Cloudflare ya shirya kundin don bayar da tallafi don yarjejeniyar HTTP / 3 a cikin NGINX. An gama karatun a cikin sigar karye a ɗakin karatun ɓullo a Cloudflare tare da aiwatar da ƙa'idar jigilar kayayyaki ta QUIC da HTTP / 3. An rubuta lambar neman a cikin Tsatsa, amma tsarin NGINX an rubuta shi a cikin C kuma yana samun damar shiga laburaren ta hanyoyin haɗin kai. Awanni suna aiki a buɗe a ƙarƙashin lasisin BSD.
Daga software na abokin ciniki, An riga an saka goyan bayan HTTP / 3 zuwa abubuwan gwajin gwaji na Canary na Chrome da kuma amfanin curl. A gefen uwar garke, ya zuwa yanzu ana buƙatar amfani da aiwatar da gwajin gwaji waɗanda ke da iyakantattun iyawa. Ikon sarrafa HTTP / 3 a cikin nginx zai sauƙaƙe ƙaddamar da sabobin tare da tallafin HTTP / 3 kuma hakan zai sa aiwatar da gwajin sabuwar yarjejeniya ta zama mai sauki.
HTTP / 3 yana daidaita amfani da yarjejeniyar QUIC azaman jigilar kaya don HTTP / 2. Google ya inganta yarjejeniyar QUIC a matsayin madadin TCP + TLS don Gidan yanar gizo, game da shi ya yi niyyar warware matsaloli tare da dogon lokacin shigarwa da haɗin mahadi a TCP da jinkirta kawar da asarar fakiti yayin watsa bayanai. QUIC toshe-ne ne a cikin yarjejeniyar UDP wacce ke goyan bayan yawaitar hanyoyin sadarwa da yawa kuma yana samar da hanyoyin boye-boye kwatankwacin TLS / SSL.
Daga cikin mahimman halayen QUIC waɗanda suka yi fice:
- Babban tsaro, kwatankwacin TLS (a zahiri, QUIC yana ba da ikon amfani da TLS akan UDP).
- Gudanar da mutuncin mutunci wanda ke hana asarar fakiti.
- Ikon kafa haɗin kai tsaye (0-RTT, kusan 75% na lamura, ana iya canja wurin bayanai kai tsaye bayan aika fakitin saitin haɗin haɗi) da kuma tabbatar da jinkiri kaɗan tsakanin aika buƙata da karɓar amsa (RTT, Zagayewar Lokaci) .
- Ba amfani da lambar jerin iri ɗaya lokacin da sake aika fakiti, wanda zai guji shubuha wajen tantance fakiti da aka karɓa da kuma kawar da lokacin aiki.
- Rasa fakiti yana shafar isarwar rafin da ke tattare da shi kawai kuma baya dakatar da isar da bayanai a cikin rafukan da aka watsa a layi daya akan haɗin yanzu.
- Kayan aikin gyara kuskure da ke rage jinkiri saboda sake dawo da fakiti da suka ɓace. Amfani da lambobin gyara kuskuren-matakin fakiti na musamman don rage yanayin da ke buƙatar sake tura bayanan fakiti da aka ɓace.
- Iyakokin bulodi na Cryptographic suna dacewa tare da iyakokin fakiti na QUIC, yana rage tasirin asarar fakiti akan daddafa abubuwan cikin fakiti masu zuwa
- Babu matsala tare da toshe layin TCP
- Taimako don gano mai haɗi, wanda ke rage lokacin don sake haɗawa ga abokan cinikin wayar hannu
- Ikon haɗi da manyan hanyoyin sarrafa abubuwa don wuce gona da iri
- Amfani da dabarar hango bandwidth a kowace hanya don tabbatar da ingantaccen isarwar fakiti, hana ta kai matsayin cunkoson da ake lura da asarar fakiti
- Ayyukan ƙwarai da ƙwarewa a kan TCP. Don hidimomin bidiyo kamar YouTube, QUIC ya nuna ragin 30% a cikin ayyukan sake ɓoye lokacin kallon bidiyo.
Yadda ake aiwatar da tsarin don tallafawa HTTP / 3 a cikin NGINX?
Ga waɗanda suke da sha'awar iya aiwatar da wannan tsarin a kan sabar su, Zasu iya yin hakan ta bin umarnin da muka raba a ƙasa.
Don tattara shi, kawai dole su zazzage facin don nginx 1.16 da lambar kodin din.
curl -O https://nginx.org/download/nginx-1.16.1.tar.gz tar xzvf nginx-1.16.1.tar.gz git clone --recursive https://github.com/cloudflare/quiche cd nginx-1.16.1 patch -p01 < ../quiche/extras/nginx/nginx-1.16.patch
Kuma muna tattara NGINX tare da kunna HTTP / 3:
./configure \ --prefix=$PWD \ --with-http_ssl_module \ --with-http_v2_module \ --with-http_v3_module \ --with-openssl=../quiche/deps/boringssl \ --with-quiche=../quiche make
Yayin tattarawa, tallafin TLS ya kamata ya dogara ne akan laburaren BoringSSL ("–with-openssl = .. / quiche / deps / boringssl"), ba a tallafawa amfani da OpenSSL ba tukuna.
Don karɓar haɗi a cikin sanyi, za su buƙaci ƙara umarnin mai sauraro tare da tutar "quic".