Web Performance and the Impact of SPDY, HTTP/2 & QUIC - Part 3
May 24, 2016

Jean Tunis

Share this

This blog is the third in a 5-part series on APMdigest where I discuss web application performance and how new protocols like SPDY, HTTP/2, and QUIC will hopefully improve it so we can have happy website users.

Start with Web Performance 101: The Bandwidth Myth

Start with Web Performance 101: 4 Recommendations to Improve Web Performance

Start with Web Performance and the Impact of SPDY, HTTP/2 & QUIC - Part 1

Start with Web Performance and the Impact of SPDY, HTTP/2 & QUIC - Part 2

Common HTTP/1.1 Workarounds

Regarding the HTTP/1.1 limitations outlined in my last blog, it was known that an update was needed to address them. But this did not happen, until recently. With the need for better performance, a number of workarounds were created to get around the limitations.

Open Multiple Connections

As web technology developed, it became clear that more connections were needed to help improve web performance by opening up more than one connection to the server at the same time. For years, Internet Explorer allowed only 2 concurrent connections. As Firefox and Chrome entered the scene, this number went up to 6.

At this point, most modern browsers allow for 6 concurrent TCP connections. All of these connections will help to reduce the impact of TCP slow start on the overall website.

Domain Sharding

With the ability to have multiple connections to the server, developers soon realized that they could improve performance if website resources were placed on various domain servers. They would then be able to allow for up to 6 concurrent connections for each domain.

The content for a website, domain.com, for example, could be spread across three domains - one.domain.com, two.domain.com and three.domain.com.

With this configuration, a browser can now have up to 18 concurrent connections to make HTTP requests!

Resource Inlining

What's better than having the browser open up more connections across many domains? Using those same connections to send more data.

In my previous blog, Web Performance 101: 4 Recommendations to Improve Web Performance, I mentioned that you don't want to have too many connections. With 18 connections from one browser to 3 domains, the PC may run into some resource issues. Opening and closing more connections can cause CPU slowdown, for example.

The ability to include some scripting data directly into the HTML, known as resource inlining, allowed the browser to download CSS and JS file information along with the HTML and not have to open up a new connection to do it. This not only reduced the number of connections, but also reduced the need for another round-trip across the network to get more data.

Enter SPDY

To help solve the HTTP/1.1 limitations, in November 2009, Google released its first draft defining a new protocol called SPDY, which is pronounced "SPeeDY".

Get it? Speedy? Haha!

The primary goal that Google stated for this protocol was to reduce page load times by at least 50%.

The plan to achieve this goal was in the following ways:

■ Multiplexing requests onto one TCP connection

■ Prioritizing requests

■ Compressing headers

■ Enabling server pushes

■ Ensuring better security with TLS

SPDY is not an outright replacement of HTTP. Instead it runs as an application layer protocol that sits between TCP and HTTP.

Google also ensured that every request would be secure, so part of the SPDY implementation included TLS for data encryption, by default. Google was able to accomplish this goal when it saw up to 64% decreases in page load times across its Google properties that were tested, when compared to HTTP/1.1.

Now to HTTP/2

The performance gains that were experienced with SPDY were so great that Google submitted SPDY to the IETF for consideration in the HTTP/1.1 upgrade. This was accepted, and when the initial draft of the HTTP/2 standard was published in 2012, it was an exact of the copy of SPDY.

HTTP/2 is meant to be a more efficient version of the HTTP/1.1 protocol. But rather than a simple dot upgrade, like HTTP/1.2, HTTP/2 was used due to the binary framing layer (more on this later) of the upgraded protocol.

So SPDY was used as a starting point to build on HTTP/2.

The following capabilities were used as goals to accomplish:

■ Multiplexing of requests via request/response streams

■ Flow control and prioritization of multiplexed streams

■ Interaction mode via server push

■ Data compression of HTTP headers

After many months, the updated HTTP protocol was published as the proposed standard (RFC 7540) in May 2015.

