惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
AWS News Blog
AWS News Blog
Google DeepMind News
Google DeepMind News
U
Unit 42
博客园 - 叶小钗
博客园 - 聂微东
GbyAI
GbyAI
Stack Overflow Blog
Stack Overflow Blog
有赞技术团队
有赞技术团队
aimingoo的专栏
aimingoo的专栏
D
DataBreaches.Net
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
美团技术团队
The Cloudflare Blog
M
MIT News - Artificial intelligence
Microsoft Azure Blog
Microsoft Azure Blog
I
InfoQ
S
Schneier on Security
C
Check Point Blog
Project Zero
Project Zero
The Hacker News
The Hacker News
Scott Helme
Scott Helme
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Cisco Talos Blog
Cisco Talos Blog
P
Privacy International News Feed
SecWiki News
SecWiki News
Latest news
Latest news
MongoDB | Blog
MongoDB | Blog
S
Secure Thoughts
Google Online Security Blog
Google Online Security Blog
F
Fortinet All Blogs
博客园 - 三生石上(FineUI控件)
H
Help Net Security
TaoSecurity Blog
TaoSecurity Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Last Week in AI
Last Week in AI
P
Privacy & Cybersecurity Law Blog
Forbes - Security
Forbes - Security
G
GRAHAM CLULEY
N
Netflix TechBlog - Medium
L
Lohrmann on Cybersecurity
A
About on SuperTechFans
T
The Exploit Database - CXSecurity.com
C
Cisco Blogs
PCI Perspectives
PCI Perspectives
大猫的无限游戏
大猫的无限游戏
T
Troy Hunt's Blog
H
Hacker News: Front Page
Vercel News
Vercel News

NGINX Community Blog

External Authentication Policy in NGINX Ingress Controller: A Real World Use Case – NGINX Community Blog External Authentication Policy in NGINX Ingress Controller: Patterns for VirtualServer and Ingress – NGINX Community Blog mTLS Policies in NGINX Ingress Controller – NGINX Community Blog Optimising NGINX Ingress Controller Startup Performance – NGINX Community Blog Meet With Us: NGINX Gateway Fabric & NGINX Ingress Controller Community Calls  – NGINX Community Blog Security, Performance, and Easier Migration – NGINX Community Blog Strengthening the NGINX Community – NGINX Community Blog F5 WAF for NGINX Comes to the Gateway API – NGINX Community Blog How NGINX Ingress Controller and NGINX Gateway Fabric Handle Kubernetes Backend Changes Natively – NGINX Community Blog Cache Policy in NGINX Ingress Controller: A Practical Guide for VirtualServer – NGINX Community Blog Access Control Policy in NGINX Ingress Controller: Patterns for Ingress – NGINX Community Blog Enterprise-Grade Features and Gateway API 1.5 Conformance – NGINX Community Blog NGINX OSS 1.29.6 and 1.29.7: Open-sourced Session Persistence, Multipath TCP and More – NGINX Community Blog CORS Policy in NGINX Ingress Controller v5.4.0: Patterns for VirtualServer and Ingress – NGINX Community Blog A Community Hub for NGINX on Kubernetes, Including a New Ingress-NGINX Migration Tool – NGINX Community Blog
Keep-alive to upstreams is now default in NGINX 1.29.7 – NGINX Community Blog
Nick Shadrin · 2026-03-24 · via NGINX Community Blog

Before version 1.29.7, NGINX used HTTP/1.0 by default for connecting to HTTP upstream servers. This older version of the protocol does not have the capability of HTTP persistent connections, commonly known as “keep-alive.”

Keep-alive reduces the number of handshakes, reduces latency, and reduces time to first byte for most regular web applications. In order to enable HTTP/1.1 and switch on the keep-alive behavior for upstream servers, operators added several directives in their configuration files. In many cases, this was forgotten, and multiple parts of web applications ended up working slower than expected.

Commonly used configuration snippet:

proxy_http_version 1.1;
proxy_set_header Connection "";

With version 1.29.7, released in March 2026, we changed the default behavior of HTTP proxying to use HTTP/1.1 with keep-alive.

The above-mentioned configuration lines are now no longer needed.

Downgrading upstream connections to HTTP/1.0

If your backend servers specifically require HTTP/1.0, you can use the following configuration lines in the relevant location contexts:

proxy_http_version 1.0;
proxy_set_header Connection "Close";

New keepalive directive parameter “local”

When the same upstream block is referenced across multiple locations or server blocks, requests from those different locations may be multiplexed over a single TCP connection to the upstream.

This behavior is controlled by the “local” parameter of the keepalive directive in the upstream context.

Due to backwards compatibility with previous NGINX versions, the default behavior of this parameter is not obvious. Please read through the following three options:

1. Default behavior when no keepalive directive is present: cached upstream connections are not shared between locations.

2. Behavior when the keepalive directive is present without the “local” parameter: cached upstream connections are shared between locations. This behavior is consistent with previous versions of NGINX:

upstream your-upstream-name {
  keepalive 32;
....
}

3. Behavior when the keepalive directive is present with the “local” parameter: this is the most explicit setting, with a predictable outcome.

upstream your-upstream-name {
  keepalive 32 local;
....
}

Refer to the official documentation for more details:

https://nginx.org/en/docs/http/ngx_http_proxy_module.html

https://nginx.org/en/docs/http/ngx_http_upstream_module.html

Use the “Discussions” section of our official repository for feedback: https://github.com/nginx/nginx/discussions

Follow the upcoming code changes and development conversations: https://github.com/nginx/nginx/pulls

NGINX Community Forum