Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of...

46

Transcript of Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of...

Page 1: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience
Page 2: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

1.1

1.2

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.3

1.3.1

1.3.2

1.3.3

1.4

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.6

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.7

1.8

TableofContentsIntroduction

WhyQUIC

RememberHTTP/2

TCPheadoflineblocking

TCPorUDP

Ossification

Secure

Reducedlatency

Process

IETF

ExperiencefromHTTP/2

Status

Protocolfeatures

UDP

Reliable

Streams

InOrder

Fasthandshakes

TLS1.3

Transportandapplication

HTTP/3overQUIC

Non-HTTPoverQUIC

HowQUICworks

Connections

ConnectionsuseTLS

Streams

0-RTT

SpinBit

Userspace

API

HTTP/3

HTTPS://URLs

BootstrapwithAlt-svc

QUICstreamsandHTTP/3

Prioritization

Serverpush

ComparisonwithHTTP/2

Commoncriticism

Thespecifications

2

Page 3: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

1.9QUICv2

3

Page 4: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3explainedThisbookeffortwasstartedinMarch2018.TheplanistodocumentHTTP/3anditsunderlyingprotocol:QUIC.Why,howtheywork,protocoldetails,theimplementationsandmore.

Thebookisentirelyfreeandismeanttobeacollaborativeeffortinvolvinganyoneandeveryonewhowantstohelpout.

PrerequisitesAreaderofthisbookispresumedtohaveabasicunderstandingofTCP/IPnetworking,thefundamentalsofHTTPandtheweb.ForfurtherinsightsandspecificsaboutHTTP/2werecommendfirstreadingupthedetailsinhttp2explained.

AuthorThisbookiscreatedandtheworkisstartedbyDanielStenberg.Danielisthefounderandleaddeveloperofcurl,theworld'smostwidelyusedHTTPclientsoftware.DanielhasworkedwithandonHTTPandinternetprotocolsforovertwodecadesandistheauthorofhttp2explained.

HomeThehomepageforthisbookisfoundatdaniel.haxx.se/http3-explained.

HelpoutIfyoufindmistakes,omissions,errorsorblatantliesinthisdocument,pleasesendusarefreshedversionoftheaffectedparagraphandwewillmakeamendedversions.Wewillgivepropercreditstoeveryonewhohelpsout.Ihopetomakethisdocumentbetterovertime.

Preferably,yousubmiterrorsorpullrequestsonthebook'sgithubpage.

LicenseThisdocumentandallitscontentsarelicensedundertheCreativeCommonsAttribution4.0license.

Introduction

4

https://daniel.haxx.se/http2/
https://daniel.haxx.se/
https://curl.haxx.se/
https://daniel.haxx.se/http2/
https://daniel.haxx.se/http3-explained
https://github.com/bagder/http3-explained/issues
https://github.com/bagder/http3-explained/pulls
https://creativecommons.org/licenses/by/4.0/
Page 5: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

WhyQUICQUICisaname,notanacronym.ItispronouncedexactlyliketheEnglishword"quick".

QUICisinmanywayswhatcouldbeseenasawayofdoinganewreliableandsecuretransportprotocolthatissuitableforaprotocollikeHTTPandthatcanaddresssomeoftheknownshortcomingsofdoingHTTP/2overTCPandTLS.Thelogicalnextstepinthewebtransportevolution.

QUICisnotlimitedtojusttransportingHTTP.Thedesiretomakethewebanddataingeneraldeliveredfastertoendusersisprobablythelargestreasonandpushthatinitiallytriggeredthecreationofthisnewtransportprotocol.

SowhycreateanewtransportprotocolandwhydoitontopofUDP?

WhyQUIC

5

Page 6: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

RememberHTTP/2?TheHTTP/2specificationRFC7540waspublishedinMay2015andtheprotocolhassincethenbeenimplementedanddeployedwidelyacrosstheInternetandtheWorldWideWeb.

Inearly2018,almost40%ofthetop-1000websitesrunHTTP/2,around70%ofallHTTPSrequestsFirefoxissuesgetHTTP/2responsesbackandallmajorbrowsers,serversandproxiessupportit.

HTTP/2addressesawholeslewofshortcomingsinHTTP/1andwiththeintroductionofthesecondversionofHTTPuserscanstopusingabunchofwork-arounds.Someofwhichareprettyburdensomeonwebdevelopers.

OneoftheprimaryfeaturesofHTTP/2isthatitmakesuseofmultiplexing,sothatmanylogicalstreamsaresentoverthesamephysicalTCPconnection.Thismakesalotofthingsbetterandfaster.Itmakescongestioncontrolworkmuchbetter,itletsusersuseTCPmuchbetterandthusproperlysaturatethebandwidth,makestheTCPconnectionsmorelong-lived-whichisgoodsothattheygetuptofullspeedmorefrequentlythanbefore.Headercompressionmakesituselessbandwidth.

WithHTTP/2,browserstypicallyuseoneTCPconnectiontoeachhostinsteadoftheprevioussix.Infact,connectioncoalescingand"desharding"techniquesusedwithHTTP/2mayactuallyevenreducethenumberofconnectionsmuchmorethanso.

HTTP/2fixedtheHTTPheadoflineblockingproblem,whereclientshadtowaitforthefirstrequestinlinetofinishbeforethenextonecouldgoout.

RememberHTTP/2

6

https://httpwg.org/specs/rfc7540.html
Page 7: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TCPheadoflineblockingHTTP/2isdoneoverTCPandwithmuchfewerTCPconnectionsthanwhenusingearlierHTTPversions.TCPisaprotocolforreliabletransfersandyoucanbasicallythinkofitasanimaginarychainbetweentwomachines.Whatisbeingputoutonthenetworkinoneendwillendupintheotherend,inthesameorder-eventually.(Ortheconnectionbreaks.)

WithHTTP/2,typicalbrowsersdotensorhundredsofparalleltransfersoverasingleTCPconnection.

Ifasinglepacketisdropped,orlostinthenetworksomewherebetweentwoendpointsthatspeakHTTP/2,itmeanstheentireTCPconnectionisbroughttoahaltwhilethelostpacketisre-transmittedandfindsitswaytothedestination.SinceTCPisthis"chain",itmeansthatifonelinkissuddenlymissing,everythingthatwouldcomeafterthelostlinkneedstowait.

Anillustrationusingthechainmetaphorwhensendingtwostreamsoverthisconnection.Aredstreamandagreenstream:

ItbecomesaTCP-basedheadoflineblock!

Asthepacketlossrateincreases,HTTP/2performslessandlesswell.At2%packetloss(whichisaterriblenetworkquality,mindyou),testshaveproventhatHTTP/1usersareusuallybetteroff-becausetheytypicallyhaveuptosixTCPconnectionstodistributelostpacketsover.Thismeansforeverylostpackettheotherconnectionscanstillcontinue.

Fixingthisissueisnoteasy,ifatallpossible,withTCP.

IndependentstreamsavoidstheblockWithQUICthereisstillaconnectionsetupbetweenthetwoend-pointsthatmakestheconnectionsecureandthedatadeliveryreliable.

Whensettinguptwodifferentstreamsoverthisconnection,theyaretreatedindependentlysothatifanylinkgoesmissingforoneofthestreams,onlythatstream,thatparticularchain,hastopauseandwaitforthemissinglinktogetretransmitted.

