Horrible, Helpful, http3 Hack - Computerphile

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

but what we're talking about today is HTTP 3 and quick okay so it's our first time meeting in real life nice to meet you yes as well there's lots to get through here uh HTTP 3 is obviously the third version of http but it's a lot more than just a version number change it entered the internet engineering task force standard strike became a request for comments in I think June this year and I think it's one of the most revolutionary things I've come across in all my time doing networking but also it's kind of a really disgusting hack I want to try and try and explain why I think it's so really good and exciting but also why I think it's so awful there's a couple of things we need to understand to start so um one thing we need to understand is the network stack and as far as Network's concerned this is real ancient history you've got a very good video by Richard mortier about nine years ago for example and more does a good job of running through the whole thing and if you don't know what the network stack is take a look at that but let's let's do the basics right let's do the real Basics so we get up to date I'm going to skimp over a lot of details here so please do not be offended I'm going to miss out completely several of the layers but the layers that are important today are the application layer that's where all of our programs live when I'm telling us here so this is the fun one this is normally your computer game is this is one where your web browser is this is one of their social networks so the application layer exists on your end computers on the servers that's running the software that communicates with the network so that's our top level and I'm going to put into the side here the transport layer and the job of the transport layer it sits on the end hosts and its job is to make sure the data you get is good and I'm going to specify that more precisely in a moment below that we have the network layer and the network layers job that gets the data to wherever it's supposed to be if it's supposed to be in Berlin Shanghai London wherever the network layer's job is to carry the data the whole distance and I'm not even going to talk about the data link and the physical layer below this is what we're interested in today the network layer and the transport layer and at the network layer there's really only one game in town there's Internet Protocol you can have a version four you can have a version six and there's other little bits of things associated with Internet Protocol but most of the time the network layer is about the Internet Protocol the job of this this network layer and the Internet Protocol carry the data between computers the transport layer we have two options transmission control protocol and user datagram protocol last time we spoke I was talking about transmission control protocol this sit at the end computer and they're trying to impose some kind of order on what the network layer sends to us I'm going to circle the UDP in red because it's unreliable if data is lost it stays lost if data is sent so fast that buffer overflows and all the packets disappear they stay disappeared I'm at Circle TCP in green because TCP does loads of things TCP make sure you send the data at the right rate last time we were talking about congestion control and how TCP tries to get the speed of sending data correct but TCP also makes sure the packets are re-transmitted so if a packet is lost it's tcp's job to make sure that we get that packet back if packets get out of order if they overtake each other it's tcp's job to make sure the packets are put back into the correct order so let's imagine TCP it's sitting there on your laptop or on your mobile phone it's looking at the packets it's getting from the network layer and it's saying is this packet cardboard is it the next packet do I have to ask again for a missing packet is this packet in order and only if the packet is reliable correct and in order is it going to be patched up to the application sounds great right so TCP is the one you want it's going to pass you the right data in the right order with no gaps so on top of that let's put an application HTTP and most of the traffic being sent these days it is HTTP HTTP has been around a long time starting 89 first official version 1.0 I think in 96. we didn't get to 2.0 until 2015 and three point uh and HTTP 3 is gin I think it's June might be July but very it's this year's here's the problem TCP is really good at being a pipe for data it sends bits bits go in one end and they come out the other end in order but it's agnostic to what the application is it doesn't care the other problem is it's very very hard now to change gcp and UDP let's have a look let's let's have another drawing let's try and make ourselves a little Network so here the traditional way of drawing the internet is a big confusing cloud and we'll have some routers or routers if you're American the only these actors being routers and we get to the end and let's have something representing a server here and here we're going to have our laptop and we're going to have TCP here and TCP here controlling the reliability and everywhere else IP IP IP and that's the the original design that's how it's supposed to work and the idea was that because of this layering let's imagine we found out that TCP didn't quite work or we needed to modify it we could have another one we could put in something else we could have Sean's TCP or Richard's TCP and it's a different protocol but maybe we could pop it in at the transport layer and that'll be fine but there's a big problem with that now because actually this diagram which is what you'd show to somebody who's learning a beginning networks course is missing a bunch of horrible details we need what's called middle boxes have you come across middle boxes no well I'm guessing what they might be but a box in the middle yeah yeah we need some we need some extra things some people want firstly we start to run out of ipv4 addresses well or why not first but that's one thing that happens so we need and then there's Nas isn't it isn't that exactly Network address translation so we're going to pop in and that box in probably a nap box here you might be sitting behind multiple layers of these I can get home I'm behind at least two layers of that then you might want something else so this is going to be a data center so maybe we're going to pop in a load balancer here so a load balancer perhaps well definitely we want it firewall right so you can't go on the internet without a firewall so let's have a firewall in here and probably want a firewall at the other end as well and maybe you've got some middle boxes sitting here as well doing some monitoring here's where we start to get a problem because all of those middle boxes are meant to be very neutral they're meant to be just passing on IP traffic but they start to make assumptions they start to say we'll be in a firewall let's have a look at the TCP see if there's something dodgy about the TCP connection the nap box does okay we need to know whether this is TCP or UDP and suddenly you've got a problem because if you design something that's not TCP it's going to break all these middle boxes or rather it's not going to break Little Boxes the middle box is just going to go Ah that's garbage Sean TCP is a definite no-go we're throwing that bracket in the bin it's not properly formatted TCP maybe somebody's hacking or it's just not going to understand it or know what to do with it so we get the problem that we call ossification we are we're stuck with Frozen um I think it comes from Bones actually like um but anyway you're kind of you can't change any of these things you can't have a UDP or TCP that changes anything that's going to be sent over the network there's these middle boxes are a problem