Enable HTTP/3 for GA to improve application access experience - Global Accelerator

Quick UDP Internet Connections (QUIC) is a low-latency transport protocol based on UDP, and HTTP/3 is built on top of QUIC. HTTP/3 enables multiplexing without the need for reconnection, which improves the efficiency of resource access. In scenarios involving weak networks, frequent switching between Wi-Fi and mobile networks, and high latency or packet loss, you can enable HTTP/3 for GA to accelerate application access, enhance system performance, and improve user experience.

Features

Features of QUIC and HTTP/3

QUIC is a low-latency transport protocol based on UDP, designed to provide faster and more secure Internet connections. The main goal of QUIC is to address the performance bottlenecks of TCP and TLS in modern network environments, such as high-latency networks and multiplexed connections.

Due to its performance advantages, QUIC is widely regarded as the future of Internet transport protocols and serves as the basis for HTTP/3. As major browsers and web servers begin to support QUIC, it is gradually becoming an integral part of modern Internet infrastructure.

Why use QUIC and HTTP/3?

HTTP/3 adopts QUIC as the transport layer protocol and provides better performance, security, and reliability than HTTP/1 and HTTP/2. HTTP/3 performs particularly well in high-latency and high-packet-loss network environments.

Key benefits and features of QUIC:

Reduce latency:
- Multiplexing: Establishing a TCP connection requires a three-way handshake, and TLS negotiations add additional round-trip times. In high-latency networks, this significantly increases connection setup time. QUIC allows multiple independent bidirectional data streams to be handled over a single UDP flow. This reduces the latency associated with establishing multiple TCP connections and better handles packet loss scenarios.
Reliable transmission:
- Fast retransmission and congestion control: QUIC implements a congestion control mechanism and fast retransmission strategy. When packet loss is detected, QUIC can quickly retransmit lost data and dynamically adjust the data transmission rate based on network conditions. This avoids network congestion and ensures efficient and reliable data transfer.
- Forward error correction: QUIC uses forward error correction techniques to add redundancy information when sending packets. This allows the receiver to recover the original data even if some packets are lost, without the need to request retransmission. This enhances transmission reliability.
Enhanced security:
- TLS-based encryption: QUIC integrates encryption as part of the protocol. Every QUIC connection uses TLS for encryption during the handshake process and all subsequent data transmissions. This ensures the confidentiality and integrity of data.
- Full traffic encryption: TCP data transmission is susceptible to interference from intermediate elements such as firewall rules and NAT devices, limiting its security. In contrast, QUIC, based on UDP, enhances the integrity and privacy of packets throughout the transmission path through full traffic encryption, eliminating interference from intermediate nodes.

Use scenarios of HTTP/3

Web browsing: For web browsing, HTTP/3 can reduce page load times, especially for complex web pages that require loading multiple resources. With the multiplexing capabilities of QUIC, users can see webpage content more quickly.
Real-time communication applications: Applications such as instant messaging, video conferencing, and online gaming, which are highly sensitive to latency, can benefit significantly from HTTP/3. QUIC provides low latency and rapid error recovery mechanisms to help maintain a smooth real-time communication experience.
Applications on mobile devices: Connections in mobile network environments are often unstable. Given the lossless recovery mechanisms and better adaptability to network changes of QUIC, HTTP/3 can provide mobile users with a more stable connection experience.
Streaming services: For video and audio streaming services, such as short videos and live streaming, HTTP/3 provides a more continuous playback experience by reducing buffering and interruptions.
High-concurrency scenarios: In scenarios involving high concurrency, such as large e-commerce platforms or social media platforms during peak hours, HTTP/3 provides multiplexing capabilities to efficiently handle a large number of concurrent requests. Unlike HTTP/2, HTTP/3 prevents head-of-line blocking issues.

Protocol versions supported by GA and client requirements

The HTTP/3 protocol version supported by GA is h3. You need to ensure that the HTTP/3 version supported by the client is compatible with the HTTP/3 version of GA:

The Chrome version is Chrome 87 or later. If you use another browser, make sure that the browser supports HTTP/3.
If you use other clients, such as a self-developed application, the client must be integrated with a network library that supports QUIC, such as the LSQUIC Client, Cronet, ngtcp2, and quiche libraries.

How GA and the client negotiate HTTP/3

Before an HTTP/3 connection is established between a server and a client, due to the connectionless nature of UDP, the client first establishes a secure connection with the server through a TLS 1.3 handshake. During this process, HTTP/3 is automatically negotiated without requiring explicit specification by the user or developer.