Illustratedherewithoneyellowandonebluestreamsentbetweentwoend-points.

TCPheadoflineblocking

7

Page 8: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TCPheadoflineblocking

8

Page 9: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TCPorUDPIfwecan'tfixhead-of-lineblockingwithinTCP,thenintheoryweshouldbeabletomakeanewtransportprotocolnexttoUDPandTCPinthenetworkstack.OrperhapsevenuseSCTPwhichisatransportprotocolstandardizedbytheIETFinRFC4960withseveralofthedesiredcharacteristics.

However,inrecentyearseffortstocreatenewtransportprotocolshavealmostentirelybeenhaltedbecauseofthedifficultiesindeployingthemontheInternet.Deploymentofnewprotocolsishamperedbymanyfirewalls,NATs,routersandothermiddle-boxesthatonlyallowTCPorUDParedeployedbetweenusersandtheserverstheyneedtoreach.IntroducinganothertransportprotocolmakesN%oftheconnectionsfailbecausetheyarebeingblockedbyboxesthatseeitnotbeingUDPorTCPandthusevilorwrongsomehow.TheN%failurerateisoftendeemedtoohightobeworththeeffort.

Additionally,changingthingsinthetransportprotocollayerofthenetworkstacktypicallymeansprotocolsimplementedbyoperatingsystemkernels.Updatinganddeployingnewoperatingsystemkernelsisaslowprocessthatrequiressignificanteffort.ManyTCPimprovementsstandardizedbytheIETFarenotwidelydeployedorusedbecausetheyarenotbroadlysupported.

WhynotSCTP-over-UDPSCTPisareliabletransportprotocolwithstreams,andforWebRTCthereareevenexistingimplementationsusingitoverUDP.

ThiswasnotdeemedgoodenoughasaQUICalternativeduetoseveralreasons,including:

SCTPdoesnotfixthehead-of-line-blockingproblemforstreamsSCTPrequiresthenumberofstreamstobedecidedatconnectionsetupSCTPdoesnothaveasolidTLS/securitystorySCTPhasa4-wayhandshake,QUICoffers0-RTTQUICisabytestreamlikeTCP,SCTPismessage-basedQUICconnectionscanmigratebetweenIPaddressesbutSCTPcannot

Formoredetailsonthedifferences,seeAComparisonbetweenSCTPandQUIC.

TCPorUDP

9

https://en.wikipedia.org/wiki/Stream_Control_Transmission_Protocol
https://tools.ietf.org/html/rfc4960
https://tools.ietf.org/html/draft-joseph-quic-comparison-quic-sctp-00
Page 10: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

OssificationTheinternetisanetworkofnetworks.ThereisequipmentsetupontheInternetinmanydifferentplacesalongthewaytomakesurethisnetworkofnetworksworksasitissupposedto.Thesedevices,theboxesthataredistributedoutinthenetwork,arewhatwesometimesrefertoasmiddle-boxes.Boxesthatsitsomewherebetweenthetwoend-pointsthataretheprimarypartiesinvolvedinatraditionalnetworkdatatransfer.

TheseboxesservemanydifferentspecificpurposesbutIthinkwecansaythatuniversallytheyareputtherebecausesomeonethinkstheymustbetheretomakethingswork.

Middle-boxesrouteIPpacketsbetweennetworks,theyblockmalicioustraffic,theydoNAT(NetworkAddressTranslation),theyimproveperformance,sometrytospyonthepassingtrafficandmore.

Inordertoperformtheirdutiestheseboxesmustknowaboutnetworkingandtheprotocolsthataremonitoredormodifiedbythem.Theyrunsoftwareforthispurpose.Softwarethatisnotalwaysupgradedfrequently.

WhiletheyaregluecomponentsthatkeeptheInternettogethertheyarealsooftennotkeepingupwiththelatesttechnology.Themiddleofthenetworktypicallydoesnotmoveasfastastheedges,astheclientsandtheserversoftheworld.

Thenetworkprotocolsthattheseboxesmightwanttoinspect,andhaveideasaboutwhatisokayandwhatisnotthenhavethisproblem:theseboxesweredeployedsometimeagowhentheprotocolshadafeaturesetofthattime.Introducingnewfeaturesorchangesinbehaviorthatwerenotknownbeforerisksendingupconsideredbadorillegalbysuchboxes.Suchtrafficmaywelljustbedroppedordelayedtothedegreethatusersreallydonotwanttousethosefeatures.

Thisiscalled"protocolossification".

ChangestoTCPalsosufferfromossification:someboxesbetweenaclientandtheremoteserverwillspotunknownnewTCPoptionsandblocksuchconnectionssincetheydonotknowwhattheoptionsare.Ifallowedtodetectprotocoldetails,systemslearnhowprotocolstypicallybehaveandovertimeitbecomesimpossibletochangethem.

Theonlytrulyeffectivewayto"combat"ossificationistoencryptasmuchofthecommunicationaspossibleinordertopreventmiddle-boxesfromseeingmuchoftheprotocolpassingthrough.

Ossification

10

Page 11: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

SecureQUICisalwayssecure.Thereisnoclear-textversionoftheprotocolsotonegotiateaQUICconnectionmeansdoingcryptographyandsecuritywithTLS1.3.Asmentionedabove,thispreventsossificationaswellasothersortsofblocksandspecialtreatments,aswellasmakingsureQUIChasallthesecurepropertiesofHTTPSthatwebusershavecometoexpectandwant.

Thereareonlyafewinitialhandshakepacketsthataresentintheclearbeforetheencryptionprotocolshavebeennegotiated.

Secure

11

Page 12: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

EarlierdataQUICoffersboth0-RTTand1-RTThandshakesthatreducethetimeittakestonegotiateandsetupanewconnection.Comparewiththe3-wayhandshakeofTCP.

Inadditiontothat,QUICoffers"earlydata"supportfromthegetgowhichisdonetoallowmoredataanditisusedmoreeasilythanTCPFastOpen.

Withthestreamconcept,anotherlogicalconnectiontothesamehostcanbedoneatoncewithouthavingtowaitfortheexistingonetoendfirst.

TCPFastOpenisproblematicTCPFastOpenwaspublishedasRFC7413inDecember2014andthatspecificationdescribeshowapplicationscanpassdatatotheservertobedeliveredalreadyinthefirstTCPSYNpacket.

Actualsupportforthisfeatureinthewildhastakentimeandisriddledwithproblemseventodayin2018.TheTCPstackimplementorshavehadissuesandsohaveapplicationstryingtotakeadvantageofthisfeature-bothinknowinginwhichOSversiontotrytoactivateitbutalsoinfiguringouthowtogracefullybackdownanddealwhenproblemsarise.SeveralnetworkshavebeenidentifiedtointerferewithTFOtrafficandtheyhavethusactivelyruinedsuchTCPhandshakes.

Reducedlatency

12

https://tools.ietf.org/html/rfc7413
Page 13: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ProcessTheinitialQUICprotocolwasdesignedbyJimRoskindatGoogleandwasinitiallyimplementedin2012,announcedpubliclytotheworldin2013whenGoogle'sexperimentationbroadened.

Backthen,QUICwasstillclaimedtobeanacronymfor"QuickUDPInternetConnections",butthathasbeendroppedsincethen.

