Skip to content

HTTP 3 Documentation

Jump to bottom Edit New page
Bryan Call edited this page Jan 25, 2023 · 38 revisions

Building the HTTP/3 tools and libraries

These steps assume you already have development packages for building Traffic Server.

1. Install package dependencies

Fedora or RHEL

sudo dnf -y install libev-devel jemalloc-devel python2-devel libxml2-devel c-ares-devel libevent-devel jansson-devel zlib-devel systemd-devel

Ubuntu

sudo apt -y install libev-dev libjemalloc-dev python2-dev libxml2-dev libpython2-dev libc-ares-dev libsystemd-dev libevent-dev libjansson-dev zlib1g-dev

2. Build and install the HTTP/3 tools and libraries

There will be HTTTP/3 versions of curl and h2load under the /opt/bin directory

git clone [email protected]:apache/trafficserver.git
cd trafficserver
git checkout -b 10-Dev origin/10-Dev
./tools/build_h3_tools.sh

3. Building trafficserver with HTTP/3 support

autoreconf -if
mkdir target
cd target
sudo mkdir -p /opt/ats
USER=$(whoami) sudo chown $USER: /opt/ats

gcc configure

../configure --prefix=/opt/ats --enable-ccache --enable-werror --enable-experimental-plugins --enable-example-plugins --with-quiche=/opt/quiche --enable-expensive-tests

ASAN and clang configure

LUAJIT_CFLAGS=-Wno-unused-command-line-argument CC=/bin/clang CXX=/bin/clang++ CLANG_TIDY=/bin/clang-tidy ../configure --prefix=/opt/ats --enable-ccache --enable-werror --enable-experimental-plugins --enable-example-plugins --with-quiche=/opt/quiche --enable-asan --enable-expensive-tests

build and install

make -j install

4. Configuring trafficserver with HTTP/3 support

You will need to generate TLS certificates (see below) if you don't have any already. Below is an example configuration that will work with the benchmarking example.

ETC_DIR=/opt/ats/etc/trafficserver
RECORDS_CONFIG=$ETC_DIR/records.config
REMAP_CONFIG=$ETC_DIR/remap.config
sed -i 's/8080 8080:ipv6/8080 4443:ssl 4443:quic/' $RECORDS_CONFIG
echo "CONFIG proxy.config.udp.threads INT 1" >> $RECORDS_CONFIG
echo "CONFIG proxy.config.diags.show_location INT 2" >> $RECORDS_CONFIG
echo "CONFIG proxy.config.quic.initial_max_streams_bidi_in INT 100000" >> $RECORDS_CONFIG
echo "CONFIG proxy.config.quic.initial_max_streams_bidi_out INT 100000" >> $RECORDS_CONFIG
sed -i 's/CONFIG proxy.config.http.insert_response_via_str INT 0/CONFIG proxy.config.http.insert_response_via_str INT 3/' $RECORDS_CONFIG
echo map / http://127.0.0.1/ @plugin=generator.so >> $REMAP_CONFIG
echo "dest_ip=* ssl_cert_name=$ETC_DIR/localhost.crt ssl_key_name=$ETC_DIR/localhost.key" >> $ETC_DIR/ssl_multicert.config

5. Generating TLS certificates

Create a certificate configuration file

tee -a apache.conf << EOF
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = CA
L = Mountain View
O = Traffic Server
CN = trafficserver.org
[v3_req]
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = *.trafficserver.org
EOF

Create the private and public keys and move them to Traffic Server's configuration directory

openssl req -nodes -x509 -newkey rsa:4096 -keyout private-key.pem -out cert.pem -config apache.conf -sha256 -days 730
ETC_DIR=/opt/ats/etc/trafficserver
mv private-key.pem $ETC_DIR/localhost.key
mv cert.pem $ETC_DIR/localhost.crt

6. Benchmarking HTTP/3

Start ATS

/opt/ats/bin/trafficserver start

Test one request

/opt/bin/curl --http3 https://127.0.0.1:4443/cache/1024

Run h2load

/opt/bin/h2load -n 500000 -c 100 --npn-list=h3 https://127.0.0.1:4443/cache/1024/asdfasdf

You should see output like this below

starting benchmark...
spawning thread #0: 100 total client(s). 500000 total requests
TLS Protocol: TLSv1.3
Cipher: TLS_AES_128_GCM_SHA256
Server Temp Key: X25519 253 bits
Application protocol: h3
progress: 10% done
progress: 20% done
progress: 30% done
progress: 40% done
progress: 50% done
progress: 60% done
progress: 70% done
progress: 80% done
progress: 90% done
progress: 100% done

finished in 8.53s, 58611.15 req/s, 66.12MB/s
requests: 500000 total, 500000 started, 500000 done, 500000 succeeded, 0 failed, 0 errored, 0 timeout
status codes: 500000 2xx, 0 3xx, 0 4xx, 0 5xx
traffic: 564.07MB (591470968) total, 72.93MB (76470968) headers (space savings 35.47%), 488.28MB (512000000) data
UDP datagram: 753325 sent, 1500566 received
                     min         max         mean         sd        +/- sd
time for request:      132us     86.27ms      1.67ms      1.03ms    91.72%
time for connect:    14.81ms     39.15ms     28.11ms      6.83ms    61.00%
time to 1st byte:    54.53ms    105.88ms     75.15ms     11.71ms    69.00%
req/s           :     586.36      623.81      595.43        8.92    83.00%

Copyright 2021, [email protected]. Apache License, Version 2.0

Add a custom sidebar

Clone this wiki locally