Ubuntu 14.04 Nginx HTTP/2 Directive, NPN & ALPN

Abhishek Ghosh

By Abhishek Ghosh August 23, 2016 12:22 am Updated on August 23, 2016

Ubuntu 14.04 Nginx HTTP/2 Directive, NPN & ALPN

Previously, we wrote how to upgrade Ubuntu 14.04 LTS running Nginx to support HTTP/2 avoiding recompilation or actual stopping the server. Here is a Handy Guide For the New Users Around Ubuntu 14.04 Nginx HTTP/2 Directive, NPN & ALPN. Sadly, HTTP/2 is Not Exactly Easy Like SPDY. The reasons are obvious – SPDY, as well QUIC, HTTP/1.1 is within HTTP/2. Sadly, what we have not said in that easy upgrading of Nginx guide is about NPN & ALPN. Let us handle one by one.

Ubuntu 14.04 Nginx HTTP/2 Directive

That means, what you’ll add in /etc/nginx/sites-enabled/default file. First you will have these things :

server {
	listen 443 ssl http2 default_server;
	listen [::]:443 ssl http2 default_server;
         http2_max_concurrent_streams 128;   #default
         http2_max_concurrent_streams 64;
         http2_streams_index_size     32;    #default
         http2_streams_index_size     64;    #default
         http2_idle_timeout           30s;   #default
         http2_recv_timeout           3m;    #default
         http2_chunk_size             200k;
         http2_max_field_size         4096;  #default
         http2_max_header_size        16384; #default
         http2_pool_size              8192;
...

1

2

3

4

5

6

7

8

9

10

11

12

13

14

server {

listen 443 ssl http2 default_server;

listen [::]:443 ssl http2 default_server;

http2_max_concurrent_streams 128; #default

http2_max_concurrent_streams 64;

http2_streams_index_size 32; #default

http2_streams_index_size 64; #default

http2_idle_timeout 30s; #default

http2_recv_timeout 3m; #default

http2_chunk_size 200k;

http2_max_field_size 4096; #default

http2_max_header_size 16384; #default

http2_pool_size 8192;

...

Which we have not changed are marked as #default. Official documentation is here :

https://nginx.org/en/docs/http/ngx_http_v2_module.html

1	https://nginx.org/en/docs/http/ngx_http_v2_module.html

You need to add this directive too :

add_header Alternate-Protocol 443:npn-http/2;

1	add_header Alternate-Protocol 443:npn-http/2;

With older HTTP/1.1 and SPDY, we used this :

add_header Alternate-Protocol 443:npn-http/2;

1	add_header Alternate-Protocol 443:npn-http/2;

Add it higher (I mean to cover all location directives), otherwise it is not impossible some browser may miss the header advertisement for a particular content type. Alternate-Protocol is used by servers to tell the clients where they can connect directly with the given protocol. For example an HTTP/1.1 server could reply with Alternate-Protocol: 9999:h2 to tell the client to connect to a different port (9999), knowing that behind that port there is a HTTP/2 server. Without this header, a client would not know what protocol to speak on port 9999.

Testing Ubuntu 14.04 Nginx HTTP/2 With Google Chrome Browser

Now, you need to test whether things are working or not. Open Google Chrome browser. Now load your website’s any webpage. Open Developer Tool, select Network. Right click on the waterfall (click where Method, Status etc written) to evoke an option menu and click to add Protocol column. Now click Disable Cache option and reload the webpage. If you used our guide how to quickly upgrade Ubuntu 14.04 LTS running Nginx to support HTTP/2 or similar method, then protocol will be HTTP/1.1. We can understand your sadness – Google Chrome browser is not counting as HTTP/2.

Ubuntu 14.04 Nginx HTTP-2 Directive NPN ALPN

---

Now, test on SSL Labs. You’ll see that, ALPN shown as no, NPN shown as yes. Your server supports HTTP/2, but is not ALPN capable. For an ALPN capable server, Alternate-Protocol is just informative. Before May 31st, 2016 a protocol named NPN (Next Protocol Negotiation) was used. That was not a very efficient protocol, but it did the job. There is a newer negotiation protocol called ALPN (Application-Layer Protocol Negotiation). This is a more efficient version with more future-oriented features. Obviously, switching from NPN to ALPN there are far more benefits. However, web servers that in turn need at least OpenSSL 1.0.2 to run HTTP/2 with ALPN. That thing is very difficult to bring on Ubuntu 14.04. Google Chrome discontinued supporting NPN. Run nginx -V to see the OpenSSL is of 2014. With Ubuntu 16.04 LTS, you’ll by default get HTTP/2 with ALPN. It does not mean that you can not force Ubuntu 14.04 LTS to get HTTP/2 with ALPN. Most users were using old versions of Ubuntu, PHP 7 is not always a choice for all web servers (which is default for Ubuntu 16.04 LTS). In previous guide we helped you to upgrade to HTTP/2 in easy way. Unless you are upgrading step by step, for running website it is risky to jump to newest, specially with self managed servers.

.fail domain costs huge. Marketing can make anything king. It is not that Google Chrome would break if continued to support NPN. Invariably either you need to upgrade that Nginx or upgrade your Ubuntu/Debian/CentOS. Obviously, many users will think about first option. We will suggest so too in case PHP application demands work to support PHP 7.

How to Make Ubuntu 14.04 Nginx HTTP/2 Working With ALPN?

Frankly either you need to compile yourself or use someone’s compiled version. We are suggesting to follow CloudFlare’s way – compile Nginx from source supporting both SPDY and HTTP/2.

https://blog.cloudflare.com/open-sourcing-our-nginx-http-2-spdy-code/

1	https://blog.cloudflare.com/open-sourcing-our-nginx-http-2-spdy-code/

You may find compiled version of Nginx by someone on GitHub with that patch. We will release our compiled tested version for Ubuntu 16.04 LTS, because it will be meaningless for us to work with older version. With these information, you are up to date to August 2016 around the basics.

About Abhishek Ghosh

Here’s what we’ve got for you which might like :

Take The Conversation Further ...