFOTCP improvements like TFO TCP/UDP replacementsTCP/UDP replacements HTTP brotliHTTP brotli Future innovationsFuture innovations …… unless encryptedunless encrypted @bagder@bagder
Improvement in spite of ossification @bagder@bagder
@bagder@bagder
@bagder@bagder
A new transport protocol @bagder@bagder
Built on experiences by Google QUIC Google deployed “http2 frames over UDP”-QUIC in 2013Google deployed “http2 frames over UDP”-QUIC in 2013 Widely used clientWidely used client Widely used web servicesWidely used web services Proven to work at web scaleProven to work at web scale Taken to the IETF in 2015Taken to the IETF in 2015 QUIC working group started 2016QUIC working group started 2016 IETF QUIC is now very different than Google QUIC wasIETF QUIC is now very different than Google QUIC was @bagder@bagder
Improvements TCP head of line blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data Connection-IDConnection-ID More encryption, alwaysMore encryption, always Future developmentFuture development @bagder@bagder
Build on top of UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS @bagder@bagder
UDP isn’t reliable, QUIC is UDP Connectionless No resends No flow control QUIC Uses UDP like TCP uses IP Adds connections, resends and flow control on top @bagder@bagder
Streams! QUIC provides streamsQUIC provides streams Many logical flows within a single connectionMany logical flows within a single connection Similar to HTTP/2 but in the transport layerSimilar to HTTP/2 but in the transport layer IndependentIndependent streamsstreams @bagder@bagder
Independent streams TCPTCP QUICQUIC @bagder@bagder
Application protocols over QUICApplication protocols over QUIC Streams for free Could be “any protocol” HTTP worked on as the first Others are planned to follow @bagder@bagder
HTTP/3 = HTTP over QUIC @bagder@bagder
HTTP – same but different RequestRequest - method + path- method + path - headers- headers - body- body ResponseResponse - response code- response code - headers- headers - body- body @bagder@bagder
HTTP – same but different HTTP/1 – in ASCII over TCP HTTP/2 – binary multiplexed over TCP HTTP/3 – binary over multiplexed QUIC @bagder@bagder
Stacks: old vs new TCP TLS 1.2+ HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP HTTP/1 @bagder@bagder streams
Feature comparison @bagder@bagder HTTP/2 HTTP/3 Transport TCP QUIC Streams HTTP/2 QUIC Clear-text version Yes No Independent streams No Yes Header compression HPACK QPACK Server push Yes Yes Early data In theory Yes 0-RTT Handshake No Yes
HTTP/3 is fasterHTTP/3 is faster Faster handshakes Early data that works The independent streams By how much remains to be measured! @bagder@bagder
HTTPS is TCP? HTTPS:// URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443 @bagder@bagder
This service - over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds @bagder@bagder
Will HTTP/3 deliver? @bagder@bagder
Eight HTTP/3 challenges 3-7% of QUIC attempts fail Clients need fall back algorithms 1 2 3 4 5 6 7 8 @bagder@bagder
Eight HTTP/3 challenges CPU intensive Unoptimized UDP stacks 1 2 3 4 5 6 7 8 @bagder@bagder
Eight HTTP/3 challenges “Funny” TLS layer 1 2 3 4 5 6 7 8 @bagder@bagder
Eight HTTP/3 challenges All QUIC stacks are user-land No standard QUIC API 1 2 3 4 5 6 7 8 @bagder@bagder
Eight HTTP/3 challenges Lack of tooling 1 2 3 4 5 6 7 8 @bagder@bagder
Ship date @bagder@bagder
Implementations Over a dozen QUIC implementations, almost as many HTTP/3 implementations Google, Mozilla, Apple, Facebook, Microsoft, Akamai, Fastly, Cloudflare, F5, LiteSpeed, and more No browser ships HTTP/3 yet. Chrome or Safari first? Neither do Apache, nginx or IIS. Caddy! curl! @bagder@bagder
HTTP/3 in curl ExperimentalExperimental h3-22 has landed Alt-svcAlt-svc support is there Based on ngtcp2ngtcp2 and quichequiche FallbackFallback is tricky Try it! Try it! @bagder@bagder
HTTP/3 will take timeHTTP/3 will take time HTTP/3 will grow slowerHTTP/3 will grow slower Some will stick to HTTP/2Some will stick to HTTP/2 QUIC is for the long termQUIC is for the long term @bagder@bagder
FutureFuture MultipathMultipath Forward error correctionForward error correction Unreliable streamsUnreliable streams More application protocolsMore application protocols @bagder@bagder
Take-aways HTTP/3 is coming soonHTTP/3 is coming soon HTTP/3 is always encryptedHTTP/3 is always encrypted Similar to HTTP/2 but over QUICSimilar to HTTP/2 but over QUIC QUIC is transport over UDPQUIC is transport over UDP Challenges to overcomeChallenges to overcome Early 2020?Early 2020? @bagder@bagder
HTTP/3 Explained https://daniel.haxx.se/http3-explained @bagder@bagder
Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions? @bagder@bagder
Credits QUIC drafts: https://quicwg.github.io/ Images: https://pixabay.com/ This presentation is provided under the Creative Commons Attribution 4.0 International Public License @bagder@bagder