Googleimplementedtheprotocolandsubsequentlydeployeditbothintheirwidelyusedbrowser(Chrome)andintheirwidelyusedserver-sideservices(Googlesearch,gmail,youtubeandmore).Theyiteratedprotocolversionsfairlyquicklyandovertimetheyprovedtheconcepttoworkreliablyforavastportionofusers.

InJune2015,thefirstinternetdraftforQUICwassenttotheIETFforstandardization,butittookuntillate2016foraQUICworkinggrouptogetapprovedandstarted.Butthenittookoffimmediatelywithahighdegreeofinterestfrommanyparties.

In2017,numbersquotedbyQUICengineersatGooglementionedthataround7%ofallInternettrafficwerealreadyusingthisprotocol.TheGoogleversionoftheprotocol.

Process

13

Page 14: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

IETFTheQUICworkinggroupthatwasestablishedtostandardizetheprotocolwithintheIETFquicklydecidedthattheQUICprotocolshouldbeabletotransferotherprotocolsthan"just"HTTP.Google-QUIConlyevertransportedHTTP-inpracticeittransportedwhatwaseffectivelyHTTP/2frames,usingtheHTTP/2framesyntax.

ItwasalsostatedthatIETF-QUICshouldbaseitsencryptionandsecurityonTLS1.3insteadofthe"custom"approachusedbyGoogle-QUIC.

Inordertosatisfythesend-more-than-HTTPdemand,theIETFQUICprotocolarchitecturewassplitintwoseparatelayers:thetransportQUICandthe"HTTPoverQUIC"layer(thelattersometimesreferredtoas"hq").

Thislayersplit,whileitmaysoundinnocuous,hascausedtheIETF-QUICtodifferquitealotfromtheoriginalGoogle-QUIC.

TheworkinggroupdidhoweversoondecidethatinordertogettheproperfocusandabilitytodeliverQUICversion1ontime,itwouldfocusondeliveringHTTP,leavingnon-HTTPtransportstolaterwork.

InMarch2018whenwestartedworkingonthisbook,theplanwastoshipthefinalspecificationforQUICversion1inNovember2018;thiswaslaterpostponedtoJuly2019.

WhiletheworkonIETF-QUIChasprogressed,theGoogleteamhasincorporateddetailsfromtheIETFversionandhasstartedtoslowlyprogresstheirversionoftheprotocoltowardswhattheIETFversionmightbecome.GooglehascontinuedusingtheirversionofQUICintheirbrowserandservices.

MostnewimplementationsunderdevelopmenthavedecidedtofocusontheIETFversionandarenotcompatiblewiththeGoogleversion.

IETF

14

https://github.com/quicwg/base-drafts/wiki/Implementations
Page 15: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ExperiencefromHTTP/2TheHTTP/2specificationRFC7540waspublishedinMay2015,justamonthbeforeQUICwasbroughttoIETFforthefirsttime.

WithHTTP/2,thefoundationforchangingHTTPoverthewirewaslaidoutandtheworkinggroupthatcreatedHTTP/2wasalreadyofthemindsetthatthiswouldhelpiteratingtonewHTTPversionsmuchfasterthanithadtakentogotoversion2fromversion1(about16years).

WithHTTP/2,usersandsoftwarestacksgotusedtotheideathatHTTPcannolongerbeassumedtobedonewithatext-basedprotocolinaserialmanner.

HTTP-over-QUICwasrenamedtoHTTP/3inNovember2018.

ExperiencefromHTTP/2

15

Page 16: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

StatusTheQUICworkinggrouphasworkedfiercelysincelate2016onspecifyingtheprotocolsandtheplanisnowtohaveitdonebyJuly2019.

AsofNovember2018,therestillhasnotbeenanylargerinteroperabilitytestswithHTTP/3-onlywiththeexistingtwoimplementationsandnoneofthemaredonebyabrowserorapopularopenserversoftware.

TherearefifteenorsodifferentQUICimplementationslistedintheQUICworkinggroups'wikipages,butfarfromallofthemcaninteroperateonthelatestspecdraftrevisions.

ImplementingQUICisnoteasyandtheprotocolhaskeptmovingandchangingevenuptothisdate.

ServersNGINXsupportforQUICandHTTP/3isunderdevelopment.ItisplannedtobereleasedduringNGINX1.17developmentcycle.

TherehavebeennopublicstatementintermsofsupportforQUICfromApache.

ClientsNoneofthelargerbrowservendorshaveyetshippedanyversion,atanystate,thatcanruntheIETFversionofQUICorHTTP/3.

GoogleChromehasshippedwithaworkingimplementationofGoogle'sownQUICversionsincemanyyears,butthatdoesnotinteroperatewiththeIETFQUICprotocolanditsHTTPimplementationisdifferentthanHTTP/3.

MozillaisdevelopingNeqo-aQUICandHTTP/3implementationwritteninRust.NeqoisplannedtobeintegratedinNecko(whichisanetworklibraryusedinmanyMozilla-basedclientapplications-includingFirefox).

curlshippedthefirstexperimentalHTTP/3support(draft-22)inthe7.66.0releaseonSeptember11,2019.curluseseithertheQuichelibraryfromCloudflareorthengtcp2familyoflibrariestogettheworkdone.

ImplementationObstaclesQUICdecidedtouseTLS1.3asthefoundationforthecryptoandsecuritylayertoavoidinventingsomethingnewandinsteadleanonatrustworthyandexistingprotocol.However,whiledoingthis,theworkinggroupalsodecidedthattoreallystreamlinetheuseofTLSinQUIC,itshouldonlyuse"TLSmessages"andnot"TLSrecords"fortheprotocol.

Thismightsoundlikeaninnocuouschange,butthishasactuallycausedasignificanthurdleformanyQUICstackimplementors.ExistingTLSlibrariesthatsupportTLS1.3simplydonothaveAPIsenoughtoexposethisfunctionalityandallowQUICtoaccessit.WhileseveralQUICimplementorscomefromlargerorganizationswhoworkontheirownTLSstackinparallel,thisisnottrueforeveryone.

ThedominantopensourceheavyweightOpenSSLforexample,doesnothaveanyAPIforthis.TheplantoaddressthisseemstohappnintheirPR8797thataimstointroduceanAPIthatisverysimilartotheoneofBoringSSL.

ThiswilleventuallyalsoleadtodeploymentobstaclessinceQUICstackswillneedtoeitherbasethemselvesonotherTLSlibraries,useaseparatepatchedOpenSSLbuildorrequireanupdatetoafutureOpenSSLversion.

KernelsandCPUload

Status

16

https://github.com/curl/curl/wiki/QUIC-implementation
https://trac.nginx.org/nginx/milestone/nginx-1.17
https://github.com/mozilla/neqo/
https://www.rust-lang.org/
https://github.com/mozilla/neqo/issues/10
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Necko
https://github.com/openssl/openssl/pull/8797
Page 17: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

BothGoogleandFacebookhavementionedthattheirwidescaledeploymentsofQUICrequireroughlytwicetheamountofCPUthanthesametrafficloaddoeswhenservingHTTP/2overTLS.

Someexplanationsforthisinclude

theUDPpartsinprimarilyLinuxisnotatallasoptimizedastheTCPstackis,sinceithasnottraditionallybeenusedforhighspeedtransferslikethis.

TCPandTLSoffloadingtohardwareexist,butthatismuchrarerforUDPandbasicallynon-existingforQUIC.

