HTTP/2

What is HTTP/2 and Why

HTTP/1.1 has been serving most part of the Web since 1997. As websites get more and more sophisticated and resource intensive, it starts to show its limitations, e.g. one outstanding request per TCP connection. So its next-generation emerged: HTTP/2.

HTTP/2 FAQ does a great job explaining the background and specifications. Highly recommended. Here is an executive summary, HTTP/2:

  • is specifically designed to improve performance
  • is based on SPDY
  • is binary, instead of textual
  • is fully multiplexed, instead of ordered and blocking
  • can therefore use one connection for parallelism
  • uses header compression to reduce overhead
  • allows servers to push responses proactively into client caches
  • is backward-compatible, designed to be drop-in replacement for HTTP/1.1
  • is supported by most broswers over TLS

HttpWatch reported good performance improvement by using HTTP/2.

How to Upgrade

Upgrading from HTTP/1.1 to HTTP/2 is quite easy. You just need to make sure that your web server supports HTTP/2 and "turn it on". I will use NGINX as an example.

Install NGINX 1.9.5+

In the case of NGINX, only 1.9.5+ supports HTTP/2.

Check your NGINX version

nginx -V

If it's lower than 1.9.5, you need to upgrade NGINX first. Otherwise, head over to Turn On HTTP/2.
At the time of writing, the latest stable release of NGINX is 1.8.1, which is lower than 1.9.5. So you need to install NGINX Mainline version. Don't worry that Mainline version is not stable. It's actually better than Stable version because it has the latest bug fixes.

On Ubuntu,

Install NGINX signing key

wget http://nginx.org/keys/nginx_signing.key
sudo apt-key add nginx_signing.key

Add the following in /etc/apt/sources.list

deb http://nginx.org/packages/mainline/ubuntu/ <codename> nginx
deb-src http://nginx.org/packages/mainline/ubuntu/ <codename> nginx

Note that <codename> should be the result of lsb_release -c | cut -f2.

Then install

sudo apt-get update
sudo apt-get install nginx

Compile NGINX from Source to Support ALPN (Optional)

Depending on the OpenSSL version that your NGINX is built with, it may not support Application Layer Protocol Negotiation (ALPN). More details here. Besides, starting from May 15th 2016, Chrome will ONLY support ALPN, which means supporting ALPN is necessary for HTTP/2 to work fully.

Find out NGINX build details

nginx -V

If it says built with OpenSSL 1.0.2f 28 Jan 2016, you don't need to compile NGINX from source. Jump to Turn On HTTP/2.

If it's built with OpenSSL lower than 1.0.2f, e.g. 1.0.1f. You need to compile NGINX from source with OpenSSL 1.0.2f. The detailed steps can be found here.

Turn on HTTP/2

In site.conf,

server {
	listen 443 ssl http2;
    ...
}

That's all you need to turn on HTTP/2!

Please note that although HTTP/2 doesn't require HTTPS, most web browsers only support HTTP/2 via TLS. So you do need to serve your site via HTTPS in order to use HTTP/2. If your site isn't using HTTPS yet, check out my post on how to use Let's Encrypt to make it HTTPS.

Reload NGINX

sudo nginx -s reload

Refresh your site and inspect the page, you should see that the assets from your site are loaded via protocal HTTP/2 (h2).

This blog is using HTTP/2. You can inspect this page to see HTTP/2 in action.

Another way is to let KeyCDN do the test.

If you prefer command line

echo | openssl s_client -alpn h2 -connect yourserver.com:443 | grep ALPN

You should see ALPN protocol: h2.

Summary

Although HTTP/2 is only out for about one year, it has very good adoption thanks to its backward-compatibility, easy of upgrading and performance benefits. I'm convinced that HTTP/2 is the future of the Web.

Wait no more, upgrade!

Reference