For connections from end users, Amazon CloudFront now supports HTTP version 3 (HTTP/3) requests through QUIC. The secure transport protocol used by HTTP/3, known as QUIC, is based on the user datagram protocol (UDP), stream-multiplexed, and combines the strengths of TCP, TLS, and HTTP/2. In comparison to earlier HTTP versions, HTTP/3 has a number of advantages, including improved security and quicker response times.
Customers are always seeking for ways to provide their users applications that are faster and more secure. Improved performance and dependability are more important than ever as internet usage spreads throughout the globe and more people access it from mobile devices and distant networks. In comparison to earlier HTTP versions, HTTP/3 improves performance and the end-user experience by speeding up connections and doing away with head of line blocking. The HTTP/3 support for CloudFront is based on s2n-quic, a fresh open-source Rust implementation of the QUIC protocol with a focus on effectiveness and performance. The HTTP/3 version of CloudFront supports client-side connection migrations, which enables client applications to restore connections after troublesome occurrences like the migration from WiFi to cellular service or chronic packet loss, with little to no delay.
Additionally, HTTP/3 offers improved security because it makes use of QUIC, which by default encrypts TLS handshake packets. Customers of CloudFront who have enabled HTTP/3 on their deployments have noticed improvements in page load times of up to 15% and a 10% reduction in time to first byte. Customers who enabled HTTP/3 on their distributions noticed reliability gains as a result of a decrease in handshake failures.
You can change the distribution configuration for your distributions to support HTTP/3 using the CloudFront Console, the UpdateDistribution API action, or a CloudFormation template. Using earlier HTTP versions, clients that do not support HTTP/3 can nevertheless communicate with Amazon CloudFront distributions that support HTTP/3.
All 410+ CloudFront edge locations across the world now support HTTP/3, and using this capability is free of charge. The CloudFront Developer Guide is a good resource for more information about Amazon CloudFront HTTP/3. Visit the Amazon CloudFront product page to find out more information.
New – HTTP/3 Support for Amazon CloudFront
A content delivery network (CDN) solution like Amazon CloudFront uses a network of connected servers that are geographically closer to users and deliver content to their PCs considerably faster. By distributing data over 410+ globally scattered Points of Presence (PoPs) with automated network mapping and clever routing, Amazon CloudFront minimizes latency.
In order to encrypt and secure communication between the user client and Amazon CloudFront, content, API requests and replies, or applications can be sent through HTTP 1.1 and HTTP 2.0 via the most recent version of Transport Layer Security (TLS).
As of right now, Amazon CloudFront now supports HTTP version 3.0 (HTTP/3) protocols. HTTP/3 makes use of QUIC, a secure, stream-multiplexed, user datagram protocol-based transport protocol that integrates and enhances the features of HTTP/2, TLS, and existing Transmission Control Protocol (TCP). In both current and future CloudFront distributions on all edge locations worldwide, you can now enable HTTP/3 for end user connections, and activating this functionality won’t incur any additional costs.
What is HTTP/3?
By using QUIC to get around many of TCP’s drawbacks, HTTP/3 provides those advantages to HTTP. TCP requires a handshake to create a session between a client and server when utilizing existing HTTP/2 over TCP and TLS, and TLS also requires a handshake to verify that the session is secure. When the client and server are geographically far apart, it can take a while for each handshake to complete the entire round trip between them. However, QUIC only requires one handshake to set up a secure session.
Additionally, a wide variety of middleboxes, including firewalls and network address translation (NAT) devices, can comprehend and manipulate TCP. To enable packet flows in a private or public network, QUIC uses UDP as its foundation. It is entirely encrypted, including the metadata, making middleboxes unable to view or alter its specifics.
For the purpose of preventing head-of-line blocking between requests and responses, HTTP/3 streams are individually multiplexed. Because stream multiplexing takes place in the transport layer rather than the application layer, as in HTTP/2 over TCP, this is conceivable. This makes online applications run more quickly, especially on sluggish networks and connections that are sensitive to latency.
HTTP/3’s advantages for CloudFront
Customers constantly want to offer end users a quicker, more responsive, and secure web experience. All CloudFront users can benefit from HTTP/3’s quicker connection times, stream multiplexing, client-side connection migration, and fewer handshake round trips, which lower error rates.
Users see no disruption or impact because QUIC connections over UDP permit connection reuse with a connection ID independent from IP address/port tuples. Applications used by customers in regions with poor network connectivity will run more efficiently.
With a strong focus on efficiency and performance, CloudFront’s HTTP/3 support offers improved security built on top of s2n-quic, an open-source Rust implementation of the QUIC protocol that was added to our collection of AWS encryption open-source libraries.
Users can send HTTP/3 viewer requests to CloudFront edge locations if HTTP/3 is enabled in CloudFront distributions. We have extremely dependable networks within the AWS Cloud past the edge location, and CloudFront will continue to use HTTP/1.1 for origin fetches. In order to make your material accessible over HTTP/3, you don’t need to make any server-side changes.
