3. Agenda
• HTTP/3 and QUIC protocols
• Evolution from HTTP/1.1 and HTTP/2
• When and why to use to HTTP/3
• How to use it in .NET 7.0
• Plans for .NET 8.0+
• HTTP/2 WebSockets
• How it differs from HTTP/1.1 WebSockets
• How to use it
• YARP – Yet Another Reverse Proxy
• What is a Reverse Proxy
• Why to use Reverse Proxies
• YARP in production
4. HTTP/1.1
• Textual protocol
• HTTP / HTTPS
• Multiple connections
• TCP slow start – window ramp up
• 3-way handshake (3 RTT)
• 2-way handshake with TLS 1.3
• HTTP Pipelining
• Not used much
• Binary protocol (frames, HPACK)
• HTTPS (also HTTP allowed)
• 1 TCP connection (multiplexing)
• Default: 100 concurrent streams
• 3-way handshake
• 2-way handshake with TLS 1.3
• Head of the line blocking
• TCP packet loss blocks all streams
HTTP/2
5. HTTP/3
• Binary protocol (frames, QPACK)
• HTTPS-only
• 1 QUIC connection
• Default: 100 concurrent streams
• QUIC = UDP + TLS 1.3
• 1-way handshake (1 RTT)
• 0-way handshake (0 RTT)
• Dangerous – replay attacks
• Not yet in .NET 7.0
• No Head of the line blocking
• Blocks only streams from lost packet
• … and more …
• Binary protocol (frames, HPACK)
• HTTPS (also HTTP allowed)
• 1 TCP connection (multiplexing)
• Default: 100 concurrent streams
• 3-way handshake
• 2-way handshake with TLS 1.3
• Head of the line blocking
• TCP packet loss blocks all streams
HTTP/2
6. HTTP/3 – When and Why
• Unreliable networks
• Last mile network
• No Head of the line blocking
• Improved loss recovery
• Transfer between networks
• Mobile scenarios
• Connection ID
• Requires server support
• Enabled on .NET server & client by default
• Support
• 25.1% of all websites
• Major CDNs (Cloudfare, Akamai, …)
• Drawbacks
• Some network appliances don’t support UDP Major browsers – https://caniuse.com/http3
7. QUIC Protocol
• Transport protocol – UDP + TLS 1.3
• Unreliable delivery
• Streaming scenarios
• Not in .NET yet
• Multi-path … also for HTTP/3
• Using multiple network routes to deliver/recieve data
• RFC in progress
• Increase bandwidth (multiple routes)
• Decrease latency (duplicated traffic) – e.g. streaming
• Extensible and versioned protocol
8. HTTP/3 + QUIC in .NET 7.0
• msquic-based – http://github.com/microsoft/msquic
• open-source, cross-platform
• HTTP/3
• .NET 7.0 – GA quality (client and server) on Windows and Linux
• Performance – roughly on par with HTTP/2
• More work expected in .NET 8.0
• QUIC APIs
• .NET 7.0 – GA quality (functionality, stress, etc.) and fully supported
• API shape is Preview (i.e. we reserve right to change API shape in .NET 8.0)
• Looking for consumers to help us validate QUIC API shape and tweak Performance
10. QUIC Usage
• API shape is Preview
• We reserve the right to change API shape in .NET 8.0
• GA quality and fully supported otherwise (functionality, stress, etc.)
• Opt-in in project file:
<PropertyGroup>
<EnablePreviewFeatures>true</EnablePreviewFeatures>
</PropertyGroup>
11. HTTP3 + QUIC in .NET 8.0+
• HTTP/3 enabled by default in Kestrel (already in 8.0)
• More Performance work
• Finalize QUIC API shape
• 0-RTT (as opt-in)
• Support macOS, Mobile platforms (iOS, Android)
• Additional protocols and extensions
• gRPC over HTTP/3
• Multi-path
• WebTransport over HTTP/3
• QUIC Datagram
12. HTTP/2 WebSockets
• Same WebSocket protocol, just over HTTP/2
• Advantage: Reuse HTTP/2 connection – better perf
• Chrome and Edge – enabled by default
• SignalR server + SignalR clients in .NET and JavaScript
• Client usage:
var handler = new SocketsHttpHandler();
ClientWebSocket ws = new();
ws.Options.HttpVersion = HttpVersion.Version20;
ws.Options.HttpVersionPolicy = HttpVersionPolicy.RequestVersionOrLower; //Default
// = HttpVersionPolicy.RequestVersionOrHigher;
ws.ConnectAsync(uri, new HttpMessageInvoker(handler), cancellationToken);
13. HTTP/2 WebSockets
Uses CONNECT word instead of GET – routes may need update:
public class WebSocketController : ControllerBase
{
[HttpConnect("/ws")] // Will be in .NET 8.0 – copy it from #43501
[HttpGet("/ws")]
public async Task Get()
{
if (HttpContext.WebSockets.IsWebSocketRequest)
{
using var webSocket = await HttpContext.WebSockets.AcceptWebSocketAsync();
//...