why do we want to change them well I said TCP was good at being a pipe for data but if you know what that data is you can make some optimizations if you knew your data was http there's a lot of things you can do so let's look at one of those things um I think I mentioned before TLS you've got a very good video with Mike pound explaining that so when TCP starts off it needs to do what we call a handshake so we need to kind of introduce ourselves the server make sure that we've got our connection and this is again this is something you're teaching every basic networking class and I'm sure most of you know it already or many of you do so we have a client here and we have a server here and so time is coming down in this direction and each of these lines is a single packet being sent so the client wants to connect to the server it's going to send an s-y-n a sin packet the server is going to respond with a second packet sin back the client gives an ack and that's the first time the client can send data but these days we also want security we want https it's no good sending things in plain text so the clients also now going to request a security it's going to use TLS in HD2 and ftls 1.2 it's going to send a hello the server is going to send back a certificate and now we've added on exchanges of data that's very important because a web page is a complex old Beast there's lots of even on a fairly basic web page you've got some HTML you might have a little bit of JavaScript you've got some images you've got a style sheet that web page even even if it's fairly simple is going to be several files and if you're looking at a really complex web page dozens of files and this client and server may be geographically distant so each time you do there to there you're adding a round trip time of delay I'm sure you can see right now looking at that but something kind of obvious you could do so it can combine some of those issues right exactly is that like yeah you've thought of it in two seconds yeah perfect uh and that would work really fine except for those middle boxes because now we've changed what transmission control protocol is sending on the wire and now your Fireball your firewall middle box looks at it and it goes what was that thing it's trying to be a sin packet but it's sending me some data tight look at that seems a bit dodgy throws it away now you've developed a protocol that's maybe it's going to work for 90 of the internet all right you sent to the internet but it's going to die for the other 10 or 20 percent this is the ossification problem so we can't change how TCP is working but we can't change what's going over the wire like that without risking things not getting there things being mangled and misinterpreted by these middle boxes now for a long long time getting back to this time TCP has been the only game in town and udp's there it does some important things but the bulk of the work was TCP and kind of rightly so because it's got these nice features the reliability the congestion control the flow control the idea behind HTTP 3 and quick so uh q u i c quick originally I love this actually originally stood for quick UDP internet connection but eventually the iitf standard decided it didn't stand for anything and it's just going to be quick so now it's quick which definitely doesn't stand for anything and that's going to do all this heavy lifting that's going to sit above UDP the horrible useless unreliable protocol and it's going to look at those packets as they come in and it's going to add some little data into the UDP packet it's going to add some extra data so that we can determine is it the same connection is this an acknowledgment has this packet been delivered successfully is there a missing packet here this is where I'm torn between thinking this is a piece of Brilliance and thinking this is so horrible I can't count and insert about 12 years ago I was sitting around chatting some Network people and Nate day we have an idea we wanted a new protocol and we thought about this and we sort of put the idea into the room maybe we could run it over UDP and then Implement all of the reliability over that and pretty much everybody went that's too disgusting to contemplate but actually if you if you shed your prejudices it makes quite a bit of sense so now these things here which usually live in the operating system now if we're running things over UDP what we're going to do here so normally TCP would feed straight to hdq here we're going to put in a new a new thing at the application we're going to put in this quick the UDP packet has some extra information and quick is going to interpret that and it's going to do everything that TCP would do it's going to look for um missing packets it's going to send acknowledgments it's going to do flow control it's going to do congestion control but because this is the application layer we're not changing anything about UDP we've got loads of freedom to mess about here the other thing we can do is we can add in that transport layer security I have not left myself room in the diagram we can add in TLS 1.3 in here as part of the quick protocol now we've got ourselves a new protocol stack and of course the middle boxes are just think it's just a standard UDP yeah for the middle boxers this is just UDP oh UDP you've known it for years to be fair actually some places I block UDP but that's fine because you've got good old HTTP over TCP to fall back too so what does the stack look like now so our network not changed really if you want to change the network layer which is what IPv6 is doing be prepared to wait 20 years the transport layer so here's our old model where we have TCP going up to H well going up through TLS 1.2 going to http s so this is the transport layer and then this https TLS 1.2 is our application but now we've got this new option we've got UDP we've got quick which has TLS 1.3 doing the certificates and security inside it on up at the top HTTP s and so really philosophically now this whole thing here this is our transport layer and we can specialize this for https we can specialize it so there's a problem called head of line blocking I haven't really got time to get into but it allows us if a packet is lost if that gets lost in TCP just gotta wait you can't send it to the application just gotta wait for more packets to come in with UDP Packers you can read them as you get them and quick can say oh okay I've lost a packet that's part of that image but I've got a packet that's part of the web page I've got a packet that's part of the JavaScript so I can assemble all them and that image will show up at some point later so cured it out of line blocking saved ourselves around trip Times by amalgamating the TLs with the handshake the whole thing when it works works really quickly and we've got ourselves this transport layer that's specialized for a single application TCP was an agnostic pipe that you shove data in one end get data out the other end doesn't care what that data is quick specialized for https really perfect for Street for sending over web pages oh oh my goodness it's it's it's muddled and horrible and nobody if you had a fresh what we call a clean sheet design nobody would have come up with this so is it beautiful is it ugly it's efficient it works and it's going to take over the web so make your own judgment get used to it yeah get used to it absolutely get used to it see ya how much room it's got left so now the sender knows if I don't want to overwhelm that computer I'm only going to send a fairly well let's just write a very silly little Python program so I can write this function let me make a little bit of a bigger font size for you

Info

Channel: Computerphile

Views: 76,788

Rating: undefined out of 5

Keywords: computers, computerphile, computer, science

Id: wV9FSyFB8tk

Channel Id: undefined

Length: 20min 54sec (1254 seconds)

Published: Wed Dec 14 2022