HTTP2 scenario coverage #8519
HTTP2 scenario coverage #8519
Conversation
guardrex
force-pushed
the
guardrex/http2
branch
from
5d68a2a to
a31b317
Compare
guardrex
force-pushed
the
guardrex/http2
branch
from
dc140e6 to
1880ef2
Compare
Updates Updates Updates JSON fixes Updates Updates
guardrex
force-pushed
the
guardrex/http2
branch
from
c476775 to
d49d4e6
Compare
| * [Application-Layer Protocol Negotiation (ALPN)](https://tools.ietf.org/html/rfc7301#section-3) connection | ||
| * TLS 1.2 or later connection | ||
|
|
||
| If an HTTP/2 connection is established, [HttpRequest.Protocol](xref:Microsoft.AspNetCore.Http.HttpRequest.Protocol*) reports `HTTP/2`. |
There was a problem hiding this comment.
This is new in 2.2. prior versions reported http/1.1 even for http/2 requests.
| ```csharp | ||
| .ConfigureKestrel((context, options) => | ||
| { | ||
| options.Limits.MaxStreamsPerConnection = 100; |
There was a problem hiding this comment.
Limits.Http2.* for all of these new ones.
|
|
||
| The `Protocols` property establishes the HTTP protocols (`HttpProtocols`) enabled on a connection endpoint or for the server. Assign a value to the `Protocols` property from the `HttpProtocols` enum. | ||
|
|
||
| | `HttpProtocols` enum value | Connection protocol permitted | |
There was a problem hiding this comment.
Tls restrictions:
Http1 - can be used with or without tls
Http2 - primarily used with tls. May be used without tls only if the client supports a Prior Knowledge mode.
Http1AndHttp2 - requires tls & alpn to negotiate http2, otherwise defaults to http1.
There was a problem hiding this comment.
Let me know if you have a link for "Prior Knowledge mode."
There was a problem hiding this comment.
|
|
||
| ## HTTP/2 support | ||
|
|
||
| [HTTP/2](https://httpwg.org/specs/rfc7540.html) is available for ASP.NET Core apps running directly on the [Kestrel server](xref:fundamentals/servers/kestrel#http2-support) if the following base requirements are met: |
There was a problem hiding this comment.
This is a bit odd in the Apache doc. Does Apache support forwarding http/2?
There was a problem hiding this comment.
Perhaps not ... this was one of my points of confusion from your outline. Under "Kestrel: OS," you have ...
Linux W/OpenSSL 1.0.2 (e.g. Ubuntu 16.04)
... which sounds like ur saying that Kestrel can run directly on Linux. I have no personal knowledge beyond what @shirhatti has documented.
There was a problem hiding this comment.
Linux, yes, but these docs are specifically about Apache and Nginx. They are reverse proxies like ANCM. Unless we have http/2 notes specific to them then there's no need to update these.
|
|
||
| ## HTTP/2 support | ||
|
|
||
| [HTTP/2](https://httpwg.org/specs/rfc7540.html) is available for ASP.NET Core apps running directly on the [Kestrel server](xref:fundamentals/servers/kestrel#http2-support) if the following base requirements are met: |
| * Windows Server 2012 R2/Windows 8.1 or later | ||
| * Linux with OpenSSL 1.0.2 or later (for example, Ubuntu 16.04 or later) | ||
| * HTTP/2 will be supported on macOS in a future release. | ||
| * Target framework: ASP.NET Core 2.2 or later |
There was a problem hiding this comment.
.NET Core 2.2, not ASP.NET Core 2.2. .NET 4.x doesn't support ALPN or HTTP/2.
There was a problem hiding this comment.
Should it say "Shared framework: ..." since we don't want to confuse TFMs with this remark?
There was a problem hiding this comment.
TFM is more applicable. In-proc and ALPN both have dependencies on .NET Core 2.2 and don't support .NET 4.x.
| * Target framework: Not applicable to HTTP.sys deployments. | ||
| * [IIS (in-process)](xref:host-and-deploy/iis/index#http2-support) | ||
| * Windows Server 2016/Windows 10 or later; IIS 10 or later | ||
| * Target framework: ASP.NET Core 2.2 or later |
There was a problem hiding this comment.
