WebPagetest Forums
HTTP2 multi-origin connection sharing vs DNS requests - Printable Version

+- WebPagetest Forums (https://www.webpagetest.org/forums)
+-- Forum: Web Performance (/forumdisplay.php?fid=3)
+--- Forum: Discuss Test Results (/forumdisplay.php?fid=4)
+--- Thread: HTTP2 multi-origin connection sharing vs DNS requests (/showthread.php?tid=15517)



HTTP2 multi-origin connection sharing vs DNS requests - jakub - 10-18-2018 11:05 PM

I'm trying to understand the behavior observed in my tests.

We use an HTTP2-enabled CDN that is available under multiple domain names (that all resolve to the same IP at the end for a given user, normally -- unless the DNS requests happen at different time and the load balancing kicks in), for example:

https://static1.dmcdn.net/
https://static2-ssl.dmcdn.net/
etc.

The domains were created long time ago for sharding + differentiating http vs https calls, but essentially they are all equivalent nowadays.

I was thinking this would be an antipattern as it would cause a DNS+TCP+TLS for each of those domains, but actually it's not true. It seems that HTTP2 is intelligent enough to reuse the connection even across the domains if it's sure it's talking to the same server.

Test page:
https://jg-testpage.github.io/wpt/cdn-shared-connect.html

Firefox: https://www.webpagetest.org/result/181018_78_f66020aacc692b81d867f02e22acf6ae/1/details/#waterfall_view_step1
Chrome: https://www.webpagetest.org/result/181018_F4_f9f28a63b4e5f6ddb63ac269c597f1b5/3/details/#waterfall_view_step1

As you can see, Chrome immediately reuses the existing h2 connection (no DNS, no TCP, no TLS).
Firefox does a DNS query first, and then reuses the existing h2 connection (no TCP, no TLS).

I can explain the behavior of Firefox:
- DNS request to both servers, notices the same IP
- TLS handshake returns a cert with `*.dmcdn.net, dmcdn.net` subjectAltName

What is surprising to me though is that Chrome doesn't do DNS request to get IP of the second server. How does it know that `static1` and `static2-ssl` are the same thing then?


RE: HTTP2 multi-origin connection sharing vs DNS requests - jakub - 10-19-2018 12:17 AM

Having read a bit, seems that the things I observed are known as "connection coalescing" and "ORIGIN frame", and that Chrome (and Safari) support ORIGIN frame without the DNS query.

(edited): But apparently only Firefox has implemented ORIGIN frame as of today:

https://bugzilla.mozilla.org/show_bug.cgi?id=1337791
https://bugs.chromium.org/p/chromium/issues/detail?id=697333

So I'm still puzzled how the requests to the two subdomains get merged into one H2 connection in Chrome, and the second subdomain doesn't trigger a DNS request?


RE: HTTP2 multi-origin connection sharing vs DNS requests - andydavies - 10-25-2018 09:29 PM

Appears there's a second DNS requesting being made in the Chrome case

Doesn't appear in the waterfall but it's in the packet capture

https://www.webpagetest.org/result/181025_DF_af89f7bd12a0ba8a57b3a77c1bdf0b6a/1/details/#waterfall_view_step1


RE: HTTP2 multi-origin connection sharing vs DNS requests - jakub - 10-26-2018 02:14 AM

@andydavies Thanks a lot!