Not Your Average SPDY

While HTTP/2 was based on Google's SPDY protocol at the outset, there were a couple of capabilities removed by the time it became a standard.

SPDY was only implemented with the TLS protocol enabled for security. The HTTP/2 protocol can be implemented with or without TLS.

This means that both ports 80 and 443 can be used as default ports to implement the protocol. HTTP/2 defines a version ID in the HTTP header so that you can verify what version is being used.

■ H2 version is for encrypted HTTP/2.

■ H2C version is for unencrypted HTTP/2.

But the de facto standard implementation will be H2 to ensure that as many websites as possible are always using HTTP with TLS encryption.

Read Web Performance and the Impact of SPDY, HTTP/2 & QUIC - Part 4, covering HTTP/2 in more detail.

Jean Tunis is Senior Consultant and Founder of RootPerformance.

Share this

The Latest

March 20, 2019

Network performance issues come in all shapes and sizes, and can require vast amounts of time and resources to solve. Here are three examples of painful network performance issues you're likely to encounter this year, and how NPMD solutions can help you overcome them ...

March 19, 2019

"Scale up" versus "scale out" doesn't just apply to hardware investments, it also has an impact on product features. "Scale up" promotes buying the feature set you think you need now, then adding "feature modules" and licenses as you discover additional feature requirements are needed. Often as networks grow in size they also grow in complexity ...

March 18, 2019

Network Packet Brokers play a critical role in gaining visibility into new complex networks. They deliver the packet data and information IT and security teams need to identify problems, recognize security issues, and ensure overall network performance. However, not all Packet Brokers are created equal when it comes to scalability. Simply "scaling up" your network infrastructure at every growth point is a more complex and more expensive endeavor over time. Let's explore three ways the "scale up" approach to infrastructure growth impedes NetOps and security professionals (and the business as a whole) ...

March 15, 2019

Loyal users are the key to your service desk's success. Happy users want to use your services and they recommend your services in the organization. It takes time and effort to exceed user expectations, but doing so means keeping the promises we make to our users and being careful not to do too much without careful consideration for what's best for the organization and users ...

March 14, 2019

What's the difference between user satisfaction and user loyalty? How can you measure whether your users are satisfied and will keep buying from you? How much effort should you make to offer your users the ultimate experience? If you're a service provider, what matters in the end is whether users will keep coming back to you and will stay loyal ...

March 13, 2019

What if I said that a 95% reduction in the amount of IT noise, 99% reduction in ticket volume and 99% L1 resolution rate are not only possible, but that some of the largest, most complex enterprises in the world see these metrics in their environments every day, thanks to Artificial Intelligence (AI) and Machine Learning (ML)? Would you dismiss that as belonging to the realm of science fiction? ...

March 12, 2019
As a consumer, when you order products online, how do you expect them to get delivered? Some key requirements are: the product must arrive on time, well-packed, and ultimately must give you an easy gateway to return it if it is not as per your expectations. All this has been made possible via a single application. But what if this application doesn't function the way you want or cracks down mid-way, or probably leaks off information about you to some potential hackers? Technical uncertainty and digital chaos are the two double-edged swords dangling over this billion-dollar ecommerce market. Can Quality Assurance and Software Testing save application developers from this endless juggle? ...
March 11, 2019

Of those surveyed, 96% of organizations have a digital transformation strategy, with 57% approaching it as an enterprise-wide priority, with a clear emphasis on speed of business, costs, risk, and customer satisfaction, according to IDC’s Aligning IT Strategies and Business Expectations for Digital Transformation Success, sponsored by EasyVista ...

March 08, 2019

One of my ongoing areas of focus is analytics, AIOps, and the intersection with AI and machine learning more broadly. Within this space, sad to say, semantic confusion surrounding just what these terms mean echoes the confusions surrounding ITSM ...

March 07, 2019

I must admit that the more I research IT service management (ITSM) — what it means, what its trends are, and what its future is — the more I feel like an explorer on a strikingly rich continent that so far the industry has either ignored, or misunderstood. The brand-new data that we've just received in EMA is a case in point ...