TherearereasonstobelievethatperformanceandCPUrequirementswillimproveovertime.

Status

17

Page 18: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ProtocolfeaturesTheQUICprotocolfromahighlevel.

IllustratedbelowistheHTTP/2networkstackontheleftandtheQUICnetworkstackontheright,whenusedasHTTPtransport.

Protocolfeatures

18

Page 19: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TransferprotocoloverUDPQUICisatransferprotocolimplementedontopofUDP.Ifyouwatchyournetworktrafficcasually,youwillseeQUICappearasUDPpackets.

BasedonUDPitalsothenusesUDPportnumberstoidentifyspecificnetworkservicesonagivenIPaddress.

AllknownQUICimplementationsarecurrentlyinuser-space,whichallowsformorerapidevolutionthankernel-spaceimplementationstypicallyallow.

Willitwork?ThereareenterprisesandothernetworksetupsthatblockUDPtrafficonotherportsthan53(usedforDNS).OthersthrottlesuchdatainwaysthatmakesQUICperformworsethanTCPbasedprotocols.Thereisnoendtowhatsomeoperatorsmaydo.

Fortheforeseeablefuture,alluseofQUIC-basedtransportswillprobablyhavetobeabletogracefullyfall-backtoanother(TCP-based)alternative.Googleengineershavepreviouslymentionedmeasuredfailureratesinthelowsingle-digitpercentages.

Willitimprove?ChancesarethatifQUICprovestobeavaluableadditiontotheInternetworld,peoplewillwanttouseitandtheywillwantittofunctionintheirnetworksandthencompaniesmaystarttoreconsidertheirobstacles.DuringtheyearsthedevelopmentofQUIChasprogressed,thesuccessrateforestablishingandusingQUICconnectionsacrosstheInternethasincreased.

UDP

19

Page 20: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ReliabledatatransfersWhileUDPisnotareliabletransport,QUICaddsalayerontopofUDPthatintroducesreliability.Itoffersre-transmissionsofpackets,congestioncontrol,pacingandtheotherfeaturesotherwisepresentinTCP.

DatasentoverQUICfromoneend-pointwillappearintheotherendsoonerorlater,aslongastheconnectionismaintained.

Reliable

20

Page 21: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

MultiplestreamswithinconnectionsSimilartoSCTP,SSHandHTTP/2,QUICfeaturesseparatelogicalstreamswithinthephysicalconnections.Anumberofparallelstreamsthatcantransferdatasimultaneouslyoverasingleconnectionwithoutaffectingtheotherstreams.

Aconnectionisanegotiatedsetupbetweentwoend-pointssimilartohowaTCPconnectionworks.AQUICconnectionismadetoaUDPportandIPaddress,butonceestablishedtheconnectionisassociatedbyits"connectionID".

Overanestablishedconnection,eithersidecancreatestreamsandsenddatatotheotherend.Streamsaredeliveredin-orderandtheyarereliable,butdifferentstreamsmaybedeliveredout-of-order.

QUICoffersflowcontrolonbothconnectionandstreams.

Seefurtherdetailsinconnectionsandstreamssections

Streams

21

Page 22: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

InorderdeliveryQUICguaranteesin-orderdeliveryofstreams,butnotbetweenstreams.Thismeansthateachstreamwillsenddataandmaintaindataorder,buteachstreammayreachthedestinationinadifferentorderthantheapplicationsentit!

Forexample:streamAandBaretransferredfromaservertoaclient.StreamAisstartedfirstandthenstreamB.InQUIC,alostpacketonlyaffectsthestreamtowhichthelostpacketbelongs.IfstreamAlosesapacketbutstreamBdoesnot,streamBmaycontinueitstransfersandcompletewhilestreamA'slostpacketisre-transmitted.ThiswasnotpossiblewithHTTP/2.

IllustratedherewithoneyellowandonebluestreamsentbetweentwoQUICend-pointsoverasingleconnection.Theyareindependentandmayarriveinadifferentorder,buteachstreamisreliablydeliveredtotheapplicationinorder.

InOrder

22

Page 23: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

FasthandshakesQUICoffersboth0-RTTand1-RTTconnectionsetups,meaningthatatbestQUICneedsnoextraround-tripsatallwhensettingupanewconnection.Thefasterofthosetwo,the0-RTThandshake,onlyworksiftherehasbeenapreviousconnectionestablishedtoahostandasecretfromthatconnectionhasbeencached.

EarlydataQUICallowsaclienttoincludedataalreadyinthe0-RTThandshake.Thisfeatureallowsaclienttodeliverdatatothepeerasfastasitpossiblycan,andthatthenofcourseallowstheservertorespondandsenddatabackevensooner.

Fasthandshakes

23

Page 24: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TLS1.3ThetransportsecurityusedinQUICisusingTLS1.3(RFC8446)andthereareneveranyunencryptedQUICconnections.

TLS1.3hasseveraladvantagescomparedtoolderTLSversionsbutaprimaryreasonforusingitinQUICisthat1.3changedthehandshaketorequirefewerroundtrips.Itreducesprotocollatency.

TheGooglelegacyversionofQUICusedacustomcrypto.

TLS1.3

24

https://tools.ietf.org/html/rfc8446
Page 25: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

TransportandapplicationlevelTheIETFQUICprotocolisatransportprotocol,ontopofwhichotherapplicationprotocolscanbeused.TheinitialapplicationlayerprotocolisHTTP/3(h3).

Thetransportlayersupportsconnectionsandstreams.

ThelegacyGoogleversionofQUIChadtransportandHTTPgluedtogetherintoonesingledo-it-allandwasamorespecial-purposesend-http/2-frames-over-udpprotocol.

Transportandapplication

25

Page 26: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3overQUICTheHTTPlayer,calledHTTP/3,doesHTTP-styletransports,includingHTTPheadercompressionusingQPACK-whichissimilartotheHTTP/2compressionnamedHPACK.

TheHPACKalgorithmdependsonanordereddeliveryofstreamssoitwasnotpossibletoreuseitforHTTP/3withoutmodificationssinceQUICoffersstreamsthatcanbedeliveredoutoforder.QPACKcanbeseenastheQUIC-adaptedversionofHPACK.

HTTP/3overQUIC

26

https://httpwg.org/specs/rfc7541.html
Page 27: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

Non-HTTPoverQUICTheworkonsendingprotocolsotherthanHTTPoverQUIChasbeenpostponeduntilafterQUICversion1hasshipped.

Non-HTTPoverQUIC

27

Page 28: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HowQUICworksWithoutexplainingtheexactbitsandbytesonthewire,thissectiondescribeshowthefundamentalbuildingblocksoftheQUICtransportprotocolwork.IfyouwanttoimplementyourownQUICstack,thisdescriptionshouldgiveyouageneralunderstanding,butforallthedetails,refertotheactualIETFInternetDraftsandRFCs.

1. Setupaconnection2. ...thatincludesTLSsecurity3. Thenusestreams

HowQUICworks

28

Page 29: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ConnectionsAQUICconnectionisasingleconversationbetweentwoQUICendpoints.QUIC'sconnectionestablishmentcombinesversionnegotiationwiththecryptographicandtransporthandshakestoreduceconnectionestablishmentlatency.

Toactuallysenddataoversuchaconnection,oneormorestreamshavetobecreatedandused.