More Related Content

PDF
HTTP/3 for everyone
byDaniel Stenberg
 
PDF
HTTP/3, QUIC and streaming
byDaniel Stenberg
 
PDF
HTTP/3
byDaniel Stenberg
 
PDF
DNS over HTTPS
byDaniel Stenberg
 
PDF
HTTP/3 in curl
byDaniel Stenberg
 
PDF
curl better
byDaniel Stenberg
 
PDF
Just curl it!
byDaniel Stenberg
 
PDF
curl roadmap 2020
byDaniel Stenberg
 
HTTP/3 for everyone
byDaniel Stenberg
 
HTTP/3, QUIC and streaming
byDaniel Stenberg
 
HTTP/3
byDaniel Stenberg
 
DNS over HTTPS
byDaniel Stenberg
 
HTTP/3 in curl
byDaniel Stenberg
 
curl better
byDaniel Stenberg
 
Just curl it!
byDaniel Stenberg
 
curl roadmap 2020
byDaniel Stenberg
 

What's hot

PDF
HTTP/3 over QUIC. All is new but still the same!
byDaniel Stenberg
 
PDF
HTTP/2: What no one is telling you
byFastly
 
PDF
curl - a hobby project that conquered the world
byDaniel Stenberg
 
PDF
Curl with rust
byDaniel Stenberg
 
PDF
Http2
byDaniel Stenberg
 
PDF
Landing code in curl
byDaniel Stenberg
 
PDF
common mistakes when using libcurl
byDaniel Stenberg
 
PDF
Efficient HTTP Apis
byAdrian Cole
 
PDF
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
PDF
HTTP/3 is next generation HTTP
byDaniel Stenberg
 
PDF
HTTP/3 in curl 2020
byDaniel Stenberg
 
PDF
So that was HTTP/2, what's next?
byDaniel Stenberg
 
PDF
HTTP/2 What's inside and Why
byAdrian Cole
 
PDF
Http2 right now
byDaniel Stenberg
 
PDF
Http/2 - What's it all about?
byAndy Davies
 
PDF
Testing curl for security
byDaniel Stenberg
 
PDF
Getting started with libcurl
byDaniel Stenberg
 
PPTX
HTTP/2 for Developers
bySvetlin Nakov
 
PDF
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
byNETWAYS
 
PDF
The state of curl 2020
byDaniel Stenberg
 
HTTP/3 over QUIC. All is new but still the same!
byDaniel Stenberg
 
HTTP/2: What no one is telling you
byFastly
 
curl - a hobby project that conquered the world
byDaniel Stenberg
 
Curl with rust
byDaniel Stenberg
 
Http2
byDaniel Stenberg
 
Landing code in curl
byDaniel Stenberg
 
common mistakes when using libcurl
byDaniel Stenberg
 
Efficient HTTP Apis
byAdrian Cole
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
HTTP/3 is next generation HTTP
byDaniel Stenberg
 
HTTP/3 in curl 2020
byDaniel Stenberg
 
So that was HTTP/2, what's next?
byDaniel Stenberg
 
HTTP/2 What's inside and Why
byAdrian Cole
 
Http2 right now
byDaniel Stenberg
 
Http/2 - What's it all about?
byAndy Davies
 
Testing curl for security
byDaniel Stenberg
 
Getting started with libcurl
byDaniel Stenberg
 
HTTP/2 for Developers
bySvetlin Nakov
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
byNETWAYS
 
The state of curl 2020
byDaniel Stenberg
 

Similar to Http3 fullstackfest-2019

PDF
http3-quic-streaming-2020-200121234036.pdf
byJunZhao68
 
PDF
Learning HTTP 2 a practical guide for beginners First Edition Garza
byheynsmagat8k
 
PDF
HTTP/3 in curl - curl up 2022
byDaniel Stenberg
 
PDF
A new Internet? Intro to HTTP/2, QUIC, DoH and DNS over QUIC
byAPNIC
 
PDF
Introduction to QUIC
byShuya Osaki
 
PDF
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
bypeychevi
 
PDF
A New Internet? Introduction to HTTP/2, QUIC and DOH
byAPNIC
 
PPTX
QUIC protocol.pptx
bySHIVAMPANDEY138243
 
PDF
QUIC
byApache Traffic Server
 
PPTX
HTTP 3.pptx
byDavidEzekiel14
 
PPTX
Next generation web protocols
byDaniel Austin
 
PDF
PAC 2019 virtual Scott Moore
byNeotys
 
PDF
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
PDF
Solving HTTP Problems with Code and Protocols
byC4Media
 
PDF
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
byFastly
 
PDF
HTTP/3 where are we now? State of the art in our servers.
byJean-Frederic Clere
 
PPTX
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
PPTX
HTTP/2 : why upgrading the web? - DjangoCon Europe 2016 Budapest
byQuentin Adam
 
PDF
HTTP/3 an early overview
byPraveen Kottarathil
 
PDF
Web Performance Optimization with HTTP/3
bySangJin Kang
 
http3-quic-streaming-2020-200121234036.pdf
byJunZhao68
 
Learning HTTP 2 a practical guide for beginners First Edition Garza
byheynsmagat8k
 
HTTP/3 in curl - curl up 2022
byDaniel Stenberg
 
A new Internet? Intro to HTTP/2, QUIC, DoH and DNS over QUIC
byAPNIC
 
Introduction to QUIC
byShuya Osaki
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
bypeychevi
 
A New Internet? Introduction to HTTP/2, QUIC and DOH
byAPNIC
 
QUIC protocol.pptx
bySHIVAMPANDEY138243
 
QUIC
byApache Traffic Server
 
HTTP 3.pptx
byDavidEzekiel14
 
Next generation web protocols
byDaniel Austin
 
PAC 2019 virtual Scott Moore
byNeotys
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
Solving HTTP Problems with Code and Protocols
byC4Media
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
byFastly
 
HTTP/3 where are we now? State of the art in our servers.
byJean-Frederic Clere
 
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
HTTP/2 : why upgrading the web? - DjangoCon Europe 2016 Budapest
byQuentin Adam
 
HTTP/3 an early overview
byPraveen Kottarathil
 
Web Performance Optimization with HTTP/3
bySangJin Kang
 

More from Daniel Stenberg

PDF
mastering libcurl part 1
byDaniel Stenberg
 
PDF
AI slop attacks on the curl project - Daniel Stenberg
byDaniel Stenberg
 
PDF
The state of curl 2022
byDaniel Stenberg
 
PDF
giants, standing on the shoulders of - by Daniel Stenberg
byDaniel Stenberg
 
PDF
What comes after world domination with Daniel Stenberg, April 2025
byDaniel Stenberg
 
PDF
Tightening every bolt at FOSDEM 2025 by Daniel Stenberg
byDaniel Stenberg
 
PDF
digital infrastruktur är open source-1.pdf
byDaniel Stenberg
 
PDF
mastering libcurl part 2
byDaniel Stenberg
 
PDF
curl security by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
PDF
rust in curl by Daniel Stenberg from- curl up 2024
byDaniel Stenberg
 
PDF
trurl 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
PDF
Let me tell you about curl
byDaniel Stenberg
 
PDF
curl - openfourm europe.pdf
byDaniel Stenberg
 
PDF
The state of curl 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
PDF
curl security - curl up 2022
byDaniel Stenberg
 
PDF
curl future 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
PDF
curl experiments - curl up 2022
byDaniel Stenberg
 
mastering libcurl part 1
byDaniel Stenberg
 
AI slop attacks on the curl project - Daniel Stenberg
byDaniel Stenberg
 
The state of curl 2022
byDaniel Stenberg
 
giants, standing on the shoulders of - by Daniel Stenberg
byDaniel Stenberg
 
What comes after world domination with Daniel Stenberg, April 2025
byDaniel Stenberg
 
Tightening every bolt at FOSDEM 2025 by Daniel Stenberg
byDaniel Stenberg
 
digital infrastruktur är open source-1.pdf
byDaniel Stenberg
 
mastering libcurl part 2
byDaniel Stenberg
 
curl security by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
rust in curl by Daniel Stenberg from- curl up 2024
byDaniel Stenberg
 
trurl 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
Let me tell you about curl
byDaniel Stenberg
 
curl - openfourm europe.pdf
byDaniel Stenberg
 
The state of curl 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
curl security - curl up 2022
byDaniel Stenberg
 
curl future 2024 by Daniel Stenberg from curl up 2024
byDaniel Stenberg
 
curl experiments - curl up 2022
byDaniel Stenberg
 

Recently uploaded

PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PPTX
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PPTX
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PPT
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PDF
Presentation on Four Stroke Engine of Ic engine
bySonam Sherpa
 
PPTX
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
PDF
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
PDF
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PDF
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 
PPTX
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
Waste water treatment plant operation and maintenance
byDuggineniRamakrishna
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Presentation on Four Stroke Engine of Ic engine
bySonam Sherpa
 
JAVA Programming Lecture 1 C 4 Yourself.pptx
byyvsbglfaeahuyldzhq
 
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
Early Signs of Constraint Loss in Modern System Design
byReality Drift Archive
 
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 

Http3 fullstackfest-2019

  • 1.
    Full Stack Fest– Sep 6, 2019
  • 2.
  • 3.
  • 4.
  • 5.
    HTTP 1 to2 to 3HTTP 1 to 2 to 3 ProblemsProblems Why QUIC and how it worksWhy QUIC and how it works HTTP/3HTTP/3 ChallengesChallenges Coming soon!Coming soon! @bagder@bagder
  • 6.
    Let the funbegin! specifications haven’t shipped yetspecifications haven’t shipped yet This presentation is public. Photos andThis presentation is public. Photos and sharing are fine!sharing are fine! Questions at the end!Questions at the end! @bagder@bagder
  • 7.
  • 8.
    Under the hood GET/ HTTP/1.1 Host: www.example.com Accept: */* User-Agent: HTTP-eats-the-world/2019 HTTP/1.1 200 OK Date: Thu, 09 Nov 2018 14:49:00 GMT Server: my-favorite v3 Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Content-Length: 12345 Set-Cookie: this-is-simple=yeah-really; Content-Type: text/html [content] @bagder@bagder
  • 9.
    HTTP started doneover TCP @bagder@bagder
  • 10.
    TCPTCP TCP/IP works overIP Establishes a “connection” 3-way handshake Resends lost packages Delivers a byte stream Clear text @bagder@bagder
  • 11.
    HTTPS means TCP+ TLS + HTTP @bagder@bagder
  • 12.
  • 13.
  • 14.
    TLSTLS TLS is doneover TCP for HTTP/1 or 2 Transport Layer Security Additional handshake Privacy and security @bagder@bagder
  • 15.
    Classic HTTP NetworkStack IP TCP TLS 1.2+ HTTP @bagder@bagder
  • 16.
  • 17.
    HTTP/1.1HTTP/1.1 Shipped January 1997 Manyparallel TCP connections Better but ineffective TCP use HTTP head-of-line-blocking Numerous work-arounds @bagder@bagder
  • 18.
    HTTP/2HTTP/2 Shipped May 2015 Usessingle connection per host Many parallel streams TCP head-of-line-blocking @bagder@bagder
  • 19.
    OssificationOssification Internet is fullof boxes Routers, gateways, firewalls, load balancers, NATs... Boxes run software to handle network data Middle-boxes work on existing protocols Upgrade much slower than edges @bagder@bagder
  • 20.
  • 21.
    Ossification casualties HTTP/2 inclear textHTTP/2 in clear text TCP improvements like TFOTCP improvements like TFO TCP/UDP replacementsTCP/UDP replacements HTTP brotliHTTP brotli Future innovationsFuture innovations …… unless encryptedunless encrypted @bagder@bagder
  • 22.
    Improvement in spiteof ossification @bagder@bagder
  • 23.
  • 24.
  • 25.
    A new transportprotocol @bagder@bagder
  • 26.
    Built on experiencesby Google QUIC Google deployed “http2 frames over UDP”-QUIC in 2013Google deployed “http2 frames over UDP”-QUIC in 2013 Widely used clientWidely used client Widely used web servicesWidely used web services Proven to work at web scaleProven to work at web scale Taken to the IETF in 2015Taken to the IETF in 2015 QUIC working group started 2016QUIC working group started 2016 IETF QUIC is now very different than Google QUIC wasIETF QUIC is now very different than Google QUIC was @bagder@bagder
  • 27.
    Improvements TCP head ofline blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data Connection-IDConnection-ID More encryption, alwaysMore encryption, always Future developmentFuture development @bagder@bagder
  • 28.
    Build on topof UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS @bagder@bagder
  • 29.
    UDP isn’t reliable,QUIC is UDP Connectionless No resends No flow control QUIC Uses UDP like TCP uses IP Adds connections, resends and flow control on top @bagder@bagder
  • 30.
    Streams! QUIC provides streamsQUICprovides streams Many logical flows within a single connectionMany logical flows within a single connection Similar to HTTP/2 but in the transport layerSimilar to HTTP/2 but in the transport layer IndependentIndependent streamsstreams @bagder@bagder
  • 31.
  • 32.
    Application protocols overQUICApplication protocols over QUIC Streams for free Could be “any protocol” HTTP worked on as the first Others are planned to follow @bagder@bagder
  • 33.
    HTTP/3 = HTTPover QUIC @bagder@bagder
  • 34.
    HTTP – samebut different RequestRequest - method + path- method + path - headers- headers - body- body ResponseResponse - response code- response code - headers- headers - body- body @bagder@bagder
  • 35.
    HTTP – samebut different HTTP/1 – in ASCII over TCP HTTP/2 – binary multiplexed over TCP HTTP/3 – binary over multiplexed QUIC @bagder@bagder
  • 36.
    Stacks: old vsnew TCP TLS 1.2+ HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP HTTP/1 @bagder@bagder streams
  • 37.
    Feature comparison @bagder@bagder HTTP/2 HTTP/3 TransportTCP QUIC Streams HTTP/2 QUIC Clear-text version Yes No Independent streams No Yes Header compression HPACK QPACK Server push Yes Yes Early data In theory Yes 0-RTT Handshake No Yes
  • 38.
    HTTP/3 is fasterHTTP/3is faster Faster handshakes Early data that works The independent streams By how much remains to be measured! @bagder@bagder
  • 39.
    HTTPS is TCP? HTTPS://URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443 @bagder@bagder
  • 40.
    This service -over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds @bagder@bagder
  • 41.
  • 42.
    Eight HTTP/3 challenges 3-7%of QUIC attempts fail Clients need fall back algorithms 1 2 3 4 5 6 7 8 @bagder@bagder
  • 43.
    Eight HTTP/3 challenges CPUintensive Unoptimized UDP stacks 1 2 3 4 5 6 7 8 @bagder@bagder
  • 44.
    Eight HTTP/3 challenges “Funny”TLS layer 1 2 3 4 5 6 7 8 @bagder@bagder
  • 45.
    Eight HTTP/3 challenges AllQUIC stacks are user-land No standard QUIC API 1 2 3 4 5 6 7 8 @bagder@bagder
  • 46.
    Eight HTTP/3 challenges Lackof tooling 1 2 3 4 5 6 7 8 @bagder@bagder
  • 47.
  • 48.
    Implementations Over a dozenQUIC implementations, almost as many HTTP/3 implementations Google, Mozilla, Apple, Facebook, Microsoft, Akamai, Fastly, Cloudflare, F5, LiteSpeed, and more No browser ships HTTP/3 yet. Chrome or Safari first? Neither do Apache, nginx or IIS. Caddy! curl! @bagder@bagder
  • 49.
    HTTP/3 in curl ExperimentalExperimentalh3-22 has landed Alt-svcAlt-svc support is there Based on ngtcp2ngtcp2 and quichequiche FallbackFallback is tricky Try it! Try it! @bagder@bagder
  • 50.
    HTTP/3 will taketimeHTTP/3 will take time HTTP/3 will grow slowerHTTP/3 will grow slower Some will stick to HTTP/2Some will stick to HTTP/2 QUIC is for the long termQUIC is for the long term @bagder@bagder
  • 51.
    FutureFuture MultipathMultipath Forward error correctionForwarderror correction Unreliable streamsUnreliable streams More application protocolsMore application protocols @bagder@bagder
  • 52.
    Take-aways HTTP/3 is comingsoonHTTP/3 is coming soon HTTP/3 is always encryptedHTTP/3 is always encrypted Similar to HTTP/2 but over QUICSimilar to HTTP/2 but over QUIC QUIC is transport over UDPQUIC is transport over UDP Challenges to overcomeChallenges to overcome Early 2020?Early 2020? @bagder@bagder
  • 53.
  • 54.
  • 55.
    Credits QUIC drafts: https://quicwg.github.io/ Images:https://pixabay.com/ This presentation is provided under the Creative Commons Attribution 4.0 International Public License @bagder@bagder