Hello HTTP/3

This is a follow up to my article: The internet is about to get a hell of a lot quicker. I explained the benefits of HTTP/2. Now I will explain what will become HTTP/3.

I mentioned gQuic, an experimental protocol used by Google in 2012. It used UDP for transferring HTTP, The starting point of this new protocol.

QUIC is so different from the original Google concept. So much so that they should be treated as two separate protocols. When Google came to the IETF to standardise the protocol, They thought in order to do so, QUIC must resolve other issues.

What is QUIC?

In my last article, I pointed out how TCP has a head of line blocking problem, re-creating protocols at a kernel-level like UDP and TCP is no easy task. We have too many legacy systems that would need to be upgraded everywhere. I also mentioned how UDP didn’t care for packet loss, so how could we use it as a standard for the web?

Diagram showing kernel space of HTTP/3 and HTTP/2.

The example above shows you kernel-space. This is where protocols are tough to change. This requires updates across many different pieces of hardware that connect us to the internet. Then there are legacy systems where that might not even be possible.

This is where QUIC comes in it takes all the good points from TCP and lives in user-space but its fundamentally running on UDP. No more head of line blocking problem!

Diagram Model of HTTP/3
Diagram Model of HTTP/3

UDP we know isn’t a reliable protocol because it doesn’t check for loss like TCP. But we don’t need it to be. Now we have QUIC which acts as TCP without its flaws. The TLS layer is also built into the protocol, so it’s secure by default, and we eliminate the need for that layer.

It reduces the number of handshakes needed, and you can re-establish the previous connections. Another interesting thing about QUIC is that connections survive IP changes. This makes a big difference where someone travelling is connected using a mobile device.

I have been following the progress on QUIC for a while now. The difference is unbelievable. The protocol also reduces buffering time for services like YouTube, showing its multi-purpose use.

How can I use QUIC?

Unlike when I first heard about QUIC, it’s not difficult to use. Most browsers have it enabled by default, and you can use any Google service to try it out.

The web server with the best support for QUIC is Litespeed. Available using both there open-source OpenLiteSpeed and enterprise LiteSpeed Web Server.

Cloudflare CDN is another option. But essentially you want a QUIC connection between your web server and your CDN. So using Litespeed as the webserver will give you that extra boost.

If you are running a WordPress blog like this one, you can use Quic.cloud. A QUIC CDN just for WordPress built by the LiteSpeed team. However, it’s still in beta and not advised for production use.

Nginx has no official support as of yet. However, it is possible using this article: Experiment with HTTP/3 Using Nginx and quiche, From Cloudflare. Not recommended for production use.

Of course, all Google Web Servers also support QUIC.

Bring on HTTP/3

Although we waited a long time or HTTP/2 we don’t need to wait very long for HTTP/3.

The real question is how long is it going to take everyone to adopt to HTTP/3.

Google has been using QUIC for a while now. By owning Chrome and its large user base they can enable QUIC in there browser and from there web services such as Gmail, YouTube etc. You have probably used QUIC already. Only 4.5% of web sites are running on QUIC. About half of the connections to Google services have used this protocol in the past year.

For large applications that use load balancers in AWS, they had a problem where UDP was not supported. Things are changing they have announced UDP for load balancers. Hopefully, this will encourage the use of HTTP/3.

https://aws.amazon.com/blogs/aws/new-udp-load-balancing-for-network-load-balancer/

Security analysts have pointed out although there is no problem with the protocol itself, they have concerns. For Example, it is not supported by a lot of security appliances such as firewalls. Because a firewall may not know about the QUIC protocol, when an analyst views connections, they may know that UDP connections have been made but not understand what it is doing. QUIC is an encrypted protocol, so it’s not easy to dissect in the network.

Only 4.5% of connections are using this new protocol, but nothing is stopping us using it. If we can increase our performance by 30% or possibly more, we shouldn’t hold back.

You can find out if a site supports HTTP/3 by using https://http3check.net/

Example of QUIC, Evidence that connections to marchughes.ie are using QUIC.
Using chrome on android shows me that my connection uses QUIC

1 thought on “Hello HTTP/3”

  1. Pingback: The internet is about to get a hell of a lot quicker - Marc Hughes

Leave a Comment

Your email address will not be published.