Confirmed that HAProxy has implemented rfc8441 extended CONNECT its going to be in the next release git.haproxy.org/?p=haproxy.git&a=search&h=HEAD&st=commit&s=websocket
@Hussein Nasser 06:19 "HTTP/2 sounds Greek to you" ..it's always funny hearing that in a conversation, since I am from Greece and the equivalent here is "HTTP/2 sounds Chinese to you". 👀 Great content, keep it up!
RFCs are nice reads, and come to think of it. This are some brilliant solutions that even I as an IT professional couldnt wrap my head sometimes. But if I take time and understand the technical details. They solve a lot of problems of the modern internet.
Wrt Head of line blocking. Would a websocket H2 connection with one front-end client facing a dropped packet, block the rest of the clients using different streams in the same connection?
Correct, this is a limitation of the h2 protocol being on top of TCP. However dropped packets are highly unlikely to happen in his case because we should be tucked-in on the backend on a high bandwidth local network between LB/ backend servers.
Understanding that the proxies that we use support it and architecting our apps around that. You will not necessarily interact with HTTP/2 streams at that low level unless you are building a proxy/webserver from scratch
@@hnasr so for example if I build a springboot app with netty, and an http1 websocket upgrade request comes in or an http2 connect comes in, I don't need to do anything differently? (assuming netty is correctly configured).
WebSockets and HTTP/2 has always been some kind of ugly stepchild, when HTTP/2 was being created they couldn't figure it out how best to handle it and just said: not in this RFC, do it later. 5:48 so basically you should have said stream not connection here ? McManus doesn't work for Mozilla anymore he works at Fastly now. Does that have an impact on this RFC moving forward ? 10:19 Your Slack example was a good one. Maybe someone from Slack should get involved ? 12:52 this might very well be the case, they are not using HTTP/2 on the backend. Probably have lots of services running which just accept TCP-clients. But it might be 'not yet'. 14:30 I think this is what people are really interested in, QUIC
What you are describing is essentially TLS Passthrough, this method is more secure because your proxy doesn’t have to terminate TLS, however it still wastes a connection on the server instead of multiplexing multiple client connections into one backend connection. Regardless of TLS termination or TLS Passthrough, we need multiplexing on the backend for efficiency.
Confirmed that HAProxy has implemented rfc8441 extended CONNECT its going to be in the next release git.haproxy.org/?p=haproxy.git&a=search&h=HEAD&st=commit&s=websocket
good stuff, well presented and digestible too, of course I WANT MORE lol.
@Hussein Nasser 06:19 "HTTP/2 sounds Greek to you" ..it's always funny hearing that in a conversation, since I am from Greece and the equivalent here is "HTTP/2 sounds Chinese to you". 👀
Great content, keep it up!
Hahaha I should have said unless your from Greece. All love to subs from 🇬🇷
RFCs are nice reads, and come to think of it. This are some brilliant solutions that even I as an IT professional couldnt wrap my head sometimes. But if I take time and understand the technical details. They solve a lot of problems of the modern internet.
God knows how many awesome technologies are hidden gemstones in the dry, non-hypey cloth. Thanks!
Rfcs are hard to read sometimes. I was reading something and then I find myself constantly clicking the links one after another.
I still do that when the tech is new to me, agree hard and dry
@@hnasr What's best practice learning and understanding them on the fly, as u reading?
nice cut my dude.
Absolute lovely. Can we have a implementation video?
Like your hairstyle. Gentleman!
Nice haircut! :D good content keep it up!
Hussein have you tried uWebsocket, I have seen unbelievable benchmarks. We would love to hear from you about that
Nice haircut bro
شكرا ابو ناصر
❤️ تسلم عزيزي سعد
Wrt Head of line blocking. Would a websocket H2 connection with one front-end client facing a dropped packet, block the rest of the clients using different streams in the same connection?
Correct, this is a limitation of the h2 protocol being on top of TCP. However dropped packets are highly unlikely to happen in his case because we should be tucked-in on the backend on a high bandwidth local network between LB/ backend servers.
There are also issues with multiplexing multiple TCP sessions onto a single backend TCO connection. Head of line blocking comes to mind.
Can we do this for aws load balancer(ALB)..
interesting stuff. I have yet to work on a project using web sockets. might need to play with that
inclined towards networking nowadays.. more latest technologies pls.
Akamai does this by default when is implemented
Look at the haircut, nice look
How do we as developers both backend and frontend take advantage of websockets over http2 tho.
Understanding that the proxies that we use support it and architecting our apps around that. You will not necessarily interact with HTTP/2 streams at that low level unless you are building a proxy/webserver from scratch
@@hnasr so for example if I build a springboot app with netty, and an http1 websocket upgrade request comes in or an http2 connect comes in, I don't need to do anything differently? (assuming netty is correctly configured).
WebSockets and HTTP/2 has always been some kind of ugly stepchild, when HTTP/2 was being created they couldn't figure it out how best to handle it and just said: not in this RFC, do it later.
5:48 so basically you should have said stream not connection here ?
McManus doesn't work for Mozilla anymore he works at Fastly now. Does that have an impact on this RFC moving forward ?
10:19 Your Slack example was a good one. Maybe someone from Slack should get involved ?
12:52 this might very well be the case, they are not using HTTP/2 on the backend. Probably have lots of services running which just accept TCP-clients. But it might be 'not yet'.
14:30 I think this is what people are really interested in, QUIC
What happens if you redirect the websocket connection straight to the server port, and let it handle ssl itself?
What you are describing is essentially TLS Passthrough, this method is more secure because your proxy doesn’t have to terminate TLS, however it still wastes a connection on the server instead of multiplexing multiple client connections into one backend connection.
Regardless of TLS termination or TLS Passthrough, we need multiplexing on the backend for efficiency.
Noice hircut
fresshhhhh guy
barber messed up up mate
I think I don't understand it.
nice cute