Chromium Blog: Hello HTTP/2, Goodbye SPDY
Just read this myself. Whatever they call it, however it works, as long as it's faster and easy to implement I'll be happy.
woah and all the work I did with SPDY setup guide hehe. At least SPDY is here until 2016 But good news is I have been playing with h2o web server integration for Centmin Mod which natively supports HTTP/2 h2o's features
Quick google on http/2 leads to a nice reads below Architecting Websites For The HTTP/2 Era HTTP/2: A Fast, Secure Bedrock for the Future of SEO - Moz HTTP/2 next-gen Web acceleration protocol nears completion
And just to think LiteSpeed v5.0 is implementing SPDY into their system! Now they'll have to switch to!
nice I believe it might be same for Nginx enabling SPDY enables HTTP2 ? just remember browsers are forcing TLS/SSL fro HTTP/2 so like SPDY will need SSL even if the HTTP/2 specification allows for non-TLS / non-SSL usage
Ilya Grigorik comments of SPDY and HTTP/2 at Re: Google dumps SPDY in favour of HTTP/2, any plans for nginx?
I certainly would expect Nginx to support HTTP/2. I can't imagine they won't. The H2O web server looks interesting too. Scott
While I was testing h2o HTTP/2 server, thought I'd do quick test of OpenLiteSpeed server too as it has HTTP/2 support too OpenLiteSpeed 1.3.8 Code: curl -I https://OPENLITESPEEDHOST.centminmod.com:8082/ HTTP/1.1 200 OK etag: "ed9-5508fbfa-6633c" last-modified: Wed, 18 Mar 2015 04:15:54 GMT content-type: text/html content-length: 3801 accept-ranges: bytes date: Wed, 18 Mar 2015 04:20:13 GMT server: LiteSpeed connection: close cipherscan check Code: ./cipherscan OPENLITESPEEDHOST.centminmod.com:8082 ......... Target: OPENLITESPEEDHOST.centminmod.com:8082 prio ciphersuite protocols pfs_keysize 1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits 2 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits 3 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits 4 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits 5 ECDHE-RSA-RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits 6 ECDHE-RSA-AES256-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits 7 ECDHE-RSA-AES128-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits 8 RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature TLS ticket lifetime hint: 100800 OCSP stapling: not supported Server side cipher ordering check OpenLiteSpeed 1.3.8 SSL server's support for TLS ALPN and NPN extensions on port 8082 ALPN check reports No ALPN negotiated - ALPN is only supported in OpenSSL 1.0.2, so wonder if OpenLiteSpeed 1.3.8 bundled OpenSSL is <1.0.2 ? Code: /opt/h2o_openssl/bin/openssl s_client -alpn h2-14 -host OPENLITESPEEDHOST.centminmod.com -port 8082 --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated NPN check reports that NPN extension is supported = Next protocol: (1) h2-14 Code: /opt/h2o_openssl/bin/openssl s_client -nextprotoneg h2-14 -host OPENLITESPEEDHOST.centminmod.com -port 8082 --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE Next protocol: (1) h2-14 No ALPN negotiated nghttp2 client check for HTTP/2 support in OpenLiteSpeed 1.3.8 on port 8082 Code: /usr/local/http2-15/bin/nghttp -nv https://OPENLITESPEEDHOST.centminmod.com:8082 [ 0.000] Connected [ 0.001][NPN] server offers: * h2-14 * spdy/3.1 * spdy/3 * spdy/2 * http/1.1 The negotiated protocol: h2-14 [ 0.004] send SETTINGS frame <length=12, flags=0x00, stream_id=0> (niv=2) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535] [ 0.004] send HEADERS frame <length=45, flags=0x05, stream_id=1> ; END_STREAM | END_HEADERS (padlen=0) ; Open new stream :method: GET :path: / :scheme: https :authority: OPENLITESPEEDHOST.centminmod.com:8082 accept: */* accept-encoding: gzip, deflate user-agent: nghttp2/0.7.8-DEV [ 0.005] recv SETTINGS frame <length=12, flags=0x00, stream_id=0> (niv=2) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65536] [ 0.005] recv WINDOW_UPDATE frame <length=4, flags=0x00, stream_id=0> (window_size_increment=65535) [ 0.005] send SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.005] recv SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.044] recv (stream_id=1) :status: 200 [ 0.044] recv (stream_id=1) etag: "ed9-5508fbfa-6633c" [ 0.044] recv (stream_id=1) last-modified: Wed, 18 Mar 2015 04:15:54 GMT [ 