//Copy from #43501
public class HttpConnectAttribute : HttpMethodAttribute {
public HttpConnectAttribute();
public HttpConnectAttribute([StringSyntax("Route")] string template);
}
14. WebSockets in .NET 8.0+
• HTTP/3 WebSockets
• RFC 9220 – published in June 2022
• WebTransport over HTTP/3 – WebSockets done right
• Draft RFC
• Session with multiple (QUIC) streams
• Multiple sessions on single HTTP/3 connection
• Experimental Kestrel support – see blog post
• HttpClient prototype
15. YARP
• Yet Another Reverse Proxy
• https://microsoft.github.io/reverse-proxy
• Open-source: https://github.com/microsoft/reverse-proxy
• Layer-7 proxy – terminates & re-issues requests
• Other popular reverse proxies: Nginx, HAProxy, Envoy, Ocelot, …
• Extensibility in C#, layered
• Library, not EXE
• Cross-platform – Windows, Linux + arm64, x64, x86
• Great perf
• Latest protocols
• gRPC, HTTP/3, HTTP/2 WebSockets
16. What is a Reverse Proxy?
• Public endpoint
• Load balancing between backend servers
• Can offload work from backend servers: Encryption, Auth, Compression, Caching
Reverse
Proxy
contoso.com/orders
contoso.com/store
woodgrovebank.com
Public Internet Private Internet
17. Reverse Proxies – Why to use them?
• Load balancing
• A/B testing, or Version rollout
• Health checks, health status
• Indirection between URL-space and backend implementation
• API Management – consistent API surface for customers
• Offloading from backend
• Auth, compression, encryption, static files (like CDN)
• Authentication migration
• Cloud to On-prem reverse tunnel (*)
• Route local traffic to remote servers (single point of control and config)
• k8s and Service Fabric ingress control
• .NET Framework migration to .NET Core
18. YARP in Production
App Service
• Blog post
• 160B+ requests / day … 1.9M RPS
• 14M+ host names
• .NET 6.0 + YARP
• Benefits:
• Migration from IIS + ARR / Nginx
• Updates not tied to OS version
• Unified code base (Windows & Linux)
• Perf improvements
• 80% in throughput in perf tests
• Lower CPU usage
• More extensibility points
• New customer scenarios:
• gRPC, HTTP/3, per-host cipher suite config, custom
error pages, …
Dynamics 365
• 100B+ requests / month … 38.5K RPS
• 7.5PB+ petabytes transferred / month
19. YARP – Get Started
5-lines reverse proxy app:
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddReverseProxy()
.LoadFromConfig(builder
.Configuration.GetSection("ReverseProxy"));
var app = builder.Build();
app.MapReverseProxy();
app.Run();
https://microsoft.github.io/reverse-proxy
20. Summary
• HTTP/3 and QUIC support in .NET 7.0
• GA quality
• QUIC API shape may change in .NET 8.0
• Pro: Unreliable networks, Mobile scenarios
• HTTP/2 WebSockets
• Client needs new API call to reuse connection
• Server needs Connect attribute
• YARP
• Library, extensible via C#
Editor's Notes
HPACK – compression of headers, not using textual names, but indexes into table
RTT – Round-Trip-Time … matters between Datacenters, or from remote clients (Sydney <-> LA/London) – 160ms+ (theoretical)
Might be valuable between data-centers
Server 2 Server in same data-center might not bring value
Preview in .NET 6.0 – experimental, under a switch
HTTP/3 enabled by default in Kestrel 8.0 - https://github.com/dotnet/aspnetcore/pull/44217 (early October)
gRPC – James Newton King has implementation, used to write the RFC
https://github.com/grpc/proposal/blob/master/G2-http3-protocol.md
WebTransport – WebSockets done right, will talk later
You have to supply handler / HttpClient yourself to share HTTP/2 connection
Automatic pooling is bad (ServicePoint / HttpWebRequest)
We throw for ConnectAsync without handler
9/30 – Blog post - https://devblogs.microsoft.com/dotnet/experimental-webtransport-over-http-3-support-in-kestrel/
Not Lua / C++ … Nginx & HAProxy
On Windows runs better than most other proxies
Can run in IIS and HTTP.sys
Public benchmarks
Community: Node.js migration – throughput was ~6-7x greater on ASP .NET Core; P99 latency was ~2-4x better on ASP .NET Core.
Drives innovation and perf improvements into .NET
For example: Ingress for k8s and Service Fabric
API Management solution - consistent API surface for customers backed by multitude of micro-services (replace Azure API Management)
Routing local traffic to remote servers (single point of control and config)
Like forward proxy, but client does not have to be aware of it
(*) – 100 lines of code
App Service:
Announced 8/24 (2022)
Dynamics:
.NET Conf 2021