ConnectionIDEachconnectionpossessesasetofconnectionidentifiers,orconnectionIDs,eachofwhichcanbeusedtoidentifytheconnection.ConnectionIDsareindependentlyselectedbyendpoints;eachendpointselectstheconnectionIDsthatitspeeruses.

TheprimaryfunctionoftheseconnectionIDsistoensurethatchangesinaddressingatlowerprotocollayers(UDP,IP,andbelow)donotcausepacketsforaQUICconnectiontobedeliveredtothewrongendpoint.

BytakingadvantageoftheconnectionID,connectionscanthusmigratebetweenIPaddressesandnetworkinterfacesinwaysTCPnevercould.Forinstance,migrationallowsanin-progressdownloadtomovefromacellularnetworkconnectiontoafasterwificonnectionwhentheusermovestheirdeviceintoalocationofferingwifi.Similarly,thedownloadcanproceedoverthecellularconnectionifwifibecomesunavailable.

PortnumbersQUICisbuiltatopUDP,soa16bitportnumberfieldisusedtodifferentiateincomingconnections.

VersionnegotiationAnQUICconnectionrequestoriginatingfromaclientwilltelltheserverwhichQUICprotocolversionitwantstospeak,andtheserverwillrespondwithalistofsupportedversionsfortheclienttoselectfrom.

Connections

29

Page 30: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ConnectionsuseTLSImmediatelyaftertheinitialpacketsettingupaconnection,theinitiatorsendsacryptoframethatstartssettingupthesecurelayerhandshake.ThesecuritylayerusesTLS1.3security.

Thereisnowaytoopt-outoravoidusingTLSforaQUICconnection.Theprotocolisdesignedtobehardformiddle-boxestotamperwith,inordertohelppreventossificationoftheprotocol.

ConnectionsuseTLS

30

Page 31: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

StreamsStreamsinQUICprovidealightweight,orderedbyte-streamabstraction.

TherearetwobasictypesofstreaminQUIC:

Unidirectionalstreamscarrydatainonedirection:fromtheinitiatorofthestreamtoitspeer.

Bidirectionalstreamsallowfordatatobesentinbothdirections.

Eithertypeofstreamcanbecreatedbyeitherendpoint,canconcurrentlysenddatainterleavedwithotherstreams,andcanbecanceled.

TosenddataoveraQUICconnection,oneormorestreamsareused.

FlowcontrolStreamsareindividuallyflowcontrolled,allowinganendpointtolimitmemorycommitmentandtoapplybackpressure.Thecreationofstreamsisalsoflowcontrolled,witheachpeerdeclaringthemaximumstreamIDitiswillingtoacceptatagiventime.

StreamIdentifiersStreamsareidentifiedbyanunsigned62-bitinteger,referredtoastheStreamID.TheleastsignificanttwobitsoftheStreamIDareusedtoidentifythetypeofstream(unidirectionalorbidirectional)andtheinitiatorofthestream.

Theleastsignificantbit(0x1)oftheStreamIDidentifiestheinitiatorofthestream.Clientsinitiateeven-numberedstreams(thosewiththeleastsignificantbitsetto0);serversinitiateodd-numberedstreams(withthebitsetto1).

Thesecondleastsignificantbit(0x2)oftheStreamIDdifferentiatesbetweenunidirectionalstreamsandbidirectionalstreams.Unidirectionalstreamsalwayshavethisbitsetto1andbidirectionalstreamshavethisbitsetto0.

StreamconcurrencyQUICallowsforanarbitrarynumberofstreamstooperateconcurrently.AnendpointlimitsthenumberofconcurrentlyactiveincomingstreamsbylimitingthemaximumstreamID.

ThemaximumstreamIDisspecifictoeachendpointandappliesonlytothepeerthatreceivesthesetting.

SendingandReceivingDataEndpointsusestreamstosendandreceivedata.Thatisafteralltheirultimatepurpose.Streamsareanorderedbyte-streamabstraction.Separatestreamsarehowevernotnecessarilydeliveredintheoriginalorder.

StreamPrioritizationStreammultiplexinghasasignificanteffectonapplicationperformanceifresourcesallocatedtostreamsarecorrectlyprioritized.Experiencewithothermultiplexedprotocols,suchasHTTP/2,showsthateffectiveprioritizationstrategieshaveasignificantpositiveimpactonperformance.

Streams

31

Page 32: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

QUICitselfdoesnotprovideframesforexchangingprioritizationinformation.InsteaditreliesonreceivingpriorityinformationfromtheapplicationthatusesQUIC.ProtocolsthatuseQUICareabletodefineanyprioritizationschemethatsuitstheirapplicationsemantics.

WhenHTTP/3isusedoverQUIC,theprioritizationisdoneintheHTTPlayer.

Streams

32

Page 33: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

0-RTTToreducethetimerequiredtoestablishanewconnection,aclientthathaspreviouslyconnectedtoaservermaycachecertainparametersfromthatconnectionandsubsequentlysetupa0-RTTconnectionwiththeserver.Thisallowstheclienttosenddataimmediately,withoutwaitingforahandshaketocomplete.

0-RTT

33

Page 34: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

SpinBitOneoftheperhapslongestdesigndiscussionswithintheQUICworkinggroupthathasbeenthesubjectofseveralhundredmailsandhoursofdiscussionsconcernsasinglebit:theSpinBit.

TheproponentsofthisbitinsistthatthereisaneedforoperatorsandpeopleonthepathbetweentwoQUICendpointstobeabletomeasurelatency.

Theopponentstothisfeaturedonotlikethepotentialinformationleak.

SpinningabitBothendpoints,theclientandtheserver,maintainaspinvalue,0or1,foreachQUICconnection,andtheysetthespinbitonpacketsitsendsforthatconnectiontotheappropriatevalue.

Bothsidesthensendoutpacketswiththatspinbitsettothesamevalueforaslongasoneroundtriplastsandthenittogglesthevalue.Theeffectisthenapulseofonesandzeroesinthatbitfieldthatobserverscanmonitor.

Thismeasuringonlyworkswhenthesenderisneitherapplicationnorflowcontrollimitedandpacketreorderingoverthenetworkcanalsomakethedatanoisy.

SpinBit

34

Page 35: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

User-spaceImplementingatransportprotocolinuser-spacehelpsenablequickiterationoftheprotocol,asitiscomparativelyeasytoevolvetheprotocolwithoutnecessitatingthatclientsandserversupdatetheiroperatingsystemkerneltodeploynewversions.

NothinginherentinQUICpreventsitfrombeingimplementedandofferedbyoperatingsystemkernelsinthefuture,shouldsomeonefindthatagoodidea.

Manyimplementations

Oneobviouseffectofimplementinganewtransportprotocolinuser-spaceisthatwecanexpecttoseemanyindependentimplementations.

Differentapplicationsarelikelytoinclude(orlayeratop)differentHTTP/3andQUICimplementationsfortheforeseeablefuture.

Userspace

35

Page 36: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

APIOneofthesuccessfactorsforregularTCPandprogramsusingthat,isthestandardizedsocketAPI.IthaswelldefinedfunctionalityandusingthisAPIyoucanmoveprogramsbetweenmanydifferentoperatingsystemsasTCPworksthesame.

QUICisnotthere.ThereisnostandardAPIforQUIC.

