SummerWind

Web, Photography, Space Development

Analyzing HTTP/2 traffic with h2a

Few days ago, I’ve released a reverse proxy for HTTP/2 developers called h2a. It mediates the HTTP/2 traffic between server and client, and display the frame data which is sent.

How to use h2a

Usage is simple. First please download the binary from release page of GitHub. Currently you can download the binaries for Linux and OS X.

When the download is complete, run h2a command to start the reverse proxy. In the following example, h2a listen the 8000 port, and use the server.crt/server.key as TLS certificate and private key. The origin server is 127.0.0.1:443.

$ ./h2a -c server.crt -k server.key -p 8000 -H 127.0.0.1 -P 443

Once h2a starts, you can access http://localhost:8000 from the HTTP client such as Firefox and you will be able to check the HTTP/2 traffic such as the following.

...
=> [  1] [  0] Connected
=> [  1] [  0] Negotiated Protocol: h2
=> [  1] [  0] SETTINGS Frame <Length:12, Flags:0x0>
               | Parameters:
               |   MAX_CONCURRENT_STREAMS(0x3): 100
               |   INITIAL_WINDOW_SIZE(0x4): 65535
=> [  1] [  3] PRIORITY Frame <Length:5, Flags:0x0>
               | Stream Dependency: 0
               | Weight: 200
               | Exclusive: No
=> [  1] [  5] PRIORITY Frame <Length:5, Flags:0x0>
               | Stream Dependency: 0
               | Weight: 100
               | Exclusive: No
=> [  1] [  7] PRIORITY Frame <Length:5, Flags:0x0>
               | Stream Dependency: 0
               | Weight: 0
               | Exclusive: No
=> [  1] [  9] PRIORITY Frame <Length:5, Flags:0x0>
               | Stream Dependency: 7
               | Weight: 0
               | Exclusive: No
=> [  1] [ 11] PRIORITY Frame <Length:5, Flags:0x0>
               | Stream Dependency: 3
               | Weight: 0
               | Exclusive: No
=> [  1] [ 13] HEADERS Frame <Length:38, Flags:0x25>
               | Stream Dependency: 11
               | Weight: 15
               | Exclusive: No
               | Header Fields:
               |   :method: GET
               |   :path: /
               |   :scheme: https
               |   :authority: 127.0.0.1:8000
               |   accept: */*
               |   accept-encoding: gzip, deflate
...

Why I developed h2a?

As Kazuho-san who is the author of H2O mentioned on his blog, the HTTP/2 priority affects the performance of Web site. So it’s important to know how HTTP/2 priority affect the performance if you want to optimize the performance of your web site.

However, it is difficult to confirm whether there is any effect on the HTTP/2 priority. There is no way to check the communication in HTTP/2 on major browsers. Even Wireshark requires TLS key information file outputted in the form of NSS Key Log Format. The browser that can output the TLS key information file is only firefox and Chrome. In the server side, any server except Nghttp2 does not have the ability to output the traffic of HTTP/2 in detail. Therefore, even analyzing the HTTP/2 traffic that occurs between the Safari 9 and Nginx, it is not possible to easily.

h2a will solve this problem. By acting as a reverse proxy, you can see HTTP/2 traffic between any browser and server.

Future plans

Currently, I’m planning to implement the following functions:

  • Optimize display data
  • JSON log output support
  • Multiple origin support
  • Configuration file support

Do you have a feature request? please create an issue on GitHub. Feedback is welcome!

Moto Ishizawa

Moto Ishizawa
ソフトウェアエンジニア。ロケットの打上げを見学するために、たびたびフロリダや種子島にでかけるなど、宇宙開発分野のファンでもある。