Diese Webseite nutzt nur technisch notwendige Cookies.

HTTP3 and QUIC – Fast Future of Our Web

HTTP3 QUIC - Steffen Lippke Coding Tutorials

What is HTTP3 and QUIC?

This tutorial gives you an introduction and how to put it into practice.

Let’s get started!

What is HTTP?

So kommt die Webseite auf Dein Handy
How the website gets to your mobile phone

HTTP stands for “Hypertext Transfer Protocol” and is the protocol used to transfer some of the data on the Internet. It forms the basis for the exchange of information between your web browser and a server.

A client is a device such as your computer or mobile phone that sends a request – retrieving a web page. A server is a computer that waits for requests and responds with a web page/data.

Example HTTP Process

Request: When you open a web page in your browser, your browser sends an HTTP request to the server on which the web page is stored. Example of a request:

GET /index.html HTTP/1.1
Host: www.example.com

Here, the browser requests the file “index.html” from the website “www.example.com”.

Anfrage vom Browser
Request from the browser

Response: The server responds to the browser’s request with an HTTP response. Example of a response:

HTTP/1.1 200 OK Content-Type: text/html


  
    Content of the website...
  

Here, the server indicates that the request was successful (status code 200) and sends back the HTML content of the web page. HTTP status codes indicate whether a request was successful or whether a problem has occurred. For example:

  • 200 OK: Successful request.
  • 404 Not Found: The requested resource was not found.
  • 500 Internal Server Error: A server error has occurred.
Ein JSON als Antwort
A JSON in response

What is QUIC?

QUIC is a protocol that regulates how data is sent from a server to your mobile phone. The protocol transmits websites, images, texts, programmes and much more.

Ist bereits offiziell anerkannt
It is already officially recognised

HTTP 1 and 2 with TCP were the predecessors that QUIC wants to replace. QUIC is a multitasker that combines many steps and is super-slim. From the very first connection, QUIC provides all the information required to start encryption and sends the relevant data directly.

It is even faster with QUIC-0-RTT, which simply sends data directly after a recent connection. This procedure is “revolutionary” compared to the old protocols, which processed all steps individually in a very formalistic manner before the first bit was even transmitted by the website.

What is the Problem with HTTP/1?

HTTP/1.0 and HTTP/1.1 are older versions of the HTTP protocol, while HTTP/2 is a further development.

  • Slow loading times: With HTTP/1.0, a separate TCP connection was established for each resource. This led to long loading times, especially for websites with many resources (images, styles, external scripts, libraries, videos).
  • Unnecessary connections: Every time a resource was loaded, a new connection was established and closed after loading. This led to additional work and increased response time (latency).

What is the Problem with HTTP/2?

  • Network fragmentation: In some networks, there may be problems with packet fragmentation, especially when transferring large amounts of data.
  • Upgrade problems: The introduction of HTTP/2 requires upgrading on both the server and client side. Some older (web) systems or infrastructures may not support HTTP/2.
HTTP2 ist der Defacto Standard
HTTP2 is the slower de facto standard
  • Potential latency for small files: While HTTP/2 improves load times for complex pages with many resources, there could be a small increase in latency for small files or single resources due to overhead.
  • Resource prioritisation not always optimal: Although HTTP/2 supports resource prioritisation, the way this is implemented by different servers can lead to different results and prioritisation may not always be used optimally.

That’s why HTTP/3 is a Must-Have for You

HTTP/3 or Quick UDP Internet Connections (QUIC)

  • Improves performance: UDP is an encapsulation for data that is significantly leaner than TCP, which has been the standard up to now.
  • Less latency : Before the first productive bit (i.e. the first line of text from this article) is transmitted, QUIC requires less connection time than TCP / HTTP 2
  • Traffic jam preventer: Traffic jams don’t just occur on the motorway, but also in the network. With QUIC, the user programmes, i.e. the browser, should clear the congestion and bring the packets back into the correct order.

Why is HTTP/3 not Popular?

HTTP3 is still far from being the standard in the IT world, even though it promises very good performance and efficiency. Many programmes still use HTTP 1 or HTTP 1.1. The increase over HTTP/2 is already enormous. Most browser users (Firefox, Chrome) have been able to use HTTP/3 for years, but the website providers are asleep. There are several reasons for this:

  1. HTTP/3 implementations are often still experimental. The software developers rely on robust software.
  2. HTTP/3 is actively switched on – many operators don’t care. The server is running after all, or they don’t know the technology.
  3. Poor availability – not only web servers use HTTP, but also a lot of software. The code has to be recompiled first. Some software that has been in use for 20 years is usually no longer recompiled because the developers are over the hill or the companies selling it no longer want to offer it.

Tutorial – Switch on Turbo Boost

If you have your own server and can install software, you can install the latest version of NGINX (from 1.25.0). HTTP/3 is in experimental status on 15.12.2023, but you can use the software.

NGINX ist King
NGINX is king

QUIC only works if you have an SSL certificate. If you have been getting through life unencrypted so far, you should upgrade to HTTPS now. QUIC embeds encryption in its first request to save time.

CDN

The easiest way to set up NGINX is with a content delivery network or a reverse proxy. A CDN creates many copies of your website worldwide and positions them so that the content is quickly available anywhere in the world. To speed up delivery even further, Cloudflare offers HTTP3 mode.

  1. Log in to the Cloudflare Dashboard:
  2. Select Your Account / Zone
  3. Go to Speed > Optimisation > Protocol Optimisation.
  4. Switch the switch for HTTP/3 to On.

https://developers.cloudflare.com/speed/optimization/protocol/http3

Cloudflare works like a reverse proxy. It receives requests from customers and takes the content from your website and transfers it to the customers.

Reverse Proxy

You can also be your own intermediary and operate your own reverse proxy. One example is Caddy 2, which you can simply install with Docker Compose and get started.

  1. Check if Caddy is on version 2:
$ caddy version
v2.0.0-rc.2
  1. Add the option at the beginning of the Caddyfile:
{
    experimental_http3
}
  1. Allow UDP (and TCP) traffic via the firewall. With ufw, for example, you can do this with
sudo ufw allow 443/udp

Here is the documentation for professionals who want to familiarise themselves with the subject: https://nginx.org/en/docs/quic.html

Let us know what you think! Was this tutorial/post helpful, or do you still have burning questions? Write a comment and become part of our growing community. Share your successes, challenges and tips - together we can achieve great things in security and coding!

Leave a Reply

Your email address will not be published. Required fields are marked *

get rss abo

Jetzt
Abbonnieren
academy

Erhalte Free
Security Kurs

Jeden Monat teile ich mit Mitgliedern
4 neue praxisnahe Tutorials (je 1000+ Wörter).


Trage Deine Mail, damit Du
Deine Coding + Hacking Skills erweitern kannst!