Inkampani ye-Cloudflare ukuhlinzeka ngosekelo lwephrothokholi ye-HTTP/3 ku-NGINX. Imojula yakhelwe njengesengezo kumtapo wolwazi othuthukiswe yi-Cloudflare ngokusetshenziswa kwephrothokholi yezokuthutha ye-QUIC ne-HTTP/3. Ikhodi ye-quiche ibhalwe ku-Rust, kodwa imojula ye-NGINX ngokwayo ibhalwe ku-C futhi ifinyelela umtapo wezincwadi usebenzisa ukuxhumanisa okunamandla. Intuthuko ngaphansi kwelayisensi ye-BSD.
Ukuze uhlanganise, vele ulande nginx 1.16 kanye quiche, bese wakha kabusha i-nginx ngezinketho ββwith-http_v3_module βwith-quiche=../quicheβ. Lapho wakha, usekelo lwe-TLS kufanele lusekelwe kulabhulali ye-BoringSSL (β--with-openssl=../quiche/deps/boringsslβ), ukusetshenziswa kwe-OpenSSL akukakasekelwa. Ukuze wamukele ukuxhumana, udinga ukwengeza isiqondiso sokulalela ngefulegi elithi βquicβ kuzilungiselelo (isibonelo, βlalela 443 quic reuseportβ).
Kusofthiwe yeklayenti, usekelo lwe-HTTP/3 seluvele lwengeziwe ekwakhiweni kokuhlola kwe-Chrome Canary kanye nesisetshenziswa se-curl. Ohlangothini lweseva, kuze kube manje kwakudingeka ukusebenzisa okuhlukene, okulinganiselwe . Ikhono lokucubungula i-HTTP/3 ku-nginx lizokwenza kube lula kakhulu ukuthunyelwa kwamaseva ngokusekelwa kwe-HTTP/3 futhi kuzokwenza ukuqaliswa kokuhlolwa kwephrothokholi entsha kufinyeleleke kalula. Ukuvela kosekelo olujwayelekile lwe-HTTP/3 ku-nginx egatsheni le-1.17.x izinyanga ezingu-6-12.
Khumbula ukuthi i-HTTP/3 ilinganisa ukusetshenziswa kwephrothokholi ye-QUIC njengendlela yokuthutha ye-HTTP/2. Iphrothokholi (I-Quick UDP Internet Connections) ithuthukiswe yi-Google kusukela ngo-2013 njengenye indlela yenhlanganisela ye-TCP+TLS Yewebhu, ukuxazulula izinkinga zokusetha okude kanye nezikhathi zokuxoxisana zoxhumo ku-TCP kanye nokuqeda ukubambezeleka lapho amaphakethe elahleka phakathi nokudluliswa kwedatha. I-QUIC iyisandiso sephrothokholi ye-UDP esekela ukuphindwaphindwa kokuxhumana okuningi futhi inikeza izindlela zokubethela ezilingana ne-TLS/SSL.
main QUIC:
- Ukuvikeleka okuphezulu okufana ne-TLS (empeleni i-QUIC inikeza ikhono lokusebenzisa i-TLS phezu kwe-UDP);
- Ukulawula ubuqotho bokugeleza, ukuvimbela ukulahlekelwa kwephakethe;
- Ikhono lokusungula ngokushesha uxhumano (0-RTT, cishe ku-75% wedatha yamacala ingadluliselwa ngokushesha ngemva kokuthumela iphakethe lokusetha uxhumano) futhi inikeze ukubambezeleka okuncane phakathi kokuthumela isicelo nokuthola impendulo (i-RTT, Isikhathi Sohambo Olujikelezayo);
- Ukungasebenzisi inombolo efanayo yokulandelana lapho uthumela kabusha iphakethe, okugwema ukungaqondakali ekukhombeni amaphakethe atholiwe futhi kususe ukuphela kwesikhathi;
- Ukulahleka kwephakethe kuthinta kuphela ukulethwa kokusakaza okuhlotshaniswa nayo futhi akuvimbi ukulethwa kwedatha emifudlaneni ehambisanayo edluliselwa ngoxhumo lwamanje;
- Izici zokulungiswa kwephutha ezinciphisa ukubambezeleka ngenxa yokudluliselwa kabusha kwamaphakethe alahlekile. Ukusetshenziswa kwamakhodi akhethekile okulungisa amaphutha ezingeni lephakethe ukunciphisa izimo ezidinga ukudluliswa kabusha kwedatha yephakethe elahlekile.
- Imingcele ye-Cryptographic block iqondaniswe nemingcele yephakethe ye-QUIC, enciphisa umthelela wokulahlekelwa kwephakethe ekuhlukaniseni okuqukethwe kwamaphakethe alandelayo;
- Azikho izinkinga ngokuvinjwa komugqa we-TCP;
- Ukusekela okokuhlonza uxhumano, okunciphisa isikhathi esisithathayo ukuze kusungulwe ukuxhuma kabusha kwamaklayenti eselula;
- Amathuba okuxhuma izindlela zokulawula ukuminyana okuthuthukile;
- Isebenzisa amasu okubikezela kokuphuma kokuqondisa ngakunye ukuze kuqinisekiswe ukuthi amaphakethe athunyelwa ngezilinganiso ezifanele, ukuwavimbela ekubeni aminyene futhi abangele ukulahleka kwephakethe;
- Kuyaqondakala ukusebenza kanye nokuphumayo uma kuqhathaniswa ne-TCP. Ezinsizeni zevidiyo ezifana ne-YouTube, i-QUIC ikhonjiswe ukuthi yehlisa ukusebenza kokulungisa iphutha lapho ubuka amavidiyo ngo-30%.
Source: opennet.ru