Want more timely Centmin Mod News Updates?
Become a Member

Nginx nginx 1.13.9 - released

Discussion in 'Nginx and PHP-FPM news & discussions' started by pamamolf, Feb 21, 2018.

  1. Revenge

    Revenge Active Member

    459
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +350
    Local Time:
    9:39 PM
    1.9.x
    10.1.x
    Ok EVA, so your HPACK patch, patched fine.
    Code (Text):
    patch -p1 < nginx-1.13.9_http2-hpack.patch
    patching file auto/modules
    Hunk #1 succeeded at 437 (offset 1 line).
    patching file auto/options
    patching file src/core/ngx_murmurhash.c
    patching file src/core/ngx_murmurhash.h
    patching file src/http/v2/ngx_http_v2.c
    Hunk #1 succeeded at 274 with fuzz 1 (offset 27 lines).
    Hunk #2 succeeded at 2076 with fuzz 1 (offset 54 lines).
    patching file src/http/v2/ngx_http_v2.h
    Hunk #6 succeeded at 414 (offset -1 lines).
    patching file src/http/v2/ngx_http_v2_filter_module.c
    Hunk #1 succeeded at 26 (offset 1 line).
    Hunk #2 succeeded at 88 with fuzz 2 (offset 40 lines).
    Hunk #3 succeeded at 187 with fuzz 2 (offset 45 lines).
    Hunk #4 succeeded at 465 (offset 56 lines).
    Hunk #5 succeeded at 473 (offset 56 lines).
    Hunk #6 succeeded at 493 (offset 56 lines).
    Hunk #7 succeeded at 540 (offset 56 lines).
    Hunk #8 succeeded at 592 (offset 56 lines).
    Hunk #9 succeeded at 1025 (offset 347 lines).
    Hunk #10 succeeded at 1051 (offset 347 lines).
    patching file src/http/v2/ngx_http_v2_table.c


    Then i added --with-http_v2_hpack_enc.

    Now here some strange thing, i noticed from your posts at github that you got a compile error if you compiled it using O3. I don't get any error.
    You found out if you use -Wno-error=strict-aliasing, then you can use O3 without errors, but i don't use that option and its fine. Here are my compile options:

     
  2. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  3. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    What do you mean exactly conflicts ? You mean there's no HTTP/2 Push preload hints headers shown if using fastcgi_cache ? Or fastcgi_cache doesn't work if HTTP/2 Push reload hints headers are used ? Did you setup fastcgi_cache to ignore and bypass cache-control and cookies ? Or only specific cookies to ignore ? You might want to add the HTTP/2 Push mapped cookie to fastcgi_cache ignore to have HTTP/2 Push + fastcgi_cache together but don't see the point as HTTP/2 Push would be best for first time visitors only and not repeat visitors as they would already have the pushed asset in browser level cache on repeat visits.

    If you setup cookie mapping for HTTP/2 Push preload hints headers, then HTTP/2 Push will only ever work on first time visitors and repeat visitors get the cookie and skip HTTP/2 Push in favour of whatever default caching you using - be it browser level cache or something like php's fastcgi_cache. Well that's the theory as I haven't tested with fastcgi_cache. Best to use webpagetest to test HTTP/2 Push vs fastcgi_cache and see for page load speed WebPerf - PageSpeed - How to use webpagetest.org for page load speed testing. Either way ideal is for repeat visits using fastcgi_cache without HTTP/2 Push anyway as that in theory is fastest for repeat visits.

    Yeah renamed it so not confuse zlib 1.2.11 custom library with zlib 1.2.3/1.2.8 system zlib library :D
     
  4. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    5:39 AM
    Mainline
    10.2
    Yes. When page was taken from cache HIT then no push preload links added.

    Yes: fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

    I just tested using Chrome Canary (CTRL+Shift+Delete to remove all cache and cookies) every reload.
     
  5. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Use Chrome 64 to test not Canary seems initiator column doesn't show PUSH sometimes but if you check Canary chrome://net-internals HTTP/2 section it registers the push. So Chrome 64 more reliable if you're checking via devtool network's initiator column.

