Current time: 12-13-2017, 07:53 AM Hello There, Guest! (LoginRegister)

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
New Http2 implementation
05-06-2016, 06:57 AM
Post: #1
New Http2 implementation
Our site has had H2 running for only 48 hours.
We also moved to a h2 cdn which is Cdn77.
Take a look at the waterfall and this test and tell me if this seems right.
Are we missing something?
thank you
Brian
http://www.webpagetest.org/result/160505...1/details/
Find all posts by this user
Quote this message in a reply
05-06-2016, 09:32 AM (This post was last modified: 05-06-2016 09:33 AM by GreenGecko.)
Post: #2
RE: New Http2 implementation
looks about right. Not sure where the first line comes from - I use the same services and don't see it on my site for example... the relevant part of my nginx config for stapling ( using a local caching DNS server ) is:

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 192.168.122.1 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;

What in particular are you worried about?

EDIT: I think it's a moot point not supporting TLS 1.0 at this point...
Find all posts by this user
Quote this message in a reply
05-07-2016, 01:53 AM
Post: #3
RE: New Http2 implementation
I am just wondering if the waterfall is correct for an http2 site.
Since this is so new just checking to make sure we are not missing anything.
(05-06-2016 09:32 AM)GreenGecko Wrote:  looks about right. Not sure where the first line comes from - I use the same services and don't see it on my site for example... the relevant part of my nginx config for stapling ( using a local caching DNS server ) is:

# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 192.168.122.1 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;

What in particular are you worried about?

EDIT: I think it's a moot point not supporting TLS 1.0 at this point...
Find all posts by this user
Quote this message in a reply
05-07-2016, 03:03 AM
Post: #4
RE: New Http2 implementation
(05-06-2016 06:57 AM)brian@shopbakersnook.com Wrote:  Our site has had H2 running for only 48 hours.
We also moved to a h2 cdn which is Cdn77.
Take a look at the waterfall and this test and tell me if this seems right.
Are we missing something?
thank you
Brian
http://www.webpagetest.org/result/160505...1/details/


You may want to double-check either your CDN configuration or the HTML links on your site.

With HTTP/2, all requests to your site should go to https://shopbakersnook.com, even though they're being served by the CDN. The waterfall shows that this happens for most of your requests, but not for others, especially any of the images.

If you look at the Connection View, there is one connection to your site's domain, but there's also another connection to https://1671625845.rsc.cdn77.org.

So you effectively, your website is serving it's data from two HTTP/2 domains.

This will reduce the effectiveness of HTTP. This is kind of like domain sharding, which used to be something to improve performance with HTTP/1.1, but not with HTTP/2.

So I would check to see where this is happening. Is it a CDN config issue or are your HTML links pointing directly to those image assets at CDN77? Based on a couple HTTP responses I looked at, the latter doesn't seem to be the case, but I'd double-check anyway.

Also, you may want to check that your certificate (or whoever owns it) hasn't expired. OCSP requests mean that the browser is checking the status of that certificate. That's the reason for the first line. You shouldn't see this if the certificate is valid.

Jean Tunis
Principal Consultant, RootPerformance Consulting
http://www.websiteevals.com
Author, Analyzing HTTP
http://www.analyzinghttp.com
Find all posts by this user
Quote this message in a reply
05-07-2016, 03:13 AM
Post: #5
RE: New Http2 implementation
Thank you we are checking today..
(05-07-2016 03:03 AM)beyondstop Wrote:  
(05-06-2016 06:57 AM)brian@shopbakersnook.com Wrote:  Our site has had H2 running for only 48 hours.
We also moved to a h2 cdn which is Cdn77.
Take a look at the waterfall and this test and tell me if this seems right.
Are we missing something?
thank you
Brian
http://www.webpagetest.org/result/160505...1/details/


You may want to double-check either your CDN configuration or the HTML links on your site.

With HTTP/2, all requests to your site should go to https://shopbakersnook.com, even though they're being served by the CDN. The waterfall shows that this happens for most of your requests, but not for others, especially any of the images.

If you look at the Connection View, there is one connection to your site's domain, but there's also another connection to https://1671625845.rsc.cdn77.org.

So you effectively, your website is serving it's data from two HTTP/2 domains.

This will reduce the effectiveness of HTTP. This is kind of like domain sharding, which used to be something to improve performance with HTTP/1.1, but not with HTTP/2.

So I would check to see where this is happening. Is it a CDN config issue or are your HTML links pointing directly to those image assets at CDN77? Based on a couple HTTP responses I looked at, the latter doesn't seem to be the case, but I'd double-check anyway.

Also, you may want to check that your certificate (or whoever owns it) hasn't expired. OCSP requests mean that the browser is checking the status of that certificate. That's the reason for the first line. You shouldn't see this if the certificate is valid.
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)