Uploaded byjcak77
107 views

Let's use modern protocols everywhere!

HTTP/1.1 is an obsolete and inefficient protocol for web communication. HTTP/2 provides major improvements such as header compression, multiplexing of requests and responses, and server push that can reduce webpage loading times by over 50%. HTTP/3 is expected in 2019 and will replace TCP with the UDP-based QUIC protocol, addressing limitations of TCP like head-of-line blocking and allowing for faster 0-RTT connections. Organizations should adopt HTTP/2 now and prepare for HTTP/3 to improve performance of their web applications and infrastructure.

Embed presentation

Download to read offline
Let's use modern protocols everywhere! May 2019 Julien Cayzac Ecosystem Services Department Rakuten, Inc.
2 What is the problem? • Text-based protocol • Redundant headers ➡ bandwidth waste • Concurrency? Open many connections! (browsers: 6 sockets/origin) • Request pipelining? Rarely used (complexity, implementation bugs) • HOL Blocking ➡ decreased performance to avoid out-of-order responses • Higher infrastructure cost per request HTTP/1.1 is an obsolete, inefficient protocol
3 HTTP/2 • Old tech: released in 2015 (RFC 7540) • Supported by all modern browsers and HTTP frameworks • Reduces latency, increase concurrency, minimizes protocol overhead • Designed to reduce webpages loading time by >50% • Requests/responses multiplexing, streams & server push • Compatibility with HTTP/1.1 semantics (methods, headers & status codes) HTTP/2 Highlights
4 HTTP/2 • Binary framing layer • Header compression Protocol Overhead Reduction
5 HTTP/2 • Supersedes HTTP Pipelining and fixes HOL Blocking problem (only for HTTP) • Only 1 TCP connection per origin • Bidirectional & prioritizable streams Requests & Responses Multiplexing: Streams
6 HTTP/2 • Related resources can be pushed downstream to the client. • It’s multiplexed too, and pushed promises can be canceled by the client. Server Push
7 HTTP/2 Frontend UI/UX • HTTP/2 can improve throughput between backends too! Backend • HTTP/1.1 best practices can become HTTP/2 antipatterns. Review your habits! • CSS sprites, monolithic JS… Same-origin requests are free with HTTP/2! Mandatory 1st stop: https://developers.google.com/web/fundamentals/
8 Let’s not stop here… Adopt TLS 1.3 now, too!
9 TLS/1.3 • Fairly recent (August 2018) but support is growing: • Enabled by default in Firefox 63, Chrome 70, iOS 12.2 & Android Q. • Already available in BoringSSL, OpenSSL 1.1.1, JDK 11, … • Compatible with both TCP & QUIC! • Better security • Assured Forward Secrecy, Safe Cipher Modes/Options, … • Better performance (0-RTT Data) • Google says establishing a secure connection is 40% faster than with TLS 1.2. • 0-RTT Data should only be enabled for trusted connections (backend) for now, until safety is assessed. TLS/1.3 Highlights
10 TLS/1.3 Establishing a connection with TLS/1.2: - 1 RT for TCP. - 2 RT for negotiating TLS. With 0-RTT Data, data can be transmitted in the first TLS packet, decreasing latency. Handshake: 0-RTT Data
11 ▶ Fast-forward ▶ Plan for HTTP/3!
12 HTTP/3 • Expected in 2019 • Replaces TCP with QUIC • UDP-based, but reliable (packet retries, congestion control, QoS etc) • Addresses shortcomings of TCP (HOL Blocking problem, 3-RTT, …) • Less performance degradation when packets are lost. • 0-RTT Data you can use (➡ safer than in TLS/1.3). • Streams are transport-level (application-level in HTTP/2). • Application-level semantics are still the same as in HTTP/2 and HTTP/1.1. HTTP/3 Highlights
Let's use modern protocols everywhere!

