.NET Conf 2022 - 2022/11/8-10 Talk: Networking in .NET 7.0 https://sessionize.com/s/karel-zikmund/networking-in-.net-7.0/56535

2. Networking in .NET
7.0
Karel Zikmund
.NET Conf 2022

3. Agenda
• HTTP/3 and QUIC protocols
• Evolution from HTTP/1.1 and HTTP/2
• When and why to use to HTTP/3
• How to use it in .NET 7.0
• Plans for .NET 8.0+
• HTTP/2 WebSockets
• How it differs from HTTP/1.1 WebSockets
• How to use it
• YARP – Yet Another Reverse Proxy
• What is a Reverse Proxy
• Why to use Reverse Proxies
• YARP in production

4. HTTP/1.1
• Textual protocol
• HTTP / HTTPS
• Multiple connections
• TCP slow start – window ramp up
• 3-way handshake (3 RTT)
• 2-way handshake with TLS 1.3
• HTTP Pipelining
• Not used much
• Binary protocol (frames, HPACK)
• HTTPS (also HTTP allowed)
• 1 TCP connection (multiplexing)
• Default: 100 concurrent streams
• 3-way handshake
• 2-way handshake with TLS 1.3
• Head of the line blocking
• TCP packet loss blocks all streams
HTTP/2

5. HTTP/3
• Binary protocol (frames, QPACK)
• HTTPS-only
• 1 QUIC connection
• Default: 100 concurrent streams
• QUIC = UDP + TLS 1.3
• 1-way handshake (1 RTT)
• 0-way handshake (0 RTT)
• Dangerous – replay attacks
• Not yet in .NET 7.0
• No Head of the line blocking
• Blocks only streams from lost packet
• … and more …
• Binary protocol (frames, HPACK)
• HTTPS (also HTTP allowed)
• 1 TCP connection (multiplexing)
• Default: 100 concurrent streams
• 3-way handshake
• 2-way handshake with TLS 1.3
• Head of the line blocking
• TCP packet loss blocks all streams
HTTP/2

6. HTTP/3 – When and Why
• Unreliable networks
• Last mile network
• No Head of the line blocking
• Improved loss recovery
• Transfer between networks
• Mobile scenarios
• Connection ID
• Requires server support
• Enabled on .NET server & client by default
• Support
• 25.1% of all websites
• Major CDNs (Cloudfare, Akamai, …)
• Drawbacks
• Some network appliances don’t support UDP Major browsers – https://caniuse.com/http3

7. QUIC Protocol
• Transport protocol – UDP + TLS 1.3
• Unreliable delivery
• Streaming scenarios
• Not in .NET yet
• Multi-path … also for HTTP/3
• Using multiple network routes to deliver/recieve data
• RFC in progress
• Increase bandwidth (multiple routes)
• Decrease latency (duplicated traffic) – e.g. streaming
• Extensible and versioned protocol

8. HTTP/3 + QUIC in .NET 7.0
• msquic-based – http://github.com/microsoft/msquic
• open-source, cross-platform
• HTTP/3
• .NET 7.0 – GA quality (client and server) on Windows and Linux
• Performance – roughly on par with HTTP/2
• More work expected in .NET 8.0
• QUIC APIs
• .NET 7.0 – GA quality (functionality, stress, etc.) and fully supported
• API shape is Preview (i.e. we reserve right to change API shape in .NET 8.0)
• Looking for consumers to help us validate QUIC API shape and tweak Performance

9. HTTP/3 Usage
• HttpClient
• Defaults to HTTP/1.1
HttpRequestMessage.Version =
HttpVersion.Version30;
• Kestrel server
• Defaults to HTTP/1.1 + HTTP/2
ListenOptions.Protocols
webHost.UseKestrel()
.ConfigureKestrel((context, options) => {
options.ListenAnyIP(5000, listenOptions => {
listenOptions.UseHttps();
listenOptions.Protocols =
HttpProtocols.Http1AndHttp2; //Default setting
});
options.ListenAnyIP(5001, listenOptions => {
listenOptions.UseHttps();
listenOptions.Protocols =
HttpProtocols.Http1AndHttp2AndHttp3;
});
options.ListenAnyIP(5001, listenOptions => {
listenOptions.UseHttps();
listenOptions.Protocols = HttpProtocols.Http3;
});

10. QUIC Usage
• API shape is Preview
• We reserve the right to change API shape in .NET 8.0
• GA quality and fully supported otherwise (functionality, stress, etc.)
• Opt-in in project file:
<PropertyGroup>
<EnablePreviewFeatures>true</EnablePreviewFeatures>
</PropertyGroup>