WithQUIC,youneedtopickoneoftheexistinglibraryimplementationsandstickwithitsAPI.Itmakesapplications"lockedin"toasinglelibrarytosomeextent.ChangingtoanotherlibrarymeansanotherAPIandthatmightinvolvealotofwork.

Also,sinceQUICistypicallyimplementedinuser-space,itcan'teasilyjustextendthesocketAPIorappearsimilartohowexistingTCPandUDPfunctionalitydo.UsingQUICwillmeanusinganotherAPIthanthesocketAPI.

API

36

Page 37: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3Asmentionedpreviously,thefirstandprimaryprotocoltotransportoverQUICisHTTP.

MuchlikeHTTP/2wasonceintroducedtotransportHTTPoverthewireinacompletelynewway,HTTP/3isyetagainintroducinganewwaytosendHTTPoverthenetwork.

HTTPstillmaintainsthesameparadigmsandconceptslikebefore.Thereareheadersandabody,thereisarequestandaresponse.Thereareverbs,cookiesandcaching.WhatprimarilychangeswithHTTP/3ishowthebitsgetssentovertotheothersideofthecommunication.

InordertodoHTTPoverQUIC,changeswererequiredandtheresultsofthisiswhatwenowcallHTTP/3.ThesechangeswererequiredbecauseofthedifferentnaturethatQUICprovidesasopposedtoTCP.Thesechangesinclude:

InQUICthestreamsareprovidedbythetransportitself,whileinHTTP/2thestreamsweredonewithintheHTTPlayer.

Duetothestreamsbeingindependentofeachother,theheadercompressionprotocolusedforHTTP/2couldnotbeusedwithoutitcausingaheadofblocksituation.

QUICstreamsareslightlydifferentthanHTTP/2streams.TheHTTP/3sectionwilldetailthissomewhat.

HTTP/3

37

Page 38: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTPS://URLsHTTP/3willbeperformedusingHTTPS://URLs.TheworldisfulloftheseURLsandithasbeendeemedimpracticalanddownrightunreasonabletointroduceanotherURLschemeforthenewprotocol.MuchlikeHTTP/2didnotneedanewscheme,neitherwillHTTP/3.

TheaddedcomplexityintheHTTP/3situationishoweverthatwhereHTTP/2wasacompletelynewwayoftransportingHTTPoverthewire,itwasstillbasedonTLSandTCPlikeHTTP/1was.ThefactthatHTTP/3isdoneoverQUICchangesthingsinafewimportantaspects.

Legacy,clear-text,HTTP://URLswillbeleftas-isandasweproceedfurtherintoafuturewithmoresecuretransferstheywillprobablybecomelessandlessfrequentlyused.RequeststosuchURLswillsimplynotbeupgradedtouseHTTP/3.InrealitytheyrarelyupgradetoHTTP/2either,butforotherreasons.

InitialconnectionThefirstconnectiontoafresh,notpreviouslyvisitedhostforaHTTPS://URLprobablyhastobedoneoverTCP(possiblyinadditiontoaparallelattempttoconnectviaQUIC).ThehostmightbealegacyserverwithoutQUICsupportortheremightbeamiddleboxinbetweensettingupobstaclespreventingaQUICconnectionfromsucceeding.

AmodernclientandserverwouldpresumablynegotiateHTTP/2inthefirsthandshake.WhentheconnectionhasbeensetupandtheserverrespondstoaclientHTTPrequest,theservercantelltheclientaboutitssupportofandpreferenceforHTTP/3.

HTTPS://URLs

38

Page 39: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

Alt-svcThealternateservice(Alt-svc:)headeranditscorrespondingALT-SVCHTTP/2framearenotspecificallycreatedforQUICorHTTP/3.Theyarepartofanalreadydesignedandcreatedmechanismforaservertotellaclient:"look,IrunthesameserviceonTHISHOSTusingTHISPROTOCOLonTHISPORT".SeedetailsinRFC7838.

AclientthatreceivessuchanAlt-svcresponseisthenadvisedto,ifitsupportsandwantsto,connecttothatgivenotherhostinparallelinthebackground-usingthespecifiedprotocol-andifitissuccessfulswitchitsoperationsovertothatinsteadoftheinitialconnection.

IftheinitialconnectionusesHTTP/2orevenHTTP/1,theservercanrespondandtelltheclientthatitcanconnectbackandtryHTTP/3.Itcouldbetothesamehostortoanotheronethatknowshowtoservethatorigin.TheinformationgiveninsuchanAlt-svcresponsehasanexpirytimer,makingclientsabletodirectsubsequentconnectionsandrequestsdirectlytothealternativehostusingthesuggestedalternativeprotocol,foracertainperiodoftime.

ExampleAnHTTPserverincludesanAlt-Svc:headerinitsresponse:

Alt-Svc:h3=":50781"

ThisindicatesthatHTTP/3isavailableonUDPport50781atthesamehostnamethatwasusedtogetthisresponse.

AclientcanthenattempttosetupaQUICconnectiontothatdestinationandifsuccessful,continuecommunicatingwiththeoriginlikethatinsteadoftheinitialHTTPversion.

BootstrapwithAlt-svc

39

https://tools.ietf.org/html/rfc7838
Page 40: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

QUICstreamsandHTTP/3HTTP/3ismadeforQUICsoittakesfulladvantageofQUIC'sstreams,whereHTTP/2hadtodesignitsentirestreamandmultiplexingconceptofitsownontopofTCP.

HTTPrequestsdoneoverHTTP/3useaspecificsetofstreams.

HTTP/3framesHTTP/3meanssettingupQUICstreamsandsendingoverasetofframestotheotherend.There'sbutasmallfixednumber(actuallynineonDecember18th,2018!)ofknownframesinHTTP/3.Themostimportantonesareprobably:

HEADERS,thatsendscompressedHTTPheadersDATA,sendsbinarydatacontentsGOAWAY,pleaseshutdownthisconnection

HTTPRequestTheclientsendsitsHTTPrequestonaclient-initiatedbidirectionalQUICstream.

ArequestconsistsofasingleHEADERSframeandmightoptionallybefollowedbyoneortwootherframes:aseriesofDATAframesandpossiblyafinalHEADERSframefortrailers.

Aftersendingarequest,aclientclosesthestreamforsending.

HTTPResponseTheserversendsbackitsHTTPresponseonthebidirectionalstream.AHEADERSframe,aseriesofDATAframesandpossiblyatrailingHEADERSframe.

QPACKheadersTheHEADERSframescontainHTTPheaderscompressedusingtheQPACKalgorithm.QPACKissimilarinstyletotheHTTP/2compressioncalledHPACK(RFC7541),butmodifiedtoworkwithstreamsdeliveredoutoforder.

QPACKitselfusestwoadditionalunidirectionalQUICstreamsbetweenthetwoend-points.Theyareusedtocarrydynamictableinformationineitherdirection.

QUICstreamsandHTTP/3

40

https://httpwg.org/specs/rfc7541.html
Page 41: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3PrioritizationOneoftheHTTP/3streamframesiscalledPRIORITY.ItisusedtosetpriorityanddependencyonastreaminawaysimilartohowitworksinHTTP/2.

Theframecansetaspecificstreamtodependonanotherspecificstreamanditcanseta"weight"onagivenstream.