More Related Content

PDF
SPDY and HTTP/2
byFabian Frank
 
PPTX
Introducing HTTP/2
byIdo Flatow
 
PDF
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
bypeychevi
 
PDF
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
byLoad Impact
 
PDF
What HTTP/2.0 Will Do For You
byMark Nottingham
 
PPTX
Introduction to HTTP/2
byIdo Flatow
 
PDF
HTTP/2 Update - FOSDEM 2016
byDaniel Stenberg
 
PDF
Http2 right now
byDaniel Stenberg
 
SPDY and HTTP/2
byFabian Frank
 
Introducing HTTP/2
byIdo Flatow
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
bypeychevi
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
byLoad Impact
 
What HTTP/2.0 Will Do For You
byMark Nottingham
 
Introduction to HTTP/2
byIdo Flatow
 
HTTP/2 Update - FOSDEM 2016
byDaniel Stenberg
 
Http2 right now
byDaniel Stenberg
 

What's hot

PPTX
HTTP/2 Introduction
byWalter Liu
 
PDF
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
PDF
HTTP/2 standard for video streaming
byHung Thai Le
 
PDF
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
byFastly
 
PDF
Meetup tdd
bySantosh Ojha
 
PDF
HTTP 2.0 – What do I need to know?
bySigma Software
 
PPTX
HTTP/2 and SAP Fiori
bySascha Wenninger
 
PPT
JUG louvain websockets
byMarc Tritschler
 
PDF
Primer to Browser Netwroking
byShuya Osaki
 
PDF
HTTP2 & HPACK #pyfes 2013-11-30
byJxck Jxck
 
PPTX
Introduction to HTTP/2
byIdo Flatow
 
PPTX
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
PDF
So that was HTTP/2, what's next?
byDaniel Stenberg
 
PDF
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
byJxck Jxck
 
PDF
HTTP/2 - for TCP/IP Geeks Stockholm
byDaniel Stenberg
 
PDF
Hyderabad Mule meetup #9
bySantosh Ojha
 
PDF
QUIC
byApache Traffic Server
 
PDF
Http2
byDaniel Stenberg
 
PPTX
Internet protocol
bydyllanfranson
 
PPTX
Basics of HTTP - Nafis Fuad
byCefalo
 
HTTP/2 Introduction
byWalter Liu
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
HTTP/2 standard for video streaming
byHung Thai Le
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
byFastly
 
Meetup tdd
bySantosh Ojha
 
HTTP 2.0 – What do I need to know?
bySigma Software
 
HTTP/2 and SAP Fiori
bySascha Wenninger
 
JUG louvain websockets
byMarc Tritschler
 
Primer to Browser Netwroking
byShuya Osaki
 
HTTP2 & HPACK #pyfes 2013-11-30
byJxck Jxck
 
Introduction to HTTP/2
byIdo Flatow
 
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
So that was HTTP/2, what's next?
byDaniel Stenberg
 
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
byJxck Jxck
 
HTTP/2 - for TCP/IP Geeks Stockholm
byDaniel Stenberg
 
Hyderabad Mule meetup #9
bySantosh Ojha
 
QUIC
byApache Traffic Server
 
Http2
byDaniel Stenberg
 
Internet protocol
bydyllanfranson
 
Basics of HTTP - Nafis Fuad
byCefalo
 

Similar to Let's use modern protocols everywhere!

PPTX
HTTP/2 for Developers
bySvetlin Nakov
 
PDF
HTTP/2 - A brief introduction
byGibDevs
 
PDF
A New Internet? Introduction to HTTP/2, QUIC and DOH
byAPNIC
 
PPTX
Next generation web protocols
byDaniel Austin
 
PPTX
HTTP Presentation(What exactly is http).pptx
byRobertDanso
 
PPTX
Http/2
byGeekNightHyderabad
 
PDF
HTTP/2 (2017)
byChristian Mäder
 
PPTX
Http2
byIslam Gamal
 
PDF
Introduction to HTTP2
bySudarshan Pant
 
PDF
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
PDF
Learning HTTP 2 a practical guide for beginners First Edition Garza
byheynsmagat8k
 
PPTX
Http2 Security Perspective
bySunil Kumar
 
PPTX
HTTP/2 - Differences and Performance Improvements with HTTP
byAmit Bhakay
 
PPTX
HTTP/2
byAshish Padalkar
 
PDF
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
byCodemotion
 
PDF
HTTP/3 an early overview
byPraveen Kottarathil
 
PDF
HTTP/2: What's new?
byPiet van Dongen
 
PPTX
Http 2
byNarendran Solai Sridharan
 
PDF
A new Internet? Intro to HTTP/2, QUIC, DoH and DNS over QUIC
byAPNIC
 
PDF
Http 2: Should I care?
byLivePerson
 
HTTP/2 for Developers
bySvetlin Nakov
 
HTTP/2 - A brief introduction
byGibDevs
 
A New Internet? Introduction to HTTP/2, QUIC and DOH
byAPNIC
 
Next generation web protocols
byDaniel Austin
 
HTTP Presentation(What exactly is http).pptx
byRobertDanso
 
Http/2
byGeekNightHyderabad
 
HTTP/2 (2017)
byChristian Mäder
 
Http2
byIslam Gamal
 
Introduction to HTTP2
bySudarshan Pant
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
bySteffen Gebert
 
