What does ALPN (Application-Layer Protocol Negotiation) mean in proxies?

Application Layer Protocol Negotiation ( ALPN ) is a mechanism for negotiating a protocol during the Transport Layer Security ( TLS ) handshake in order to avoid lengthy protocol upgrades later on in the connection. If using an HTTPS proxy, ALPN will let you immediately speak HTTP/2 or HTTP/3 with the proxy server rather than having to speak HTTP/1.1 initially and negotiate an upgrade manually. With moden protocols like HTTP/2 and HTTP/3, blindly speaking them to the proxy server will cause errors if the server does not support the protocol. As such, these protocols need to be negotiated with the server, confirming that both you and the server can speak them, before proxying begins. With HTTP/2 as an example, there are three methods for this negotiation. Prior Knowledge. Just assume the server speaks HTTP/2 and don't bother with a negotiation. HTTP/1.1 Upgrade. Start by speaking HTTP/1.1 (which you can safely assume the server knows) and send the server a message saying "I can do HTTP/2" if you can. ALPN. If the server is TLS cpaable, bundle your negotiation in with the TLS handshake, saving time on the protocol upgrade and letting you speakl HTTP/2 immediately. Of these options, ALPN has the best combination of resiliency and speed and is the go-to method for proxying in browsers and in proxy clients. During the ALPN flow, the client will tell the proxy server what protocols it is capable of using and the proxy server will select one of them. Typically, when proxying, the client will offer both HTTP/1 and HTTP/2 with the connection using HTTP/1 as the default if the server does not use ALPN or cannot agree on a protocol. You can see ALPN in action using curl: ![carbon.png](https://ping-proxies-strapi.ams3.cdn.digitaloceanspaces.com/public/uploads/26643992f4c0deebde32a0dce77b53a4.png)

GlossaryALPN (Application-Layer Protocol Negotiation)

ALPN (Application-Layer Protocol Negotiation)

Application Layer Protocol Negotiation (ALPN) is a mechanism for negotiating a protocol during the Transport Layer Security (TLS) handshake in order to avoid lengthy protocol upgrades later on in the connection. If using an HTTPS proxy, ALPN will let you immediately speak HTTP/2 or HTTP/3 with the proxy server rather than having to speak HTTP/1.1 initially and negotiate an upgrade manually.

With moden protocols like HTTP/2 and HTTP/3, blindly speaking them to the proxy server will cause errors if the server does not support the protocol. As such, these protocols need to be negotiated with the server, confirming that both you and the server can speak them, before proxying begins. With HTTP/2 as an example, there are three methods for this negotiation.

Prior Knowledge. Just assume the server speaks HTTP/2 and don't bother with a negotiation.
HTTP/1.1 Upgrade. Start by speaking HTTP/1.1 (which you can safely assume the server knows) and send the server a message saying "I can do HTTP/2" if you can.
ALPN. If the server is TLS cpaable, bundle your negotiation in with the TLS handshake, saving time on the protocol upgrade and letting you speakl HTTP/2 immediately.

Of these options, ALPN has the best combination of resiliency and speed and is the go-to method for proxying in browsers and in proxy clients. During the ALPN flow, the client will tell the proxy server what protocols it is capable of using and the proxy server will select one of them. Typically, when proxying, the client will offer both HTTP/1 and HTTP/2 with the connection using HTTP/1 as the default if the server does not use ALPN or cannot agree on a protocol. You can see ALPN in action using curl: