/ Register

Want to subscribe to topics you're interested in?
Become a Member

Nginx [nginx-announce] nginx-1.25.2

Discussion in 'Nginx and PHP-FPM news & discussions' started by pamamolf, Aug 16, 2023.

Previous Thread Next Thread
Loading...
  1. Aug 16, 2023 #1
    pamamolf

    pamamolf Well-Known Member

    4,028
    421
    83
    May 31, 2014
    Ratings:
    +817
    Local Time:
    9:05 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Changes with nginx 1.25.2 15 Aug 2023

    *) Feature: path MTU discovery when using HTTP/3.

    *) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
    HTTP/3.

    *) Change: now nginx uses appname "nginx" when loading OpenSSL
    configuration.

    *) Change: now nginx does not try to load OpenSSL configuration if the
    --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
    environment variable is not set.

    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.

    *) Bugfix: in HTTP/3.


    Hope that HPack and Dynamic TLS are working with it :)
     
  2. Aug 16, 2023 #2
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    5:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    Thanks for heads up. HPack and Dynamic TLS patches have been broken since Nginx 1.25.1 unfortunately.
     
  3. Aug 17, 2023 #3
    pamamolf

    pamamolf Well-Known Member

    4,028
    421
    83
    May 31, 2014
    Ratings:
    +817
    Local Time:
    9:05 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Are they don't needed any more or doesn't offer something at the end?

    As it seems that there is a long time from the previous release without a fix/patch of them...
     
  4. Aug 17, 2023 #4
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    5:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    Nginx 1.25 added HTTP/3 support so underlying major changes to Nginx OpenSSL/QuicTLS/BoringSSL crypto libraries break those patches. Probably will take time for those patch authors/devs to test and understand these changes.
     
  5. Aug 17, 2023 #5
    pamamolf

    pamamolf Well-Known Member

    4,028
    421
    83
    May 31, 2014
    Ratings:
    +817
    Local Time:
    9:05 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    So is it better in terms of performance to stay to the old version with HPACK/DynamicTLS or use the latest version?

    I know that it depends of many things but i am just asking for a general estimation.... ?
     
    Last edited: Aug 17, 2023
  6. Aug 17, 2023 #6
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    5:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    HPACK/Dynamic TLS don't make much difference if you already use Cloudflare in front of Centmin Mod Nginx. HPACK patch only makes a difference if you have alot of traffic in the millions of visitors and only applies to HTTP/2 traffic without Cloudflare in front or with Cloudflare in front and you enable Cloudflare HTTP/2 to Origin feature. Without enabling it, Cloudflare will only talk to Centmin Mod Nginx origin using HTTP/1.1
     
  7. Aug 18, 2023 #7
    pamamolf

    pamamolf Well-Known Member

    4,028
    421
    83
    May 31, 2014
    Ratings:
    +817
    Local Time:
    9:05 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Is it faster to use Cloudflare HTTP/2 to Origin feature?
     
  8. Aug 18, 2023 #8
    eva2000

    eva2000 Administrator Staff Member

    50,919
    11,804
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,262
    Local Time:
    5:05 AM
    Nginx 1.25.x
    MariaDB 10.x
    Eventually should be once they roll out full HTTP2 feature support. They're missing HTTP2 connection multiplexing right now with HTTP2 to origin feature

    https://blog.cloudflare.com/http-2-for-web-developers/

    Still Nginx HTTP2 supports partial HTTP HPACK header compression so you still get smaller headers but HTTP2 HPACK full encoding patch is meant to realise the full gains of HTTP2 header compression but you need alot of traffic to see the header compression size gains
     
Previous Thread Next Thread
Loading...

.