Learning HTTP 2 a practical guide for beginners First Edition Garza
byheynsmagat8k
 
Http2 Security Perspective
bySunil Kumar
 
HTTP/2 - Differences and Performance Improvements with HTTP
byAmit Bhakay
 
HTTP/2
byAshish Padalkar
 
HTTP2 in action - Piet Van Dongen - Codemotion Amsterdam 2017
byCodemotion
 
HTTP/3 an early overview
byPraveen Kottarathil
 
HTTP/2: What's new?
byPiet van Dongen
 
Http 2
byNarendran Solai Sridharan
 
A new Internet? Intro to HTTP/2, QUIC, DoH and DNS over QUIC
byAPNIC
 
Http 2: Should I care?
byLivePerson
 

Let's use modern protocols everywhere!

  • 1.
    Let's use modernprotocols everywhere! May 2019 Julien Cayzac Ecosystem Services Department Rakuten, Inc.
  • 2.
    2 What is theproblem? • Text-based protocol • Redundant headers ➡ bandwidth waste • Concurrency? Open many connections! (browsers: 6 sockets/origin) • Request pipelining? Rarely used (complexity, implementation bugs) • HOL Blocking ➡ decreased performance to avoid out-of-order responses • Higher infrastructure cost per request HTTP/1.1 is an obsolete, inefficient protocol
  • 3.
    3 HTTP/2 • Old tech:released in 2015 (RFC 7540) • Supported by all modern browsers and HTTP frameworks • Reduces latency, increase concurrency, minimizes protocol overhead • Designed to reduce webpages loading time by >50% • Requests/responses multiplexing, streams & server push • Compatibility with HTTP/1.1 semantics (methods, headers & status codes) HTTP/2 Highlights
  • 4.
    4 HTTP/2 • Binary framinglayer • Header compression Protocol Overhead Reduction
  • 5.
    5 HTTP/2 • Supersedes HTTPPipelining and fixes HOL Blocking problem (only for HTTP) • Only 1 TCP connection per origin • Bidirectional & prioritizable streams Requests & Responses Multiplexing: Streams
  • 6.
    6 HTTP/2 • Related resourcescan be pushed downstream to the client. • It’s multiplexed too, and pushed promises can be canceled by the client. Server Push
  • 7.
    7 HTTP/2 Frontend UI/UX • HTTP/2can improve throughput between backends too! Backend • HTTP/1.1 best practices can become HTTP/2 antipatterns. Review your habits! • CSS sprites, monolithic JS… Same-origin requests are free with HTTP/2! Mandatory 1st stop: https://developers.google.com/web/fundamentals/
  • 8.
    8 Let’s not stophere… Adopt TLS 1.3 now, too!
  • 9.
    9 TLS/1.3 • Fairly recent(August 2018) but support is growing: • Enabled by default in Firefox 63, Chrome 70, iOS 12.2 & Android Q. • Already available in BoringSSL, OpenSSL 1.1.1, JDK 11, … • Compatible with both TCP & QUIC! • Better security • Assured Forward Secrecy, Safe Cipher Modes/Options, … • Better performance (0-RTT Data) • Google says establishing a secure connection is 40% faster than with TLS 1.2. • 0-RTT Data should only be enabled for trusted connections (backend) for now, until safety is assessed. TLS/1.3 Highlights
  • 10.
    10 TLS/1.3 Establishing a connectionwith TLS/1.2: - 1 RT for TCP. - 2 RT for negotiating TLS. With 0-RTT Data, data can be transmitted in the first TLS packet, decreasing latency. Handshake: 0-RTT Data
  • 11.
  • 12.
    12 HTTP/3 • Expected in2019 • Replaces TCP with QUIC • UDP-based, but reliable (packet retries, congestion control, QoS etc) • Addresses shortcomings of TCP (HOL Blocking problem, 3-RTT, …) • Less performance degradation when packets are lost. • 0-RTT Data you can use (➡ safer than in TLS/1.3). • Streams are transport-level (application-level in HTTP/2). • Application-level semantics are still the same as in HTTP/2 and HTTP/1.1. HTTP/3 Highlights