The document discusses the limitations of the current HTTP protocol and introduces SPDY, a Google proprietary protocol designed to address these issues by allowing multiple concurrent requests over a single TCP connection, compressing headers, and enabling server-initiated communications. It highlights challenges such as resource delays and redundant headers in traditional HTTP, while proposing SPDY's solutions to enhance web performance and security. Additionally, it includes technical implementation details and compatibility considerations for migrating to SPDY from traditional HTTP setups.

1. SPDY
http reloaded

2. GOOGLE PROPRIETARY PROTOCOL
(WILL BE) PART OF HTTP/2.0

3. HTTP Problems
• Single request per connection. Because HTTP can only fetch one resource at a time
(HTTP pipelining helps, but still enforces only a FIFO queue), a server delay of 500 ms
prevents reuse of the TCP channel for additional requests. Browsers work around this
problem by using multiple connections. Since 2008, most browsers have finally moved
from 2 connections per domain to 6.
• Exclusively client-initiated requests. In HTTP, only the client can initiate a request. Even
if the server knows the client needs a resource, it has no mechanism to inform the
client and must instead wait to receive a request for the resource from the client.
• Uncompressed request and response headers. Request headers today vary in size from
~200 bytes to over 2KB. As applications use more cookies and user agents expand
features, typical header sizes of 700-800 bytes is common. For modems or ADSL
connections, in which the uplink bandwidth is fairly low, this latency can be
significant. Reducing the data in headers could directly improve the serialization latency
to send requests.
• Redundant headers. In addition, several headers are repeatedly sent across requests on
the same channel. However, headers such as the User-Agent, Host, and Accept* are
generally static and do not need to be resent.
• Optional data compression. HTTP uses optional compression encodings for data.
Content should always be sent in a compressed format.
Source: http://dev.chromium.org/spdy/spdy-whitepaper

4. Web Requests Are Simple
• Open a connection
• Send a request
• Receive a response
• Done

6. Transfer per Page

7. Many Requests are a Pain
• Caching
• Domain Sharding
– Browser Limits
• Keep Alive
– Dedicated Connections
– Waste Ressources
• Pipelining

8. TCP Handshake
0ms 1) Host A sends a TCP SYNchronize packet to Host B
50ms 2) Host B receives A's SYN
50ms 3) Host B sends a SYNchronize-ACKnowledgement
100ms 4) Host A receives B's SYN-ACK
100ms 5) Host A sends ACKnowledge
150ms 6) Host B receives ACK.
• With a Ping of just 50ms, this takes us 150ms

9. Initial window
• Congestion Control Mechanism
• Avoid overloading clients
• Each ACK of the client increases window
• RFC 3390
– Increasing icwnd
– Small Resonses are complete without ACK
– Avoid the ACK RTT

10. Pushing over http
• Push === Long Polling
• Consumes one connection on clients
• On server
– Used to be expensive to hold
– Modern servers have evented I/O
• WebSockets

11. Headers
http://blog.codecentric.de/
text/html,application/xhtml+xml,application/xm
Accept
l;q=0.9,*/*;q=0.8
Accept-Encoding gzip, deflate
Accept-Language de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Connection keep-alive
__utma=40497137.1800912468.1315901303.13
28525769.1328537171.234;
__utmz=40497137.1326462670.198.110.utmcsr
=twitterfeed|utmccn=blogfeed_de|utmcmd=twi
tter; wp-settings-
3=editor%3Dhtml%26m0%3Do%26m1%3Do%26
m2%3Do%26m3%3Dc%26m4%3Do%26m5%3Do
%26m6%3Do%26m7%3Do%26m8%3Do%26m9
%3Do%26m10%3Do%26m11%3Do%26align%3D
Cookie
center%26imgsize%3Dfull%26urlbutton%3Dnon
e%26hidetb%3D0; wp-settings-time-
3=1328519940;
__utma=162617902.1417890302.1315914276.1
328537194.1328541774.63;
__utmz=162617902.1328537194.62.41.utmcsr=
blog.codecentric.de|utmccn=(referral)|utmcmd
=referral|utmcct=/; wp-settings-time-
81=1321966374
Host blog.codecentric.de
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0)
User-Agent
Gecko/20100101 Firefox/10.0

12. Headers
http://www.codecentric.de/files/2012/02/adlite.png
Accept image/png,image/*;q=0.8,*/*;q=0.5
Accept-Encoding gzip, deflate
Accept-Language de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Connection keep-alive
__utma=162617902.1417890302.13159
14276.1328537194.1328541774.63;
__utmz=162617902.1328537194.62.41.u
tmcsr=blog.codecentric.de|utmccn=(refe
rral)|utmcmd=referral|utmcct=/; wp-
Cookie settings-
3=m0%3Do%26m1%3Do%26m5%3Do%2
6m4%3Do%26editor%3Dhtml%26wplink
%3D1%26align%3Dcenter%26imgsize%3
Dfull%26hidetb%3D1%26m7%3Do%26m
9%3Do; wp-settings-time-3=1326290899
Host www.codecentric.de
Referer http://blog.codecentric.de/
Mozilla/5.0 (Windows NT 6.1; WOW64;
User-Agent
rv:10.0) Gecko/20100101 Firefox/10.0

13. Content Compression
• Gzip is optional
• But generally best practice
LoadModule deflate_module /usr/lib/httpd/modules/mod_deflate.so