HTTP/3 is a new protocol. HTTP is not an update or extension built on top of HTTP/1.1 or HTTP/2 but is instead based on the QUIC protocol. Due to this fundamental change, HTTP/3 is not directly compatible with previous versions of HTTP at the protocol level. To ensure backward compatibility, web servers and browsers implement multiple HTTP versions, including HTTP/1.1, HTTP/2, and HTTP/3, and can automatically negotiate the most suitable protocol version based on the support provided by the client and server. This means that although HTTP/3 is not directly compatible with older versions of HTTP, modern clients and servers handle protocol selection and fallback automatically. Users and developers do not need to worry about compatibility issues.

How GA and clients negotiate HTTP/3:

After configuring the maximum HTTP version to HTTP/3 in the HTTPS listener of the GA instance, GA announces its support for HTTP/3 to the client. This announcement is made by using the Alt-Svc header in the HTTP response. The value of the Alt-Svc header is Alt-Svc : h3=":$quic_port"; ma=3600.
The client attempts to establish an HTTP connection with GA. Take note of the following points:
- If the client cannot establish an HTTP/3 connection, the client falls back to HTTP/1.1 or HTTP/2.
- The client supports cache and cookies related to HTTP/3.
- Scenarios where HTTP/3 connections cannot be established:
  - The HTTP/3 version supported by the client is incompatible with the HTTP/3 version supported by GA.
  - GA detects that UDP traffic is blocked or rate-limited.
  - The client does not support HTTP/3. Therefore, it does not initiate HTTP/3 negotiations.
Enabling or disabling HTTP/3 for GA does not affect the ability of GA to connect to clients.

Examples

A company is headquartered in Germany (Frankfurt). A website is deployed on an application server in the headquarters to provide video services. The clients are mainly located in the China (Beijing) region.

The website may encounter the following challenges:

The company wants to upgrade from HTTP to HTTP/3 to improve service quality and system performance.
The cross-border network is unstable. Network issues, such as network latency, network jitter, and packet loss, may frequently occur.

After you enable HTTP/3 for GA, the efficient transmission mechanisms QUIC can be used to reduce latency, enhance connection reliability, and improve data transmission performance in poor network conditions.

The encryption measures of HTTPS ensure that users in China (Beijing) can securely access resources on the server through GA nodes. HTTP/3 ensures the security of sensitive information during transmission across regions, optimizes transmission efficiency, and enhances the service quality.

Limits

To enable HTTP/3 for GA, you must set Maximum HTTP Version to HTTP/3 when you configure an HTTPS listener.
Only standard pay-as-you-go GA instances support HTTP/3. Standard and basic subscription GA instances do not support HTTP/3.
If your pay-as-you-go GA instance does not support Maximum HTTP Version, the instance may use an earlier version. Contact your account manager to upgrade your GA instance.