    Also cookies can be cleared directly in devtools via Application > Cookies section

    upload_2018-2-21_16-3-3.png

    Well that's the ideal way, repeat visits should ideally not use HTTP/2 Push as it will be slower than from browser level cache or any other caching you setup for repeat visitors. The distance traveled between visitors browser cache to browser is much shorter than from your server cache to visitor's browser. HTTP/2 Push ideally should be used on first time visitors only.

    On my test HTTP/2 demo site in California to me in Brisbane Australia, the HTTP/2 pushed CSS downloads in ~13-16ms vs non-pushed first time visit CSS downlaod at 198ms vs browser cached repeat visit CSS download at 8-9ms.

    So ideally you want first->repeat being 16ms->9ms rather than 198ms->9ms
     
  6. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    5:39 AM
    Mainline
    10.2
    Example scenario:

    8:12 am, Visitor A visits domain.com/forum/ (Not generated from fasctcgi_cache / Missed / http2 preload works)
    8:13 am, Visitor B visits domain.com/forum/ (Generated from fasctcgi_cache / Cache Hit / http2 preload Doesn't work)

    I stored cache for 2 minutes.

    Not just repeat visitors but also first time visitors that visited a page taken from fasctcgi_cache/HIT.
    I hope you get what I mean.
     
  7. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Oh i see so not the same visitor but all visitors who visit and get fastcgi_cache'd page. Might want to report the issue to Nginx Trac Tickets for 1.13 – nginx

    Oh you might want to check your fastcgi_cached page if it cached your push mapped cookie too and/or maybe adjust your fastcgi_cache_key Module ngx_http_fastcgi_module
     
  8. Sunka

    Sunka Well-Known Member

    1,145
    315
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +512
    Local Time:
    10:39 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    You lost me :confused:
    How to fix that?
    I am using comodo ssl certificate and is working OK. How to fix that what you said "You're using upload.domain.com self-signed SSL certificate for http2.domain.com site"?

    Thanks:)
     
  9. Owen

    Owen New Member

    2
    4
    3
    Feb 21, 2018
    Ratings:
    +4
    Local Time:
    9:39 PM
    Hi Eva - thanks for raising this. I've updated the statement in the blog post to make it clear that the issue I observed was with Push only (not preload), and I've linked directly to the most recent stackoverflow comment.
     
  10. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Cheers Owen you're welcome. I'll get around to testing web fonts and HTTP/2 push too. Interesting to see how different web browsers handle it :)
     
  11. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    You're using comodo SSL cert on which domain ? on http2.domain.com and self-signed ssl cert on upload.domain.com right as intended right ? How was upload.domain.com Nginx vhost site created ? via centmin.sh menu option 2 with self-sign ssl option = yes ? If you setup comodo manually on http2.domain.com vhost, you might have misconfigured it. Might want to start a new thread in Domains, DNS, Email & SSL Certificates for this.
     
  12. buik

    buik 'The greatest enemy of success is fear' Premium Member

    1,340
    372
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,117
    Local Time:
    10:39 PM
    Thanks for the notification.
    To everyone. It is always advisable to take Cloudflare's wise words before you consider server push.

    Some of the best use cases for HTTP/2 Server Push are:

    • Uncacheable content - Content that is not cached on the edge benefits from Server Push, since it will be requested from the origin earlier in the connection.

    • All assets on a requested page - By pushing all the CSS, JS, and image assets on a given page, it’s possible to transfer the entire page in a single round trip. This is only useful when no third party assets are blocking the page rendering. If the majority of the assets are cached on the client’s browser, this behavior can be wasteful.

    • The most likely next page - If there is a link on the loaded page that is most likely clicked next (for example the most recent post in a blog) you could push both the HTML and all of that pages assets. When the user clicks the link, it will render almost instantly.
     
  13. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yeah cache aware push should solve the wastefulness though I doubt any live site doesn't run with 3rd party assets - Google Adsense and Google Analytics being 2 of the most common. I just wish Google would look at speeding up Adsense and Analytics !
     
