Shirkadda Cloudflare si loo bixiyo taageerada borotokoolka HTTP/3 ee NGINX. Cutubka waxa loo nashqadeeyay in lagu daro maktabad ay samaysay Cloudflare iyadoo la fulinayo nidaamka QUIC iyo HTTP/3 ee gaadiidka. Koodhka quiche wuxuu ku qoran yahay Rust, laakiin NGINX moduleka laftiisa wuxuu ku qoran yahay C wuxuuna gelayaa maktabadda isagoo isticmaalaya isku xirka firfircoon. Horumarka hoos yimaada shatiga BSD.
Si aad isugu soo ururiso, kaliya soo deji ilaa nginx 1.16 iyo maktabadaha quiche, ka dibna dib u dhis nginx oo leh xulashooyinka "-with-http_v3_module -with-quiche=../quiche". Marka la dhisayo, taageerada TLS waa in lagu saleeyaa maktabadda BoringSSL ("-with-openssl=../quiche/deps/boringssl"), isticmaalka OpenSSL weli lama taageero. Si aad u aqbasho isku xidhka, waxaad u baahan tahay inaad ku darto dardaaranka dhegaysiga calanka βquicβ ee goobaha (tusaale, βdhegayso 443 quic reuseportβ).
Software-ka macmiilka, taageerada HTTP/3 ayaa mar hore lagu daray dhismooyinka tijaabada ah ee Chrome Canary iyo utility curl. Dhinaca server-ka, ilaa hadda waxay ahayd lagama maarmaan in la isticmaalo gooni, xaddidan . Awoodda lagu socodsiiyo HTTP/3 ee nginx waxay si weyn u fududayn doontaa dirida server-yada leh taageerada HTTP/3 waxayna ka dhigi doontaa hirgelinta tijaabada ee borotokoolka cusub mid la heli karo. Soo ifbaxa taageerada caadiga ah ee HTTP/3 ee nginx ee laanta 1.17.x ee 6-12 bilood.
Xusuusnow in HTTP/3 ay habaynayso isticmaalka borotokoolka QUIC gaadiid ahaan HTTP/2. Baratakoolka (Xiriirka Internetka ee Degdegga ah ee UDP) waxaa soo saaray Google tan iyo 2013 si ay u beddesho TCP + TLS isku-darka Shabakadda, xallinta mashaakilaadka habaynta dheer iyo waqtiyada gorgortanka ee isku xirka TCP iyo baabi'inta dib-u-dhacyada marka xirmooyinka la lumiyo inta lagu jiro wareejinta xogta. QUIC waa kordhinta borotokoolka UDP ee taageera isku dhufashada isku xirnaanta badan oo bixisa habab sir ah oo u dhigma TLS/SSL.
Main QUIC:
- Nabadgelyo sare oo la mid ah TLS (asal ahaan QUIC waxay bixisaa awoodda TLS ee UDP);
- Xakamaynta daacadnimada socodka, ka hortagga luminta xirmooyinka;
- Awoodda in si degdeg ah loo sameeyo xiriir (0-RTT, qiyaastii 75% xogta kiisaska waxaa la gudbin karaa isla markiiba ka dib marka la diro xirmada dejinta isku xirka) iyo bixinta dib u dhigista ugu yar inta u dhaxaysa diritaanka codsiga iyo helitaanka jawaabta (RTT, Waqtiga Safarka Wareegga);
- Aan la isticmaalin isla lambarka isku xigxiga marka dib loo gudbinayo xirmo, kaas oo ka fogaanaya madmadowga aqoonsiga xirmooyinka la helay oo meesha ka saaraya waqtiyada;
- Luminta baakidhku waxa ay saamaysaa oo keliya bixinta qulqulka la xidhiidha oo ma joojinayso gudbinta xogta ee durdurrada barbar socda ee lagu kala qaado xidhiidhka hadda jira;
- Astaamaha sixitaanka khaladka ee yareeya dib u dhaca sababtoo ah dib u gudbinta xirmooyinka lumay. Isticmaalka koodka sixitaanka qaladka gaarka ah ee heerka xirmada si loo yareeyo xaaladaha u baahan dib u gudbinta xogta xirmada luntay.
- Xudduudaha xannibaadda Cryptographic waxay la jaan qaadayaan xuduudaha xirmada ee QUIC, taas oo yaraynaysa saamaynta khasaaraha baakidhku ku yeelanayo dejinta koodka baakadaha xiga;
- Wax dhibaato ah ma laha xidhitaanka safka TCP;
- Taageerada aqoonsiga xidhiidhka, taas oo yaraynaysa wakhtiga ay qaadanayso in la sameeyo dib u xidhidh macaamiisha moobaylka;
- Suurtagalnimada in lagu xidho hababka xakamaynta ciriiriga ee xidhiidhka sare;
- Wuxuu adeegsadaa farsamooyinka saadaasha wax-soo-saarka jiho kasta si loo hubiyo in baakadaha lagu soo diro heerar wanaagsan, ka hortagga inay noqdaan kuwo ciriiri ah oo keenaya khasaare baakidh;
- La dareemi karo waxqabadka iyo wax soo saarka marka la barbar dhigo TCP. Adeegyada fiidyaha sida YouTube, QUIC waxa la tusay inay hoos u dhigto hawlgallada dib-u-celinta marka la daawado fiidyaha 30%.
Source: opennet.ru