Customers may need to update their HTTP client library to a version that supports HTTP/3 for specific applications, such as those that use an HTTP client library to send HTTP requests. Clients can fall back to another supported protocol, such as HTTP/1.1 or HTTP/2, if for any operational reason they are unable to establish a QUIC connection.
How to Activate HTTP/3 Cloudfront
You can modify the distribution setup using the CloudFront UI to enable HTTP/3 connectivity. On an existing distribution or while creating a new distribution without altering the origin, you can choose HTTP/3 in the Supported HTTP versions section. Both the CloudFormation template and the UpdateDistribution API are options.
You can use a browser that supports HTTP/3, such as the most recent versions of Google Chrome, Mozilla Firefox, Microsoft Edge, and Apple Safari, after deploying your distribution and manually turning it on. Visit the Can I Use – HTTP/3 Support: https://caniuse.com/http3 page to find out more about web browser support.
You may view the HTTP/3 requests performed when a page is loaded from the CloudFront using the web developer tools in your browser. Mozilla Firefox is demonstrated in the picture below.
You can also add HTTP/3 support to Curl and test from the command line:
$ curl --http3 -i https://d1e0fmnut9xxxxx.cloudfront.net/speed.html HTTP/3 200 content-type: text/html content-length: 9286 date: Fri, 05 Aug 2022 15:49:52 GMT last-modified: Thu, 28 Jul 2022 00:50:38 GMT etag: "d928997023f6479537940324aeddabb3" x-amz-version-id: mdUmFuUfVaSHPseoVPRoOKGuUkzWeUhK accept-ranges: bytes server: AmazonS3 vary: Origin x-cache: Miss from cloudfront via: 1.1 6e4f43c5af08f740d02d21f990dfbe80.cloudfront.net (CloudFront) x-amz-cf-pop: ICN54-C2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 6fy8rrUrtqDMrgoc7iJ73kzzXzHz7LQDg73R0lez7_nEXa3h9uAlCQ==
Client Testimonials
Several AWS clients have already enabled HTTP/3 on their CloudFront deployments, including Snap, Zillow, AC3/Movember, Audible, and Skyscanner. Some of their voices are as follows:
A social media firm called Snap Inc. offers the Snapchat software to its global audience as a quick and enjoyable way to interact with close pals. With 20 percent less latency than its previous architecture, Snap can now accommodate more than 306 million Snapchat users who transmit over 5.4 billion Snaps daily on AWS.
Mahmoud Ragab, Software Engineering Manager at Snapchat said:
“Snapchat helps millions of people around the world to share moments with friends. At Snapchat, we strive to be the fastest way to communicate. This is why we have been partnering with Amazon Cloudfront for fast, high-performance, low latency content delivery, leveraging QUIC on Cloudfront.
It offers significant advantages while sending and receiving content, especially in networks with lossy signals and intermittent connectivity. Improvements offered by QUIC, like zero round-trip time (0-RTT) connection setup and improved congestion control enables an average of 10% reduction in time to first byte (TTFB) while lowering overall error rates. Lower network latencies and errors make Snapchat better for people all over the world.
With early access to QUIC, we’ve been able to experiment and quickly iterate and improve server-side implementation and optimize integration between the client and the server. Both companies will continue to collaborate together as QUIC is made more widely available.”
With transparency and nearly seamless end-to-end service, Zillow is a real estate technology firm that offers its consumers an on-demand experience for selling, buying, renting, and financing. Since 2015, Zillow has used Amazon S3 and Amazon CloudFront to improve the accessibility of their imaging system.
Zillow’s Chief Cloud Architect, Craig Link, stated:
“We are excited about the launch of HTTP/3 support for Amazon CloudFront. Enabling HTTP/3 on CloudFront was a seamless transition and our synthetic test and ad-hoc usage continued working without issue.”
One of the top organizations supporting men’s health, Movember Foundation, is a client of AC3, an Australian AWS Managed Services partner. It can be difficult to manage a global organization that manages donations, data, events, and multilingual websites across 21 nations. Movember, which was born on the cloud, has used AWS technology to adapt new working patterns, guarantee a flexible IT platform, and innovate more quickly.
Greg Cockburn, Director of AC3’s Hyperscale Cloud, stated:
“AC3 is excited to work with their longtime partner Movember enabling HTTP3 on their CloudFront distributions serving web and API frontends and is encouraged by the performance improvements seen in the initial results.”
Now accessible
All 410+ CloudFront edge locations globally now offer HTTP/3 compatibility for Amazon CloudFront, and using this capability is free of charge. Consult the Amazon CloudFront Developer Guide and FAQ for more information. Please contact AWS re:Post for Amazon CloudFront or your regular AWS support contacts with feedback.
- https://aws.amazon.com/blogs/aws/new-http-3-support-for-amazon-cloudfront/
- https://aws.amazon.com/about-aws/whats-new/2022/08/amazon-cloudfront-supports-http-3-quic/