  14. Sunka

    Sunka Well-Known Member

    1,145
    315
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +512
    Local Time:
    10:39 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    I have only 1 domain - pijanitvor.com
    Comodo certificate is bought for that domain almost 3 years ago and all working perfectly.

    I do not have any other domain than pijanitvor.com.
    I created that domain 3 years ago with centminmod option 2.
    No self-sign ssl option.
     
  15. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    @Sunka start a new thread in Domains, DNS, Email & SSL Certificates for this ;)

    But if you only have 1 domain with ssl why are you curl header checking http2.domain.com ? You want to be curl header checking a valid HTTPS site with valid SSL certificate
    For example I specifically created a new Nginx vhost site http2.centminmod.com via addons/acmetool.sh with default Letsencrypt SSL certificate for testing Nginx HTTP/2 demo
    Code (Text):
    curl -I https://http2.centminmod.com/
    HTTP/2 200
    date: Wed, 21 Feb 2018 13:42:33 GMT
    content-type: text/html; charset=utf-8
    content-length: 6103
    last-modified: Sun, 11 Feb 2018 01:14:19 GMT
    vary: Accept-Encoding
    etag: "5a7f98eb-17d7"
    server: nginx centminmod
    x-powered-by: centminmod
    strict-transport-security: max-age=31536000; includeSubdomains;
    referrer-policy: strict-origin-when-cross-origin
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    set-cookie: pushcheck=pushed
    link: </purecss/pure-min.css>; rel=preload; as=style, </purecss/grids-responsive-min.css>; rel=preload; as=style
    accept-ranges: bytes
     
  16. buik

    buik 'The greatest enemy of success is fear' Premium Member

    1,340
    372
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,117
    Local Time:
    10:39 PM
    Server push does not have to be faster either.
    For example my test.

    Assets (js (8 files) and css (9 files)) standing apart + server push.
    Is slower than minify + pipeline the same assets into 2 files (all js as one, all css as one) without server push.
     
  17. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yeah usually less number of files + smaller sized files will win regardless of how it's being served. I remember nginx + ngx_pagespeed being faster in both HTTPS and non-HTTPS page load tests than nginx + HTTPS (SPDY/HTTP/2) as ngx_pagespeed bundled up the css and js. That's why I like ngx_pagespeed too :)

    Though there's a slight difference between total page load times versus perceived visual render times (TTFB, Time to first meaningful paint etc). Will be doing alot of Webpagetest.org tests for this WebPerf - PageSpeed - How to use webpagetest.org for page load speed testing :D

    Oh and remember to test on slower speed net connections like 3G mobile profiles :)
     
  18. buik

    buik 'The greatest enemy of success is fear' Premium Member

    1,340
    372
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,117
    Local Time:
    10:39 PM
    I do not know of any (top) site that has server push on.
    Whether it is not profitable or it is too early.

    And to think that Apache and Cloudflare offer server push for years.
    About new tech. Only TLS 1.3 is turned on, on some sites.
     
    Last edited: Feb 22, 2018
  19. eva2000

    eva2000 Administrator Staff Member

    46,013
    10,454
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,217
    Local Time:
    7:39 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yeah if you haven't checked out the HTTP/2 Revisited Youtube by Hooman Beheshti from Fastly at New York Web Performance Meetup then check it out. It also talks about HTTP/2 Push adoption and it's very very very and I mean very low right now SSL - WebPerf - PageSpeed - HTTP/2 HTTPS Revisited. LiteSpeed/OpenLitespeed, Caddy and H2O are all HTTP/2 web servers with HTTP/2 Push but their market share is low compared to Nginx so might account for adoption rates right now.

    Now that Nginx has HTTP/2 Server Push, might see that adoption rate rise :)
     
  20. buik

    buik 'The greatest enemy of success is fear' Premium Member

    1,340
    372
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,117
    Local Time:
    10:39 PM
    Yes, I slipped through a bit. Main conclusion after 1.15 hour of presentation.
    HTTP is far too complex (become) since HTTP/2.