Want to subscribe to topics you're interested in?
Become a Member

Nginx Nginx Cloudflare patch pack, still effective years later?

Discussion in 'Install & Upgrades or Pre-Install Questions' started by buik, Nov 13, 2020.

  1. buik

    buik “A winner never stops trying.” Premium Member

    1,316
    361
    83
    Apr 29, 2016
    Ratings:
    +1,080
    Local Time:
    7:52 PM
    Hello everyone,

    I want to talk about the effectiveness of the Cloudflare patches for Nginx nowadays.
    Centmin Mod has as offer: Nginx- hpack, dynamic tls records and even before: spdy.

    When I look at the Cloudflare Github source, the oldest patch is already 5 years old.
    5 years is long, very long in technology land.

    But are these patches still effective after years? Has anyone tested this at all?
    And is Nginx significantly faster with various patches from Cloudflare Nginx v.s. the upstream Nginx?

    I see that there is still demand and community members regularly makes the patch compatible with the latest version of Nginx (for example Nginx 1.19)
    As Cloudflare did not update anything for years.

    So the question that arises is simple:

    Are these patches still effective years later?
    Is Nginx significantly faster with patches?
    Does anyone have benchmarks (patched Nginx vs non patched)?

    Thanks.
     
    Last edited: Nov 13, 2020
  2. eva2000

    eva2000 Administrator Staff Member

    45,662
    10,360
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,079
    Local Time:
    4:52 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Can confirm HPACK full encoding patch still works and increases the header compression ratio = reduces size of headers in requests. With patch header compression savings can be between 80 to 95% and without is usually between 20 to 35%

    Dynamic TLS record size patch at least compiles but haven't tested much lately to see how in impacts visual rendering of a page load's assets

    They aren't just about speed but efficiency of the served request. Though if you have Cloudflare in front of Centmin Mod Nginx then you're optimizing the connection between Cloudflare edge servers and your Centmin Mod Nginx origin side. So less header data is being transfered between Cloudflare and your origin with full HPACK encoding HTTP/2 patch.
     
  3. eva2000

    eva2000 Administrator Staff Member

    45,662
    10,360
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,079
    Local Time:
    4:52 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Correction actually this won't happen as Cloudflare talks to origins over HTTP/1.1 and not HTTP/2 so full HPACK encoding via HTTP/2 on Nginx won't apply. But Cloudflare do have plans to talk to origins via HTTP/2 ;)