0.044] recv (stream_id=1) content-type: text/html [ 0.044] recv (stream_id=1) accept-ranges: bytes [ 0.044] recv (stream_id=1) date: Wed, 18 Mar 2015 05:22:46 GMT [ 0.044] recv (stream_id=1) server: LiteSpeed [ 0.044] recv (stream_id=1) content-encoding: gzip [ 0.044] recv (stream_id=1) vary: accept-encoding [ 0.044] recv HEADERS frame <length=109, flags=0x04, stream_id=1> ; END_HEADERS (padlen=0) ; First response header [ 0.044] recv DATA frame <length=10, flags=0x00, stream_id=1> [ 0.044] recv DATA frame <length=1568, flags=0x00, stream_id=1> [ 0.044] recv DATA frame <length=0, flags=0x01, stream_id=1> ; END_STREAM [ 0.044] send GOAWAY frame <length=8, flags=0x00, stream_id=0> (last_stream_id=0, error_code=NO_ERROR(0x00), opaque_data(0)=[])
h2o HTTP2 server tests check https SSL on port 8081 for H20 server using cipherscan Code: ./cipherscan XXX.centminmod.com:8081 .............. Target: XXX.centminmod.com:8081 prio ciphersuite protocols pfs_keysize 1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits 2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits 3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits 4 AES256-GCM-SHA384 TLSv1.2 5 AES256-SHA256 TLSv1.2 6 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 7 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits 8 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits 9 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits 10 AES128-GCM-SHA256 TLSv1.2 11 AES128-SHA256 TLSv1.2 12 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 13 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature TLS ticket lifetime hint: 300 OCSP stapling: supported Client side cipher ordering Using OpenSSL 1.0.2 static compiled client to check h2o SSL server for ALPN and NPN TLS extension support check for ALPN extension support in h2o server - look for ALPN protocol: h2-14 Code: /opt/h2o_openssl/bin/openssl s_client -alpn h2-14 -host XXX.centminmod.com -port 8081 CONNECTED(00000003) --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE ALPN protocol: h2-14 SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 check for NPN extension support in h2o server - look for Next protocol: (1) h2-14 Code: /opt/h2o_openssl/bin/openssl s_client -nextprotoneg h2-14 -host XXX.centminmod.com -port 8081 --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE Next protocol: (1) h2-14 No ALPN negotiated Using nghttp2 client to check h2o SSL server on port 8081 for HTTP/2 support = negotiated protocol = h2 Code: /usr/local/http2-15/bin/nghttp -nv https://XXX.centminmod.com:8081 [ 0.000] Connected The negotiated protocol: h2 [ 0.003] send SETTINGS frame <length=12, flags=0x00, stream_id=0> (niv=2) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535] [ 0.003] send HEADERS frame <length=45, flags=0x05, stream_id=1> ; END_STREAM | END_HEADERS (padlen=0) ; Open new stream :method: GET :path: / :scheme: https :authority: XXX.centminmod.com:8081 accept: */* accept-encoding: gzip, deflate user-agent: nghttp2/0.7.8-DEV [ 0.003] recv SETTINGS frame <length=18, flags=0x00, stream_id=0> (niv=3) [SETTINGS_ENABLE_PUSH(0x02):0] [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):262144] [ 0.003] send SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.003] recv SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.003] recv (stream_id=1) :status: 200 [ 0.003] recv (stream_id=1) server: h2o/1.1.1 [ 0.003] recv (stream_id=1) date: Wed, 18 Mar 2015 02:36:16 GMT [ 0.003] recv (stream_id=1) content-type: text/html [ 0.003] recv (stream_id=1) last-modified: Sat, 14 Mar 2015 19:15:28 GMT [ 0.003] recv (stream_id=1) etag: "550488d0-ed9" [ 0.003] recv HEADERS frame <length=81, flags=0x04, stream_id=1> ; END_HEADERS (padlen=0) ; First response header [ 0.003] recv DATA frame <length=3801, flags=0x01, stream_id=1> ; END_STREAM [ 0.003] send GOAWAY frame <length=8, flags=0x00, stream_id=0> (last_stream_id=0, error_code=NO_ERROR(0x00), opaque_data(0)=[])
