To summarize http
First, http / 1.1:
Http / 1.1 since its release in 1997, we have been using HTTP / 1. X for quite a long time. However, with the explosive development of the Internet in the past decade, from the original web content dominated by text to the current rich media (such as pictures, voice, video), and more and more applications (such as chat, live video) with high real-time requirements for page content, At that time, some characteristics of the protocol could not meet the needs of modern network.
Defects of HTTP / 1.1
- Stateless feature — the huge HTTP header: the header usually carries many fixed header fields (as shown in the figure below), such as “user agent”, “cookie”, “accept” and “server”, which can be up to hundreds of bytes or even thousands of bytes, but the body often only has dozens of bytes (such as get request, 204 / 301 / 304 response), becoming the “big head son”. The content carried in the header is too large, which increases the transmission cost to some extent. What’s more, there are many duplicate field values in thousands of request response messages, which is very wasteful.
- Plaintext transmission — the insecurity brought by: when http / 1.1 transmits data, all the transmitted content is plaintext, and neither the client nor the server can verify the identity of the other party, which to some extent cannot guarantee the security of the data.
- It does not support server push message. The client needs to poll to get updates, which is a waste of bandwidth and resources.
Brief introduction of spdy protocol and HTTP / 2
1. Spdy agreement
As mentioned above, due to the defects of HTTP / 1. X, we will introduce sprite diagram, inline small diagram, use multiple domain names, etc. to improve performance. However, these optimizations bypassed the protocol. Until 2009, Google released its own spdy protocol, which mainly solved the problem of low efficiency of HTTP / 1.1. Google launched spdy, which is the official transformation of HTTP protocol itself. Reduce the delay, compress the header and so on. The practice of spdy proves the effect of these optimizations, and finally brings the birth of HTTP / 2.
Http / 1.1 has two main disadvantages: insufficient security and low performance. Because of the huge historical burden of HTTP / 1. X, protocol modification and compatibility are the primary consideration. Otherwise, countless existing assets on the Internet will be destroyed. As shown in the figure above, spdy is under HTTP and above TCP and SSL, so it can easily be compatible with the old version of HTTP protocol (encapsulate the content of http1. X into a new frame format), and use the existing SSL functions.
After the spdy protocol proved to be feasible in Chrome browser, it was regarded as the basis of HTTP / 2, and the main features were inherited in http / 2.
2. Introduction to http / 2
There are two main reasons for the significant reduction of HTTP / 2 data transmission: toBinary transmissionandHeader compression
In 2015, http / 2 was released. Http / 2 is an alternative to the current HTTP protocol (HTTP / 1. X), but it is not rewritten. HTTP methods / status codes / semantics are the same as HTTP / 1. X. Http / 2 is based on spdy and focuses on performance. The biggest goal is to use only one connection between users and websites. From the current situation, some of the top sites at home and abroad have basically realized the deployment of HTTP / 2, and using HTTP / 2 can bring 20% – 60% efficiency improvement.
- Binary transfer:Http / 2 divides request and response data into smaller frames, and they are binary encoded. It moves some characteristics of TCP protocol to the application layer, breaks up the original “header + body” message into several pieces of binary “frames”, uses “headers” frame to store header data, and “data” frame to store entity data. After HTP / 2 data is divided into frames, the message structure of “header + body” disappears completely, and what the protocol sees is just “fragments”. In http / 2, all communication under the same domain name is completed on a single connection, which can carry any number of two-way data streams. Each data stream is sent in the form of a message, which in turn consists of one or more frames.Multiple frames can be sent in disorder, and can be reassembled according to the flow identification of the frame head。
- Header compression:Http / 2 does not use the traditional compression algorithm, but develops a special “hpack” algorithm. It establishes a “dictionary” at both ends of the client and the server. It uses index marks to represent repeated strings (for example, the same header between multiple requests, the second request only needs to send differential data). It also uses Huffman coding to compress integers and strings, which can achieve 50% – 90% high compression Rate.
- Multiplexing:The technology of multiplexing is introduced to solve the problem that the browser limits the number of requests under the same domain name.
- Server Push：To some extent, http2 has changed the traditional “request response” mode. The server can not only respond to requests passively, but also create a new “flow” to send messages to clients actively. For example, when a browser requests HTML, it sends the JS and CSS files that may be used to the client in advance to reduce the delay of waiting, which is called “server push” (also called cache push). In addition, the server can push actively, and the client has the right to choose whether to receive or not. If the resources pushed by the server have been cached by the browser, the browser can reject them by sending RST ﹣ stream frames. Active push also follows the same origin policy. In other words, the server cannot push the third-party resources to the client at will, but only after the confirmation of both parties.
- Improve security:For the sake of compatibility, HTTP/2 continues the “plaintext” feature of HTTP/1. It can use plaintext to transmit data as before, and does not force encrypted communication. However, the format is binary, but does not need to be decrypted. But because HTTPS is the general trend, and the mainstream browsers, such as chrome and Firefox, have publicly announced that only encrypted http / 2 is supported, so “in fact” http / 2 is encrypted. In other words, the HTTP / 2 commonly seen on the Internet uses the “HTTPS” protocol name and runs on the TLS. The HTTP / 2 protocol defines two string identifiers: “H2” for encrypted http / 2, “H2C” for clear text http / 2.