11. HTTP3 + QUIC in .NET 8.0+
• HTTP/3 enabled by default in Kestrel (already in 8.0)
• More Performance work
• Finalize QUIC API shape
• 0-RTT (as opt-in)
• Support macOS, Mobile platforms (iOS, Android)
• Additional protocols and extensions
• gRPC over HTTP/3
• Multi-path
• WebTransport over HTTP/3
• QUIC Datagram

12. HTTP/2 WebSockets
• Same WebSocket protocol, just over HTTP/2
• Advantage: Reuse HTTP/2 connection – better perf
• Chrome and Edge – enabled by default
• SignalR server + SignalR clients in .NET and JavaScript
• Client usage:
var handler = new SocketsHttpHandler();
ClientWebSocket ws = new();
ws.Options.HttpVersion = HttpVersion.Version20;
ws.Options.HttpVersionPolicy = HttpVersionPolicy.RequestVersionOrLower; //Default
// = HttpVersionPolicy.RequestVersionOrHigher;
ws.ConnectAsync(uri, new HttpMessageInvoker(handler), cancellationToken);

13. HTTP/2 WebSockets
Uses CONNECT word instead of GET – routes may need update:
public class WebSocketController : ControllerBase
{
[HttpConnect("/ws")] // Will be in .NET 8.0 – copy it from #43501
[HttpGet("/ws")]
public async Task Get()
{
if (HttpContext.WebSockets.IsWebSocketRequest)
{
using var webSocket = await HttpContext.WebSockets.AcceptWebSocketAsync();
//...
//Copy from #43501
public class HttpConnectAttribute : HttpMethodAttribute {
public HttpConnectAttribute();
public HttpConnectAttribute([StringSyntax("Route")] string template);
}

14. WebSockets in .NET 8.0+
• HTTP/3 WebSockets
• RFC 9220 – published in June 2022
• WebTransport over HTTP/3 – WebSockets done right
• Draft RFC
• Session with multiple (QUIC) streams
• Multiple sessions on single HTTP/3 connection
• Experimental Kestrel support – see blog post
• HttpClient prototype

15. YARP
• Yet Another Reverse Proxy
• https://microsoft.github.io/reverse-proxy
• Open-source: https://github.com/microsoft/reverse-proxy
• Layer-7 proxy – terminates & re-issues requests
• Other popular reverse proxies: Nginx, HAProxy, Envoy, Ocelot, …
• Extensibility in C#, layered
• Library, not EXE
• Cross-platform – Windows, Linux + arm64, x64, x86
• Great perf
• Latest protocols
• gRPC, HTTP/3, HTTP/2 WebSockets

16. What is a Reverse Proxy?
• Public endpoint
• Load balancing between backend servers
• Can offload work from backend servers: Encryption, Auth, Compression, Caching
Reverse
Proxy
contoso.com/orders
contoso.com/store
woodgrovebank.com
Public Internet Private Internet

17. Reverse Proxies – Why to use them?
• Load balancing
• A/B testing, or Version rollout
• Health checks, health status
• Indirection between URL-space and backend implementation
• API Management – consistent API surface for customers
• Offloading from backend
• Auth, compression, encryption, static files (like CDN)
• Authentication migration
• Cloud to On-prem reverse tunnel (*)
• Route local traffic to remote servers (single point of control and config)
• k8s and Service Fabric ingress control
• .NET Framework migration to .NET Core

18. YARP in Production
App Service
• Blog post
• 160B+ requests / day … 1.9M RPS
• 14M+ host names
• .NET 6.0 + YARP
• Benefits:
• Migration from IIS + ARR / Nginx
• Updates not tied to OS version
• Unified code base (Windows & Linux)
• Perf improvements
• 80% in throughput in perf tests
• Lower CPU usage
• More extensibility points
• New customer scenarios:
• gRPC, HTTP/3, per-host cipher suite config, custom
error pages, …
Dynamics 365
• 100B+ requests / month … 38.5K RPS
• 7.5PB+ petabytes transferred / month

19. YARP – Get Started
5-lines reverse proxy app:
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddReverseProxy()
.LoadFromConfig(builder
.Configuration.GetSection("ReverseProxy"));
var app = builder.Build();
app.MapReverseProxy();
app.Run();
https://microsoft.github.io/reverse-proxy

20. Summary
• HTTP/3 and QUIC support in .NET 7.0
• GA quality
• QUIC API shape may change in .NET 8.0
• Pro: Unreliable networks, Mobile scenarios
• HTTP/2 WebSockets
• Client needs new API call to reuse connection
• Server needs Connect attribute
• YARP
• Library, extensible via C#