Articles

Enable HTTP/2, HTTP/3, and QUIC on Your CDN (2026)

April 16, 2026 4 min read

HTTP/2, HTTP/3, and QUIC aren’t just faster protocols; they fundamentally change how your CDN interacts with users by prioritizing latency reduction and connection efficiency.

Let’s see this in action. Imagine a user requesting a webpage with many small assets from your CDN.

Traditional HTTP/1.1: Each asset request opens a new TCP connection or reuses an existing one. If the connection is slow or congested, subsequent requests are blocked, leading to "Head-of-Line Blocking."

HTTP/2: Multiple requests travel over a single TCP connection, multiplexed into streams. This significantly reduces connection overhead and latency.

HTTP/3 (over QUIC): This is where things get interesting. HTTP/3 uses QUIC, a UDP-based transport protocol. QUIC encrypts by default (like TLS 1.3) and handles stream multiplexing at the transport layer, eliminating TCP’s Head-of-Line Blocking entirely. If one stream encounters packet loss, other streams on the same connection are unaffected. Furthermore, QUIC’s connection establishment is faster, often requiring just one round trip (0-RTT) compared to TCP’s three-way handshake plus TLS handshake.

To enable these on your CDN, you’ll typically interact with your CDN provider’s dashboard or API. The exact steps vary, but the principles are the same.

Key Configuration Levers:

  1. Protocol Support Toggle: Most CDNs have a simple on/off switch for HTTP/2 and HTTP/3.

    • For Cloudflare: Navigate to Network -> HTTP/2 and toggle it on. For HTTP/3, go to Network -> HTTP/3 (Ogram) and toggle it on.
    • For Akamai: This is often managed via Property Manager. You’d create or edit a property, go to Rules -> Edit Settings, and under HTTP/2 and HTTP/3, ensure they are enabled.
    • For Fastly: In your service configuration, you’ll find options within the Response object or potentially under Headers to enable X-Forwarded-Proto and ensure upstream connections are configured for HTTP/2 or HTTP/3 if your origin supports it.

  2. TLS Configuration: HTTP/2 and HTTP/3 require TLS. Ensure your CDN has a valid SSL/TLS certificate configured for your domain.

    • For Cloudflare: SSL/TLS -> Edge Certificates. Ensure "Full (strict)" or "Full" encryption mode is selected. For HTTP/3, a Universal SSL certificate is sufficient.
    • For Akamai: Within Property Manager, under Security -> SSL/TLS Certificates, ensure a certificate is provisioned and active for your hostname.
    • For Fastly: In your service configuration, under SSL Certificates, ensure an active certificate is associated with your domain.

  3. Origin Support (Optional but Recommended for Full Benefit): While the CDN can terminate HTTP/2 or HTTP/3 and speak HTTP/1.1 to your origin, enabling HTTP/2 or HTTP/3 between the CDN and origin provides end-to-end performance gains. This requires your origin server to support these protocols.

    • Nginx Example (Origin):
      server {
    listen 443 ssl http2; # Enable HTTP/2
    server_name yourdomain.com;

    ssl_certificate /etc/nginx/ssl/yourdomain.com.crt;
    ssl_certificate_key /etc/nginx/ssl/yourdomain.com.key;

    # For HTTP/3 (QUIC), you need OpenSSL 1.1.1+ and specific configurations
    # listen 443 quic reuseport; # Example, exact config varies
    # ssl_quic_method TLSv1.3;

    # ... other configurations
}
    • Apache Example (Origin):
      <VirtualHost *:443>
    ServerName yourdomain.com
    Protocols h2 http/1.1 # Enable HTTP/2

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/yourdomain.com.crt
    SSLCertificateKeyFile /etc/ssl/private/yourdomain.com.key

    # For HTTP/3 (QUIC), requires mod_h3 or similar modules
    # H3_LISTEN *:443 # Example, exact config varies

    # ... other configurations
</VirtualHost>
    • CDN Configuration (to connect to origin): In your CDN settings, you’ll specify the origin protocol. For example, on Cloudflare, under Network -> Load Balancing or DNS settings for your origin, you might choose "HTTP/2" or "HTTP/3" as the origin protocol.

  4. IP Version Support: HTTP/3 and QUIC are fundamentally designed for IPv6. While many implementations offer IPv4 fallback, ensuring your CDN and origin have robust IPv6 connectivity will yield the best performance.

    • Check CDN: Most major CDNs automatically handle IPv6 for their edge networks.
    • Check Origin: Ensure your origin server’s firewall and network stack are configured to accept IPv6 traffic and that your DNS AAAA records are correctly pointing to your IPv6 addresses.

  5. Cache Behavior: With faster connections, users might request assets more frequently. Ensure your CDN’s cache hit ratio remains high.

    • Cloudflare: Caching -> Configuration. Adjust Browser Cache TTL and Origin Cache Control.
    • Akamai: Use Cache tab in Property Manager to set Cache Key (e.g., include Query String, Cookies, Headers) and TTL.
    • Fastly: Configure Cache settings within your vcl_deliver or vcl_fetch to control what constitutes a cacheable object and its duration.

The performance gains from HTTP/2 and HTTP/3 are most pronounced on high-latency networks or when serving many small, independent assets. The elimination of TCP’s Head-of-Line Blocking in HTTP/3, especially, is a critical distinction that allows multiple application streams to progress concurrently even when underlying packets are lost.

Most people assume HTTP/3 is just "faster HTTP/2," but the shift to UDP and the fundamental redesign of stream multiplexing at the transport layer is what truly breaks the decades-old limitations of TCP for web traffic.

The next challenge is optimizing your application to leverage these protocols, moving beyond static asset delivery to dynamic content and APIs.

Want structured learning?

Take the full Cdn course →