let's check out the web protocols google.com supports using nghttp2 client Code: [NPN] server offers: * h2-15 * h2-14 * spdy/3.1 * spdy/3 * http/1.1 I made it easier to install and use nghttp2 by creating a nghttp2 docker image at centminmod/docker-ubuntu-nghttp2 · GitHub It's on Ubuntu due to the much higher software version requirments needed to compile and install nghttp2 Code: nghttp -nv https://google.com:443 [ 0.071] Connected [ 0.096][NPN] server offers: * h2-15 * h2-14 * spdy/3.1 * spdy/3 * http/1.1 The negotiated protocol: h2-14 [ 0.122] recv SETTINGS frame <length=18, flags=0x00, stream_id=0> (niv=3) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535] [SETTINGS_MAX_FRAME_SIZE(0x05):16384] [ 0.122] recv WINDOW_UPDATE frame <length=4, flags=0x00, stream_id=0> (window_size_increment=983041) [ 0.122] send SETTINGS frame <length=12, flags=0x00, stream_id=0> (niv=2) [SETTINGS_MAX_CONCURRENT_STREAMS(0x03):100] [SETTINGS_INITIAL_WINDOW_SIZE(0x04):65535] [ 0.122] send SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.122] send HEADERS frame <length=33, flags=0x05, stream_id=1> ; END_STREAM | END_HEADERS (padlen=0) ; Open new stream :method: GET :path: / :scheme: https :authority: google.com accept: */* accept-encoding: gzip, deflate user-agent: nghttp2/0.7.8-DEV [ 0.147] recv SETTINGS frame <length=0, flags=0x01, stream_id=0> ; ACK (niv=0) [ 0.232] recv (stream_id=1) :status: 301 [ 0.232] recv (stream_id=1) alternate-protocol: 443:quic,p=0.5 [ 0.232] recv (stream_id=1) cache-control: public, max-age=2592000 [ 0.232] recv (stream_id=1) content-length: 220 [ 0.232] recv (stream_id=1) content-type: text/html; charset=UTF-8 [ 0.232] recv (stream_id=1) date: Thu, 19 Mar 2015 02:52:16 GMT [ 0.232] recv (stream_id=1) expires: Sat, 18 Apr 2015 02:52:16 GMT [ 0.232] recv (stream_id=1) location: https://www.google.com/ [ 0.232] recv (stream_id=1) server: gws [ 0.232] recv (stream_id=1) x-frame-options: SAMEORIGIN [ 0.232] recv (stream_id=1) x-xss-protection: 1; mode=block [ 0.232] recv HEADERS frame <length=200, flags=0x04, stream_id=1> ; END_HEADERS (padlen=0) ; First response header [ 0.232] recv DATA frame <length=220, flags=0x01, stream_id=1> ; END_STREAM [ 0.232] recv PING frame <length=8, flags=0x00, stream_id=0> (opaque_data=0000000000000000) [ 0.232] send GOAWAY frame <length=8, flags=0x00, stream_id=0> (last_stream_id=0, error_code=NO_ERROR(0x00), opaque_data(0)=[])
Wikipedia has a nice overview of HTTP/2 at HTTP/2 - Wikipedia, the free encyclopedia they don't list h2o HTTP/2 server though h2o/h2o · GitHub
Doing some h2o HTTP/2 vs Centmin Mod Nginx SPDY/3.1 benchmark comparisons via webpagetest.org h2o HTTP/2 vs Nginx SPDY/3.1 Webpagetest Video comparison for 254+ World Flags Demo h2o HTTP/2 vs Nginx SPDY/3.1 Webpagetest Filmstrip comparison for 254+ World Flags Demo
More info on HTTP/2 at The Shift from SPDY to HTTP/2 | MaxCDN Blog and Performance Calendar » HTTP 2.0 is coming, be ready The Difference Between SPDY and HTTP/2 SPDY HTTP/2 SSL Required. In order to use the protocol and get the speed benefits, connections must be encrypted. SSL Not Required. However websites that use encryption will see a noticeable performance boost over today’s encrypted websites. Fast Encrypted Connections. Does not use the ALPN extension that HTTP/2 uses. Faster Encrypted Connections. The new ALPN extension lets browsers and servers determine which application protocol to use during the initial connection instead of after. Single-Host Multiplexing. Multiplexing happens on one host at a time. Multi-Host Multiplexing. Multiplexing happens on different hosts at the same time. Compression. SPDY leaves a small space for vulnerabilities in its current compression methods. Faster, More Secure Compression. HTTP/2 introduces HPACK, a compression format designed specifically for shortening headers and preventing vulnerabilities. Prioritization. While prioritization is available with SPDY, HTTP/2’s implementation is more flexible and friendlier to proxies. Improved Prioritization. Lets web browsers determine how and when to download a web page’s content more efficiently.
Chrome and Opera can use SPDY extension to display if site uses SPDY / HTTP/2 SPDY indicator - Chrome Web Store Also HTTP/2 FAQ HTTP/2 Frequently Asked Questions
ran a 4 way compare for the following using my revised World Flags demo at H2O HTTP/2 & Nginx SPDY/3.1 SSL Wold Country Flags Demo Nginx non-https over HTTP/1.1 Nginx SPDY/3.1 https over HTTP/1.1 h2o non-https over HTTP/1.1 h2o https over HTTP/2 webpagetest 3g mobile 1.6Mbps/768Kbps 150ms test for best effect to see how page loading differs