Prerequisites

An application server is deployed to provide HTTP services.
Sample configuration
In this example, an ECS instance in the Germany (Frankfurt) region is used for testing. The operating system is CentOS 7.9.
Run the following commands to deploy the service:
Note
Upload the test video file to the server and change the video file path in the fourth command to the correct file path.
In this example, the MP4 file is uploaded to the directory in which index.html resides.
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "<video src="GA.mp4" controls=""></video>" > index.html
```
A domain name is registered and an Internet Content Provider (ICP) number is obtained for the domain name. For more information, see Register a domain name on Alibaba Cloud and ICP filing process.
The required certificates are deployed. If the certificates are purchased from a third-party service provider, you must upload the certificates to Certificate Management Service and associate the certificates with your domain name. For more information about how to create a certificate, see Get started with official certificates.

Procedure

Step 1: Configure a GA instance and enable HTTP/3

Log on to the GA console.
On the Instances page, click Create Standard Pay-as-you-go Instance in the upper-left corner.
In the Basic Instance Configuration step, enter the name of the GA instance. After you configure the parameters, click Next.
In the Configure Acceleration Area step, set the Acceleration Area parameter to China (Beijing). You can use the default values for other parameters or modify the parameters based on your business needs. Click Next.
Important
If you specify a small value for the maximum bandwidth, throttling may occur and packets may be dropped. Specify a maximum bandwidth based on your business requirements.

In the Configure Listener step, configure the parameters. The following table describes some of the parameters. Configure the other parameters based on your business requirements or use the default values. After you configure the parameters, click Next.

Parameter	Description

Parameter	Description
Protocol	In this example, HTTPS is selected.
Maximum HTTP Version	Select HTTP/3. Note If your pay-as-you-go GA instance does not support Maximum HTTP Version, the instance may use an earlier version. Contact your account manager to upgrade your GA instance. If the client does not support HTTP/3, GA supports HTTP/2 or HTTP/1.1 requests.
Port	Select the default HTTPS port 443.
Server Certificate	Select the SSL certificates of your domain name.

In the Configure an endpoint group step, configure the following parameters. You can use the default values of other parameters or modify the parameters based on your business needs. After you configure the parameters, click Next.

Parameter	Description

Parameter	Description
Region	Select Germany (Frankfurt).
Endpoint Configuration	Select ECS for Backend Service Type. Select your application server for Backend Service.
Port Mapping	If the listener port is different from the service port, you must configure the port mapping. In this example, the listener port is set to 443 and the endpoint port is set to 80.
Cross-border Acceleration Settings	In this example, the service requires cross-border acceleration between regions in the Chinese mainland and regions outside the Chinese mainland or between regions outside the Chinese mainland. Read and select Compliance Commitments Regarding Cross-border Data Transfers.

跨境合规 INTL

In the Configuration Review step, click Submit. Wait until the instance is created and configured.

Step 2: Configure DNS records

To forward requests from clients to GA, you must create a DNS record to map your domain name to the CNAME of the GA instance.

Log on to the GA console.
Select the GA instance for which you want to create a DNS record and copy the CNAME.

Perform the following steps to create a CNAME record:

Log on to the Alibaba Cloud DNS console.
On the Authoritative DNS Resolution page, click Add Domain Name.
In the Add Domain Name dialog box, enter the domain name of your host and click OK.
Important
Before you create the CNAME record, you must use a TXT record to verify the ownership of the domain name.
Find the domain name that you want to manage and click DNS Settings in the Actions column.
On the DNS Settings page, click Add DNS Record.

In the Add DNS Record panel, configure the following parameters and click OK.

Parameter	Description

Parameter	Description
Record Type	The type of the DNS record. Select CNAME from the drop-down list.
Hostname	Enter the prefix of the domain name of your host.
DNS Request Source	The region from which the DNS request is sent. Select Default from the drop-down list.
Record Value	Enter the CNAME of the GA instance.
TTL	The time-to-live (TTL) of the CNAME record to be cached on the DNS server. In this example, the default value is used.

Step 3: Verify the acceleration performance

In this example, a client in the China (Beijing) acceleration region is used to test the acceleration performance.

Test the acceleration performance when HTTP/3 is used:
Open the developer tool in a browser and access https://<your own domain name> to access the backend service. You can prevent the impact of caching on HTTP/3 negotiation by disabling browser caching. For example, select Disable cache in Chrome.
Test the acceleration performance when HTTP/3 is not used:
Modify the HTTPS listener of the GA instance. Set the Maximum HTTP Version parameter to HTTP/2.
Open the developer tool in a browser and access https://<your own domain name> to access the backend service.
Test the latency when GA is not used:
If the application server does not have a public IP address, you can associate an EIP with the server.
Open the developer tool in a browser and access http://<public IP address>:<port> to access the backend service.

Compare the results.

The preceding test data shows that GA and HTTP/3 improve the access speed of clients.

Scenario	Time required for page preloading (3.3 MB)	Time required for full video loading (112 MB)	Page preloading comparison (Reduction/Percentage)	Full video loading comparison (Reduction/Percentage)

Scenario	Time required for page preloading (3.3 MB)	Time required for full video loading (112 MB)	Page preloading comparison (Reduction/Percentage)	Full video loading comparison (Reduction/Percentage)
Scenario 1: Use GA and HTTP/3	16.86 seconds	3.8 minutes	0.78 seconds or 4.42% faster than Scenario 2.	0.4 minutes or 9.52% faster than Scenario 2.
Scenario 2: Use only GA	17.64 seconds	4.2 minutes	48.36 seconds or 73.27% faster than Scenario 3.	34.4 minutes or 89.12% faster than Scenario 3.
Scenario 3: Do not use GA	1.1 minutes	38.6 minutes	/	/

Note

The examples and data in this topic are for reference only. The actual acceleration effect on your service prevails.

FAQ

Why is the HTTP/3 option unavailable in the GA console?

If your pay-as-you-go GA instance does not support Maximum HTTP Version, the instance may use an earlier version. Contact your account manager to upgrade your GA instance.

Why do clients fail to use HTTP/3?

If GA fails to negotiate HTTP/3 with the client, GA rolls back to HTTP/1.1 or HTTP/2. For more information about the negotiation mechanism, see How GA and the client negotiate HTTP/3.

References

For cross-border scenarios, BGP (Multi-ISP) Pro lines are used by default. If you require higher network quality, use cross-border Express Connect circuits. For more information, see Select and purchase GA resources.

API references:

CreateListener: creates a listener for a GA instance. You can the HTTP/3 configuration by using the HttpVersion parameter.
UpdateListener: modifies a listener of a GA instance. You can the HTTP/3 configuration by using the HttpVersion parameter.
DeleteListener: deletes a listener of a GA instance.