Adependentstreamshouldonlybeallocatedresourcesifeitherallofthestreamsthatitdependsonareclosedoritisnotpossibletomakeprogressonthem.

Astreamweightisvaluebetween1and256anditisspecifiedthatstreamswiththesameparentshouldbeallocatedresourcesproportionallybasedontheirweight.

Prioritization

41

Page 42: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3ServerpushHTTP/3serverpushissimilartowhatisdescribedinHTTP/2(RFC7540),butusesdifferentmechanisms.

Aserverpushiseffectivelytheresponsetoarequestthattheclientneversent!

Serverpushesareonlyallowedtohappeniftheclientsidehasagreedtothem.InHTTP/3theclientevensetsalimitforhowmanypushesitacceptsbyinformingtheserverwhatthemaxpushstreamIDis.Goingoverthatlimitwillcauseaconnectionerror.

Iftheserverdeemsitlikelythattheclientwantsanextraresourcethatithasn'taskedforbutoughttohaveanyway,itcansendaPUSH_PROMISEframe(overtherequeststream)showingwhattherequestlookslikethatthepushisaresponseto,andthensendthatactualresponseoveranewstream.

Evenwhenpusheshavebeensaidtobeacceptablebytheclientbefore-hand,eachindividualpushedstreamcanstillbecanceledatanytimeiftheclientdeemsthatsuitable.ItthensendsaCANCEL_PUSHframetotheserver.

ProblematicEversincethisfeaturewasfirstdiscussedintheHTTP/2developmentandlateraftertheprotocolshippedandhasbeendeployedovertheInternet,thisfeaturehasbeendiscussed,dislikedandpoundedupincountlessdifferentwaysinordertogetittobecomeuseful.

Pushingisnever"free",sincewhileitsavesahalfround-tripitstillusesbandwidth.Itisoftenhardorimpossiblefortheserver-sidetoactuallyknowwithahighlevelofcertaintyifaresourceshouldbepushedornot.

Serverpush

42

https://httpwg.org/specs/rfc7540.html
Page 43: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

HTTP/3comparedtoHTTP/2HTTP/3isdesignedforQUIC,whichisatransportprotocolthathandlesstreamsbyitself.

HTTP/2isdesignedforTCP,andthereforehandlesstreamsintheHTTPlayer.

SimilaritiesThetwoprotocolsofferclientsvirtuallyidenticalfeaturesets.

Bothprotocolsofferstreams

Bothprotocolsofferserverpushsupport

Bothprotocolshaveheadercompression,andQPACKandHPACKaresimilarindesign.

Bothprotocolsoffermultiplexingoverasingleconnectionusingstreams

Bothprotocolsdoprioritizationonstreams

DifferencesThedifferencesareinthedetailsandprimarilytherethankstoHTTP/3'suseofQUIC:

HTTP/3hasbetterandmorelikelytoworkearlydatasupportthankstoQUIC's0-RTThandshakes,whileTCPFastOpenandTLSusuallysendslessdataandoftenfacesproblems.

HTTP/3hasmuchfasterhandshakesthankstoQUICvsTCP+TLS.

HTTP/3doesnotexistinaninsecureorunencryptedversion.HTTP/2canbeimplementedandusedwithoutHTTPS-evenifthisisrareontheInternet.

HTTP/2canbenegotiateddirectlyinaTLShandshakewiththeALPNextension,whileHTTP/3isoverQUICsoitneedsanAlt-Svc:headerresponsefirsttoinformtheclientaboutthisfact.

ComparisonwithHTTP/2

43

Page 44: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

Criticism

UDPwillneverworkAlotofenterprises,operatorsandorganizationsblockorrate-limitUDPtrafficoutsideofport53(usedforDNS)sinceithasinrecentdaysmostlybeenabusedforattacks.Inparticular,someoftheexistingUDPprotocolsandpopularserverimplementationsforthemhavebeenvulnerableforamplificationattackswhereoneattackercanmakeahugeamountofoutgoingtraffictotargetinnocentvictims.

QUIChasbuilt-inmitigationagainstamplificationattacksbyrequiringthattheinitialpacketmustbeatleast1200bytesandbyrestrictionintheprotocolthatsaysthataservermustnotsendmorethanthreetimesthesizeoftherequestinresponsewithoutreceivingapacketfromtheclientinresponse.

UDPisslowinkernelsThisseemstobethetruth,atleasttodayin2018.WecanofcoursenottellhowthiswilldevelopandhowmuchofthisissimplytheresultofUDPtransferperformancenothavingbeenindevelopers'focusformanyyears.

Formostclients,this"slowness"isprobablyneverevennoticeable.

QUICtakestoomuchCPUSimilartothe"UDPisslow"remarkabove,thisispartlybecausetheTCPandTLSusageoftheworldhashadalongertimetomature,improveandgethardwareassistance.

Therearereasonstoexpectthistoimproveovertime.ThequestionishowmuchthisextraCPUusagewillhurtdeployers.

ThisisjustGoogleNoitisnot.GooglebroughttheinitialspectotheIETFafterhavingproved,onalargeInternet-widescale,thatdeployingthisstyleofprotocoloverUDPactuallyworksandperformswell.

Sincethen,individualsfromalargenumberofcompaniesandorganizationshaveworkedinthevendor-neutralorganizationIETFtoputtogetherastandardtransportprotocoloutofit.Inthatwork,Googleemployeeshaveofcoursebeenparticipating,butsohaveemployeesfromalargenumberofothercompaniesthatareinterestedinfurtheringthestateoftransportprotocolsontheInternet,includingMozilla,Fastly,Cloudflare,Akamai,Microsoft,FacebookandApple.

ThisistoosmallofanimprovementThatisnotreallyacritiquebutanopinion.Maybeitis,andmaybeitistoolittleofanimprovementsocloseintimesinceHTTP/2wasshipped.

HTTP/3islikelytoperformmuchbetterinpacketloss-riddennetworks,itoffersfasterhandshakessoitwillimprovelatencybothasperceivedandactual.ButisthatenoughofbenefitstomotivatepeopletodeployHTTP/3supportontheirserversandfortheirservices?Timeandfutureperformancemeasurementswillsurelytell!

Commoncriticism

44

Page 45: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

ThespecificationsHereisacollectionofthelatestofficialdraftsforthevariouspartsandcomponentsofQUICandHTTP/3.

InvariantsVersion-IndependentPropertiesofQUIC

TransportQUIC:AUDP-BasedMultiplexedandSecureTransport

RecoveryQUICLossDetectionandCongestionControl

TLSUsingTLStoSecureQUIC

HTTPHypertextTransferProtocolVersion3(HTTP/3)

QPACKQPACK:HeaderCompressionforHTTP/3

Thespecifications

45

https://tools.ietf.org/html/draft-ietf-quic-invariants-07
https://tools.ietf.org/html/draft-ietf-quic-transport-23
https://tools.ietf.org/html/draft-ietf-quic-recovery-23
https://tools.ietf.org/html/draft-ietf-quic-tls-23
https://tools.ietf.org/html/draft-ietf-quic-http-23
https://tools.ietf.org/html/draft-ietf-quic-qpack-10
Page 46: Table of Contents - WikimediaTable of Contents Introduction Why QUIC Remember HTTP/2 TCP head of line blocking TCP or UDP Ossification Secure Reduced latency Process IETF Experience

QUICv2InordertogetthemostpossiblyfocusonthecoreQUICprotocolandbeabletoshipitontime,severalfeaturesthatwereoriginallyplannedtobepartofthecoreprotocolhavebeenpostponedandarenowplannedtoinsteadgetdoneinasubsequentQUICversion.QUICversion2orbeyond.

