HTTP versions: measure HOL blocking and ship an HTTP/3 edge

Serve one static-plus-API origin simultaneously over HTTP/1.1, HTTP/2, and HTTP/3, then measure how head-of-line blocking differs between versions under packet loss — proving each claim with numbers, not estimates — and ship the observability an HTTP/3 edge needs.

• Stand up one origin (nginx, Caddy, or an edge like Cloudflare/Fastly in front of a small service) that serves all three versions: HTTP/1.1 and HTTP/2 over TCP/443 with ALPN, HTTP/3 over QUIC UDP/443 advertised via Alt-Svc and an HTTPS/SVCB DNS record.
• Build a test page or API that fans out to 30 to 50 concurrent sub-resources, so multiplexing and HOL blocking are observable rather than theoretical.
• Use a network-emulation tool (tc netem, toxiproxy, or a lossy test profile) to inject 0%, 1%, and 2% packet loss at a fixed RTT (e.g. 100 ms). Keep the page and load identical across runs.
• Measure page-load or batch-completion time for HTTP/1.1 (6 connections), HTTP/2 (one connection), and HTTP/3 at each loss level. Confirm HTTP/2 degrades fastest under loss and HTTP/3 holds up — the stream-isolation claim.
• Capture protocol-level evidence: a curl --http3 trace or qlog confirming h3 is actually selected, and a packet capture or server log showing one lost segment stalling all HTTP/2 streams versus per-stream recovery on HTTP/3.
• Instrument the edge: export ALPN distribution (share of h3 vs h2 vs http/1.1) and an h3-to-h2 fallback rate broken down by region or ASN. Add an alert that fires when fallback exceeds roughly 3x its baseline.
• Audit caching and semantic correctness on the API: per-user responses carry Cache-Control: private or no-store, compressed responses set Vary: Accept-Encoding, and error conditions return real status codes (not 200 with an error body).

• A before/after table: page-load or batch-completion time for /1.1, /2, and /3 at 0%, 1%, and 2% loss — measured under identical load, showing HTTP/2 degrading fastest and HTTP/3 holding closest to its no-loss baseline.
• Protocol evidence that h3 was actually negotiated (curl/qlog) and a capture or log demonstrating TCP-layer HOL blocking on /2 versus per-stream loss recovery on /3.
• A live dashboard with ALPN distribution and h3-fallback rate by region/ASN, plus a working alert rule, demonstrated by simulating a UDP/443 block (drop UDP on the emulator) and watching the fallback metric and alert fire.
• A short write-up: which version you would serve to which clients and why, how you would diagnose a real overnight h3 collapse, and which caching/semantic fixes you applied.