Analyzing HTTP/2 traffic with h2a
Few days ago, I’ve released a reverse proxy for HTTP/2 developers called h2a. It mediates the HTTP/2 traffic between server and client, and display the frame data which is sent.
How to use h2a
Usage is simple. First please download the binary from release page of GitHub. Currently you can download the binaries for Linux and OS X.
When the download is complete, run h2a command to start the reverse proxy. In the following example, h2a listen the 8000 port, and use the server.crt/server.key as TLS certificate and private key. The origin server is 127.0.0.1:443.
$ ./h2a -c server.crt -k server.key -p 8000 -H 127.0.0.1 -P 443
Once h2a starts, you can access http://localhost:8000 from the HTTP client such as Firefox and you will be able to check the HTTP/2 traffic such as the following.
...
=> [ 1] [ 0] Connected
=> [ 1] [ 0] Negotiated Protocol: h2
=> [ 1] [ 0] SETTINGS Frame <Length:12, Flags:0x0>
| Parameters:
| MAX_CONCURRENT_STREAMS(0x3): 100
| INITIAL_WINDOW_SIZE(0x4): 65535
=> [ 1] [ 3] PRIORITY Frame <Length:5, Flags:0x0>
| Stream Dependency: 0
| Weight: 200
| Exclusive: No
=> [ 1] [ 5] PRIORITY Frame <Length:5, Flags:0x0>
| Stream Dependency: 0
| Weight: 100
| Exclusive: No
=> [ 1] [ 7] PRIORITY Frame <Length:5, Flags:0x0>
| Stream Dependency: 0
| Weight: 0
| Exclusive: No
=> [ 1] [ 9] PRIORITY Frame <Length:5, Flags:0x0>
| Stream Dependency: 7
| Weight: 0
| Exclusive: No
=> [ 1] [ 11] PRIORITY Frame <Length:5, Flags:0x0>
| Stream Dependency: 3
| Weight: 0
| Exclusive: No
=> [ 1] [ 13] HEADERS Frame <Length:38, Flags:0x25>
| Stream Dependency: 11
| Weight: 15
| Exclusive: No
| Header Fields:
| :method: GET
| :path: /
| :scheme: https
| :authority: 127.0.0.1:8000
| accept: */*
| accept-encoding: gzip, deflate
...
Why I developed h2a?
As Kazuho-san who is the author of H2O mentioned on his blog, the HTTP/2 priority affects the performance of Web site. So it’s important to know how HTTP/2 priority affect the performance if you want to optimize the performance of your web site.
However, it is difficult to confirm whether there is any effect on the HTTP/2 priority. There is no way to check the communication in HTTP/2 on major browsers. Even Wireshark requires TLS key information file outputted in the form of NSS Key Log Format. The browser that can output the TLS key information file is only firefox and Chrome. In the server side, any server except Nghttp2 does not have the ability to output the traffic of HTTP/2 in detail. Therefore, even analyzing the HTTP/2 traffic that occurs between the Safari 9 and Nginx, it is not possible to easily.
h2a will solve this problem. By acting as a reverse proxy, you can see HTTP/2 traffic between any browser and server.
Future plans
Currently, I’m planning to implement the following functions:
- Optimize display data
- JSON log output support
- Multiple origin support
- Configuration file support
Do you have a feature request? please create an issue on GitHub. Feedback is welcome!