Theauthorofthisdocumentdoeshoweverhavearatherfaultycrystalballsowecannottellforsureexactlywhatfeatureswillorwillnotappearinversion2.Wecanhowevermentionsomeofthefeaturesandthingsthatexplicitlyhavebeenremovedfromthev1worktobe"workedonlater"andthatthenpossiblymightappearinaversion2.

ForwardErrorCorrectionForwarderrorcorrection(FEC)isamethodofobtainingerrorcontrolindatatransmissioninwhichthetransmittersendsredundantdataandthereceiverrecognizesonlytheportionofthedatathatcontainsnoapparenterrors.

GoogleexperimentedwiththisintheiroriginalQUICworkbutitwassubsequentlyremovedagainsincetheexperimentsdidnotturnoutwell.ThisfeatureissubjectfordiscussionforQUICv2butprobablytakesforsomeonetoprovethatitactuallycanbeausefuladditionwithouttoomuchpenalty.

MultipathMultipathmeansthatthetransportcanbyitselfusemultiplenetworkpathstomaximizeresourceusageandincreaseredundancy.

TheSCTPproponentsoftheworldliketomentionthatSCTPalreadyfeaturesmultipathandsodoesmodernTCP.

UnreliabledataIthasbeendiscussedtooffer"unreliable"streamsasanoption,thatwouldthenallowQUICtoalsoreplaceUDP-styleapplications.

Non-HTTPadaptionsDNSoverQUICwasoneoftheearlymentionednon-HTTPprotocolsthatjustmightgetsomeattentiononceQUICv1andHTTP/3ship.ButwithanewtransportlikethishavingbeenbroughtontotheworldIcannotimaginethatitwillstopthere.

QUICv2

46


Secure Communication Channel Establishment: TLS 1.3 (over ...Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC Shan Chen1, Samuel Jero2, Matthew Jagielski3,

Secure Communication Channel Establishment: TLS 1.3 (over ...Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC Shan Chen1, Samuel Jero2, Matthew Jagielski3,

Ruby, Ractor, QUIC

Ruby, Ractor, QUIC

Heterotrophic ossification

Heterotrophic ossification

Introduction to QUIC

Introduction to QUIC

Appearance of ossification centres

Appearance of ossification centres

Quic tar uide

Quic tar uide

QUIC EnvSim: Radiative Heat Transfer in Vegetative and ...on-demand.gputechconf.com/...quic-envsim-radiative-heat-transfer... · QUIC EnvSim: Radiative Heat Transfer in Vegetative

QUIC EnvSim: Radiative Heat Transfer in Vegetative and ...on-demand.gputechconf.com/...quic-envsim-radiative-heat-transfer... · QUIC EnvSim: Radiative Heat Transfer in Vegetative

Regulation of chicken ccn2 among chondrocytes · Bone is formed by endochondoral ossification and intramembane ossification. During endochondral ossification (reviewed in ref. 1),

Regulation of chicken ccn2 among chondrocytes · Bone is formed by endochondoral ossification and intramembane ossification. During endochondral ossification (reviewed in ref. 1),

Endochondral Ossification

Endochondral Ossification

QUIC User Guide - Facility - ACRIN Corelab/QUIC Use…  · Web viewdialog window shown in Figure 5. ... Microsoft Word files (DOC) ... QUIC User Guide - Facility Subject: Facility

QUIC User Guide - Facility - ACRIN Corelab/QUIC Use…  · Web viewdialog window shown in Figure 5. ... Microsoft Word files (DOC) ... QUIC User Guide - Facility Subject: Facility

Early excision of heterotopic ossification for pain control: A case … · 2015-05-20 · heterotopic ossification following traumatic brain injury. Conclusion Heterotopic ossification

Early excision of heterotopic ossification for pain control: A case … · 2015-05-20 · heterotopic ossification following traumatic brain injury. Conclusion Heterotopic ossification

Heterotopic Ossification & Venous Thromboembolism 2015...Heterotopic Ossification & Venous Thromboembolism 2015 8. Heterotopic Ossification & Venous Thromboembolism pg. 2 of 18 2004)

Heterotopic Ossification & Venous Thromboembolism 2015...Heterotopic Ossification & Venous Thromboembolism 2015 8. Heterotopic Ossification & Venous Thromboembolism pg. 2 of 18 2004)

An experimental investigation of QUIC HTTP over UDP: ACM ... · NEW PROPOSALS TO REDUCE LATENCY: SPDY and QUIC Introduction 4 SPDY is an evolution of HTTP/TCP Goal of QUIC: replace

An experimental investigation of QUIC HTTP over UDP: ACM ... · NEW PROPOSALS TO REDUCE LATENCY: SPDY and QUIC Introduction 4 SPDY is an evolution of HTTP/TCP Goal of QUIC: replace

Performance Analysis of QUIC Protocol under Network …web.cs.wpi.edu/~claypool/ms/quic/quic-thesis.pdfcontrol mechanism where the endpoints manage the sending rates. Thus, TCP prevents

Performance Analysis of QUIC Protocol under Network …web.cs.wpi.edu/~claypool/ms/quic/quic-thesis.pdfcontrol mechanism where the endpoints manage the sending rates. Thus, TCP prevents

QUICsilver: Optimising QUIC for use with Real-Time ... · QUICsilver: Optimising QUIC for use with Real-Time Multimedia Traffic Vivian Band (2038561) April 22, 2019 ABSTRACT QUIC,

QUICsilver: Optimising QUIC for use with Real-Time ... · QUICsilver: Optimising QUIC for use with Real-Time Multimedia Traffic Vivian Band (2038561) April 22, 2019 ABSTRACT QUIC,

QUIC: the details

QUIC: the details

QUIC und HTTP/2 — neue Internet Protokolle · Mirja Kühlewind: QUIC und HTTP/2 — neue Internet Protokolle architecture Overview QUIC • New transport protocol, e.g. an alternative

QUIC und HTTP/2 — neue Internet Protokolle · Mirja Kühlewind: QUIC und HTTP/2 — neue Internet Protokolle architecture Overview QUIC • New transport protocol, e.g. an alternative

QUIC RESEARCH REPORT€¦ · QUIC RESEARCH REPORT QUIC Research Reports focus on emerging investment themes that affect current portfolio companies and companies under coverage. Cash

QUIC RESEARCH REPORT€¦ · QUIC RESEARCH REPORT QUIC Research Reports focus on emerging investment themes that affect current portfolio companies and companies under coverage. Cash

Secure Communication Channel Establishment: TLS 1.3 (over … · Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC Shan Chen1, Samuel Jero2, Matthew

Secure Communication Channel Establishment: TLS 1.3 (over … · Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC Shan Chen1, Samuel Jero2, Matthew

Heterotopic Ossification of the Elbow after Medial ... · prominent heterotopic ossification of the elbow (Fig. 3). Computed tomography scans further revealed heterotopic ossification

Heterotopic Ossification of the Elbow after Medial ... · prominent heterotopic ossification of the elbow (Fig. 3). Computed tomography scans further revealed heterotopic ossification