SPDY Protocol

SPDY-Protocol

What is SPDY?

SPDY (pronounced SPeeDY) is a networking protocol developed by Google with the purpose of speeding up the delivery of web content. It does this by modifying HTTP traffic which in turn reduces web page latency, and improves web security. HTTP, while powerful in its day, cannot keep up with the demands of today’s digital world, which is the reason SPDY was introduced to help meet those demands.

The most important goal of SPDY is to transport web content using fewer TCP connections. It does this by multiplexing large numbers of transactions onto one TLS connection. – hacks.mozilla.org

HTTP1.1 Vs. SPDY3.1

The SPDY protocol works with HTTP by manipulating web traffic as it leaves the server. SPDY is dependant on HTTP to work, however, helps improve many of the drawbacks that are directly associated with using HTTP. The following is a table that identifies the limitations that exists with HTTP and what SPDY does to help alleviate those limitations.

HTTP1.1 SPDY3.1
Performs serialized transfers meaning it can transfer multiple resources over one connection if keep-alive is enabled. However it still processes each request one at a time, resulting in server delays and under-utilized resources. Performs parallelized transfers, allowing multiple requests to be to be transferred simultaneously over a single connection, saving time on trips between client and server.
Only the client can initiate a request. This means the server must always wait to receive a request from the client for a resource. Enables the server to  “push” resources to the client that it knows the client will need (i.e JavaScript, CSS, etc.).
Sends uncompressed request and response headers. Allows the client and server to compress request and response headers; cutting down on bandwidth usage.
Repeatedly sends duplicate headers across requests on the same channel. Removes duplicate headers thus reducing the amount of bandwidth needed.

How the SPDY Protocol Works

SPDY works by adding an additional layer on top of SSL that allows it to improve the existing functionality of HTTP.

SPDY-Stack

Say for example, a browser accesses a site that is SPDY enabled. If the browser supports SPDY, it will send additional headers to the server to let the server know. Once the server receives the response from the browser and see’s that it is compatible, the server modifies HTTP traffic to include the performance optimization features brought on by SPDY.

Alternatively, if the browser does not support SPDY, the server will deliver traffic through the conventional HTTP protocol.

How to Enable SPDY on Your Origin Server

Enabling SPDY on your origin server is straightforward and can be done in just a couple of steps in Apache and Nginx.

Apache

Google provides the mod_spdy module for Apache 2.2 users (Apache 2.4  users will need to use an adapted version of mod_spdy). In order to get started you must download the appropriate package for your system. The architecture of your system can be determined by running uname -m

For Debian/Ubuntu users, you must run the following commands (as root):

dpkg -i mod-spdy-*.deb
apt-get -f install

For CentOS/Fedora users, you must run the following commands (as root):

yum install at  (if you do not already have 'at' installed)
rpm -U mod-spdy-*.rpm

Nginx

To enable Nginx with SPDY, Nginx users must first determine what version they have in order to ensure it is compiled with SPDY support:

$ nginx -V

If you don’t see –with-http_spdy_module somewhere in the output you will need to get a build that is SPDY enabled.

Once the version verification is complete, you can open the server block config for your SSL site and change:

listen 443 ssl;

to:

listen 443 ssl spdy;

then reload your config:

$ service nginx reload

SPDY is now enabled on your Nginx server.

Conclusion

The SPDY protocol is a great addition to HTTP in helping to reduce load latency and improve on things that HTTP1.1 currently does not handle optimally. However, SPDY is soon to be a thing of the past as Google has announced in February, 2015 that support for SPDY would be deprecated and in 2016, will be completely withdrawn.

This is due to the emergence of HTTP/2 which is based on the SPDY protocol. HTTP/2 has many of the same features although it uses a different compression algorithm, making it less vulnerable to attacks.

Read more about HTTP/2 here.

2 Comments

Leave A Comment?