14. SPDY TO THE RESCUE

15. SPDY Solutions
• Allow many concurrent HTTP requests to run across a single
TCP session.
• Reduce the bandwidth currently used by HTTP by
compressing headers and eliminating unnecessary headers.
• Make SSL the underlying transport protocol, for better
security and compatibility with existing network
infrastructure. Although SSL does introduce a latency
penalty, we believe that the long-term future of the web
depends on a secure network connection. In addition, the
use of SSL is necessary to ensure that communication
across existing proxies is not broken.
• Enable the server to initiate communications with the client
and push data to the client whenever possible.
Source: http://dev.chromium.org/spdy/spdy-whitepaper

16. Connection Multiplexing
• Single TCP Connection transports all requests
• TCP Handshake still exists
• Inital cwnd should be 16

17. Compression
• All data is compressed
• Includes headers
• Redundand data is removed
– User Agent of second request is known to be same
as on first

18. SSL
• Not said to be a problem with HTTP
• SSL should be default
– But actually expensive
• SSL hides SPDY traffic, so that proxies don't
break it 

19. Pushing
• Long Lasting Connection By Design
• Send does not close the "request"
• Two flavors
– Server push
– Server hint

20. Compatibility
• SPDY is backwards compatible
• Uses Next Protocol Negotiation
– tools.ietf.org/html/draft-agl-tls-nextprotoneg-02

21. SPDY Support
Clients Server
• Chrome • Apache mod_spdy
– On since 11 • erlang-spdy
– Ice Cream Sandwich
• node-spdy
• Amazon Silk • Netty 3.3.1
– Kindle Fire
– Means JBoss
• Firefox • Jetty 7.6.2
– experimental in 11
– On in 12/13
• Tomcat SPDY Connector

22. DEMO: MIGRATING PHP ON
APACHE TO SUPPORT SPDY

23. PHP is not Threadsafe
• The way SPDY works is incompatible with non
threadsafe implementations
– one connection one httpd worker
– But multiple requests
• Zend Threadsafe does not support some
features (mysql!)
• Need to externalize it with cgi

24. mod_php to mod_fcgid + php
• yum install mod_fcgid
• vi /etc/httpd/conf/httpd.conf
<Directory "/var/www/html">
Options Indexes FollowSymLinks ExecCGI
</Directory>
• mv /etc/httpd/conf.d/php.conf
/etc/httpd/conf.d/php.conf.bak
• vi /etc/httpd/conf.d/fcgid.conf

25. DirectoryIndex index.php
AddHandler fcgid-script .fcgi .php
DefaultInitEnv PHPRC "/etc/"
MaxRequestsPerProcess 1000
MaxProcessCount 10
MaxRequestLen 209715200
IPCCommTimeout 240
IdleTimeout 240
FCGIWrapper /usr/bin/php-cgi .php

26. mod_prefork to mod_worker
• Needs recompilation
• Luckily we have both already 
– httpd -V | grep MPM
– httpd.worker -V | grep MPM
• sudo vi /etc/init.d/httpd
httpd=${HTTPD-/usr/sbin/httpd.worker}
prog=httpd.worker

27. mod_ssl
• We need mod_ssl patched with NPN
• yum install subversion curl gcc-c++
patch binutils make
• mkdir modssl; cd modssl
• svn export http://mod-
spdy.googlecode.com/svn/trunk/src/bu
ild_modssl_with_npn.sh
• ./build_modssl_with_npn.sh
• cp /root/modssl/mod_ssl.so
/etc/httpd/modules/mod_ssl.so

28. [root@centos57 modssl]# ./build_modssl_with_npn.sh
Using buildroot: /tmp/tmp.CooHIy8770
Downloading http://www.openssl.org/source/openssl-1.0.1-beta2.tar.gz
######################################################################## 100.0%
Downloading http://www.apache.org/dist/httpd/httpd-2.2.21.tar.gz
######################################################################## 100.0%
Downloading https://issues.apache.org/bugzilla/attachment.cgi?id=27969context=patch
######################################################################## 100.0%
Uncompressing openssl-1.0.1-beta2.tar.gz ... done
Uncompressing httpd-2.2.21.tar.gz ... done
Applying Apache mod_ssl NPN patch ...
patching file modules/ssl/ssl_private.h
patching file modules/ssl/ssl_engine_init.c
patching file modules/ssl/ssl_engine_io.c
patching file modules/ssl/ssl_engine_kernel.c
patching file modules/ssl/mod_ssl.c
patching file modules/ssl/mod_ssl.h
done
Configuring OpenSSL ... done
Building OpenSSL (this may take a while) ... done
Configuring Apache mod_ssl ... done
Building Apache mod_ssl (this may take a while) ... done
Generated mod_ssl.so at /root/modssl/mod_ssl.so.

29. mod_spdy
• Built from source
• mkdir mod_spdy; cd mod_spdy
• svn co
http://src.chromium.org/svn/trunk/tools/depot_tools
• export PATH="$PATH":`pwd`/depot_tools
• gclient config http://mod-
spdy.googlecode.com/svn/trunk/src
• gclient sync --force
• cd src; make BUILDTYPE=Release
• sudo cp out/Release/libmod_spdy.so
/etc/httpd/modules/mod_spdy.so
• vi /etc/httpd/conf.d/spdy.conf
LoadModule spdy_module /etc/httpd/modules/mod_spdy.so
SpdyEnabled on

30. chrome://net-internals/#spdy

32. Is it spdy?
• www.devthought.com/2012/03/10/chrome-
spdy-indicator/
• ckon.wordpress.com/2012/03/11/spdy-
indicator-for-firefox/

33. HTTP
2.07
seconds

34. HTTPS
4.94
seconds

35. SPDY
2.65
seconds

36. real HTTP
17.83
seconds

37. real SPDY
11.70
seconds

38. LET'S MAKE THE WEB FASTER