In http / 2, with binary framing, http / 2 no longer relies on TCP links to achieve multi stream parallelism
- All communication under the same domain name is completed on a single connection.
- A single connection can carry any number of two-way data flows.
- The data flow is sent in the form of a message, and the message is composed of one or more frames. Multiple frames can be sent in disorder, because they can be reassembled according to the flow identification of the frame header.
This feature greatly improves performance:
- The same domain name only needs to occupy one TCP connection and send multiple requests and responses in parallel with one connection, so that the download process of the entire page resource only needs to be started slowly once, and at the same time, the problem caused by multiple TCP connections competing for bandwidth is avoided.
- Multiple requests / responses are sent in parallel and interleaved, which do not affect each other.
- In http / 2, each request can have a priority value of 31bit. 0 indicates the highest priority, and the higher the value, the lower the priority. With this priority value, the client and the server can adopt different strategies when processing different flows, and send flows, messages and frames in the optimal way.
New features of HTTP / 3
1. Disadvantages of HTTP / 2
Although http / 2 solves many problems of previous versions, it still has a huge problem, which is mainly caused by the underlying TCP protocol. The disadvantages of HTTP / 2 are as follows:
TCP and TCP + TLS connection delay
Http / 2 is transmitted by using TCP protocol. If HTTPS is used, TLS protocol is also needed for secure transmission, and TLS also requires a handshake process, so there are two handshake delay processes:
① When establishing a TCP connection, you need to make three handshakes with the server to confirm the connection is successful, that is to say, you need to consume 1.5 RTTS before data transmission.
② For TLS connection, there are two versions of TLS – tls1.2 and tls1.3. Each version takes a different time to establish the connection, roughly 1-2 RTTS.
In short, we need to spend 3-4 RTTS before transmitting data.
TCP’s queue head blocking is not completely solved
As we mentioned above, in http / 2, multiple requests run in one TCP pipeline. However, when packet loss occurs, the performance of HTTP / 2 is not as good as that of HTTP / 1. In order to ensure reliable transmission, TCP has a special “packet loss and retransmission” mechanism. The lost packet must wait for retransmission confirmation. In case of packet loss in http / 2, the whole TCP will start to wait for retransmission, and then all requests in the TCP connection will be blocked (as shown below). For HTTP / 1.1, multiple TCP connections can be opened. In this case, only one of them will be affected. The remaining TCP connections can also transmit data normally.
After reading this, someone may think about why not modify the TCP protocol directly? In fact, this is an impossible task. Because TCP has existed for a long time, it has been full of various devices, and this protocol is implemented by the operating system, so it is not realistic to update it.
2. Introduction to http / 3
Google realized these problems when it pushed spdy, so it started a new “quic” protocol based on UDP protocol to let HTTP run on quic instead of TCP. And this “HTTP over quic” is the next big version of HTTP protocol, http / 3. On the basis of HTTP / 2, it has achieved a qualitative leap and solved the problem of “team head blocking” perfectly.
Although quic is based on UDP, many new functions have been added on the original basis. Next, we will focus on several new functions of quic. However, http / 3 is still in the draft stage, and there may be changes before the official release, so this article tries not to cover those unstable details.
3. New functions of quic
As mentioned above, quic is based on UDP, and UDP is “connectionless” and does not need “handshake” or “wave” at all, so it is faster than TCP. In addition, quic also realizes reliable transmission to ensure that the data can reach the destination. It also introduces “stream” and “multiplexing” similar to http / 2. A single “stream” is orderly and may block due to packet loss, but other “streams” will not be affected. Specifically, quic protocol has the following characteristics:
The functions of flow control and transmission reliability similar to TCP are realized.
Although UDP does not provide reliable transmission, quic adds a layer on top of UDP to ensure reliable data transmission. It provides packet retransmission, congestion control and other features that exist in TCP.
The function of quick handshake is realized.
Since quic is based on UDP, it can use 0-rtt or 1-rtt to establish a connection, which means that quic can send and receive data with the fastest speed, which can greatly improve the speed of opening the page for the first time. 0rtt Jianlian is the biggest performance advantage of quic over http2.
TLS encryption is integrated.
At present, quic uses tls1.3, which has more advantages than the earlier version tls1.3. The most important point is to reduce the number of RTTS spent on handshaking.
Multiplexing, completely solving the problem of queue head blocking in TCP
Unlike TCP, quic implements multiple independent logical data flows on the same physical connection (as shown in the figure below). Realizing the separate transmission of data flow solves the problem of queue head blocking in TCP.
Http / 1.1 has two main disadvantages: insufficient security and low performance.
Http / 2 is fully compatible with HTTP / 1, which is “more secure http, faster HTTPS”. Header compression, multiplexing and other technologies can make full use of bandwidth, reduce latency, and greatly improve the online experience;
QUIC is based on UDP. It is the underlying support protocol in HTTP/3. The protocol is based on UDP, and takes the essence of TCP to achieve a fast and reliable protocol.