Is HTTP/2 really worth it?

TL;DR: Yes, but…

Background

HTTP has been the protocol the web has been built on since 1991 when version 0.9 was released. It has been the back bone technology nearly every network communicating device relies on. And for 24 years HTTP remained largely unchanged. But as all things time marches forward and so does technology. In 2015 HTTP2 was released to the world. With encrypting as a mandatory part of the technology it bring security; with multiplexing it brings increased response rate to resource requests, and with a push ability the server can respond with resources before the client even requests them. All this and more combine to make a very impressive iteration of the protocol.

Configuration

Using a very basic LEMP stack I setup a basic web server, then abused it with 10 requests per second over 5 minutes. This provides a baseline of the performance to expect from a specific set of hardware. Then I configured a SSL certification (as required for HTTP/2). Followed by a minor edit of the Nginx configuration blasted the same server with the same load. The result was a 1 for 1 comparison between HTTP 1.1 and version 2. The repo can be reviews over on GitHub.

10 users per second for 5 minutes, poor little web server.

The Good, The Bad, The Ugly

The Good

Performance was measurably increased. With multiplexing the many images where responded to in parallel instead of serial responses. Additionally the average response rate looks to have decreased by about 10%

More responses, faster. Not as much as I thought, but still an improvement.

The Bad

This is not really a bad thing, but HTTP/2 requires SSL and the associated configuration. Year ago an SSL certification use to be expensive. This is not so much an issue any longer thanks to Lets Encrypt. I am not sure I would use Lets Encrypt in a large scale production environment but it gets the job done. Configuration take understand Linux operation and Nginx configuration.

OH, look at that. Smoother handling of results, and faster responses.

The Ugly

The performance gain was not as much as I had hoped. The main reason for this is the handling of the SSL. It does require CPU overhead to validate and process the traffic encryption. If you want to get fancy it is possible to off-load the SSL handling to a load balancer, thus leading the server to only process the request.

HTTP only: over 100 resources failing. HTTP/2 under 100. Nice.

Additional Resources

Conclusion

All in all HTTP/2 provides a decrease in response time, enforces encryption and is not terrible difficult to enable. Using the more advanced features (suc as push) and a caching system HTTP/2 is an amazing improvement to a corner stop internet technology.

Extra images sourced from https://chadhagen.com/ . Go help them out, Chad’s work is amazing.)


Also published on Medium.