.NET Core 2.2, no .NET 4.x support for in-proc.
| * Operating system† | ||
| * Windows Server 2012 R2/Windows 8.1 or later | ||
| * Linux with OpenSSL 1.0.2 or later (for example, Ubuntu 16.04 or later) | ||
| * Target framework: ASP.NET Core 2.2 or later |
| | `HttpProtocols` enum value | Connection protocol permitted | | ||
| | -------------------------- | ----------------------------- | | ||
| | `Http1` | HTTP/1.1 only. Can be used with or without TLS. | | ||
| | `Http2` | HTTP/2 only. Primarily used with TLS 1.2 or later. May be used without TLS 1.2 or later only if the client supports a [Prior Knowledge mode](https://tools.ietf.org/html/rfc7540#section-3.4). | |
There was a problem hiding this comment.
1.2 or later is distracting here. It's not about the version, it's a bout TLS vs clear text.
| | -------------------------- | ----------------------------- | | ||
| | `Http1` | HTTP/1.1 only. Can be used with or without TLS. | | ||
| | `Http2` | HTTP/2 only. Primarily used with TLS 1.2 or later. May be used without TLS 1.2 or later only if the client supports a [Prior Knowledge mode](https://tools.ietf.org/html/rfc7540#section-3.4). | | ||
| | `Http1AndHttp2` | HTTP/1.1 and HTTP/2. Requires a TLS 1.2 or later and [Application-Layer Protocol Negotiation (ALPN)](https://tools.ietf.org/html/rfc7301#section-3) connection to negotiate HTTP/2; otherwise, the connection defaults to HTTP/1.1. | |
|
|
||
| * In-process | ||
| * Windows Server 2016/Windows 10 or later; IIS 10 or later | ||
| * Target framework: ASP.NET Core 2.2 or later |
|
|
||
| * Windows Server 2016/Windows 10 or later; IIS 10 or later | ||
| * Edge connections use HTTP/2, but the reverse proxy connection to the [Kestrel server](xref:fundamentals/servers/kestrel) uses HTTP/1.1. | ||
| * Target framework: Not applicable to out-of-process deployments, since the HTTP/2 connection is handled entirely by IIS. |
|
|
||
| ::: moniker-end | ||
|
|
||
| If an HTTP/2 connection is established, [HttpRequest.Protocol](xref:Microsoft.AspNetCore.Http.HttpRequest.Protocol*) reports `HTTP/2`. |
There was a problem hiding this comment.
HttpRequest.Protocol is only set to Http/2 for in proc, not out of proc.
| `Http2.MaxStreamsPerConnection` limits the number of concurrent request streams per HTTP/2 connection. Excess streams are refused. | ||
|
|
||
| ```csharp | ||
| .ConfigureKestrel((context, options) => |
There was a problem hiding this comment.
Indicate where this code belongs.
There was a problem hiding this comment.
nah ..... changed my mind lol
Let me see if I can deal with all 12 of these instances right now. The sample issue tho still remains, and so does the issue to address Kestrel topic sections/section headers.
| The following example permits HTTP/1.1 and HTTP/2 connections on port 8000. Connections are secured by TLS with a supplied certificate: | ||
|
|
||
| ```csharp | ||
| options.Listen(IPAddress.Any, 8000, listenOptions => |
There was a problem hiding this comment.
Indicate where this code belongs.
|
@scottaddie kk --- that might† get every one, including †This topic has become a 🐻 to work on. IIRC there will be overlap between 1.x and 3.0, as I think 1.x probably depreciates after 3.0 RTM. I pray to the 🙏 server gods 🙏 for file versioning by then. |
|
ty @scottaddie @Tratcher U ok with the latest updates? |
|
|
Fixes #7161
Internal Review Topic (Servers landing page)
Internal Review Topic (Kestrel)
Internal Review Topic (HTTP.sys)
Internal Review Topic (IIS)
Internal Review Topic (Linux Nginx)
Internal Review Topic (Linux Apache)
No doubt in need of corrections and additions. I still had to guess on a few items, but it should be easy to sort these spots out on review.
Opened Add API links to HTTP/2 content #8518 to update the API references to links.