I’m trying to understand the behavior observed in my tests.
We use an HTTP2-enabled CDN that is available under multiple domain names (that all resolve to the same IP at the end for a given user, normally – unless the DNS requests happen at different time and the load balancing kicks in), for example:
https://static1.dmcdn.net/
https://static2-ssl.dmcdn.net/
etc.
The domains were created long time ago for sharding + differentiating http vs https calls, but essentially they are all equivalent nowadays.
I was thinking this would be an antipattern as it would cause a DNS+TCP+TLS for each of those domains, but actually it’s not true. It seems that HTTP2 is intelligent enough to reuse the connection even across the domains if it’s sure it’s talking to the same server.
Test page:
https://jg-testpage.github.io/wpt/cdn-shared-connect.html
Firefox: WebPageTest Test - WebPageTest Details
Chrome: WebPageTest Test - WebPageTest Details
As you can see, Chrome immediately reuses the existing h2 connection (no DNS, no TCP, no TLS).
Firefox does a DNS query first, and then reuses the existing h2 connection (no TCP, no TLS).
I can explain the behavior of Firefox:
- DNS request to both servers, notices the same IP
- TLS handshake returns a cert with
*.dmcdn.net, dmcdn.netsubjectAltName
What is surprising to me though is that Chrome doesn’t do DNS request to get IP of the second server. How does it know that static1 and static2-ssl are the same thing then?