惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Project Zero
Project Zero
Security Archives - TechRepublic
Security Archives - TechRepublic
C
Cyber Attacks, Cyber Crime and Cyber Security
Security Latest
Security Latest
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
V
Vulnerabilities – Threatpost
C
CERT Recently Published Vulnerability Notes
S
Schneier on Security
G
GRAHAM CLULEY
L
Lohrmann on Cybersecurity
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
F
Full Disclosure
T
The Exploit Database - CXSecurity.com
P
Proofpoint News Feed
WordPress大学
WordPress大学
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
大猫的无限游戏
大猫的无限游戏
MyScale Blog
MyScale Blog
Hacker News: Ask HN
Hacker News: Ask HN
G
Google Developers Blog
H
Heimdal Security Blog
O
OpenAI News
Hugging Face - Blog
Hugging Face - Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
LangChain Blog
C
Cisco Blogs
云风的 BLOG
云风的 BLOG
IT之家
IT之家
Cyberwarzone
Cyberwarzone
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Know Your Adversary
Know Your Adversary
博客园 - 聂微东
The Cloudflare Blog
C
Check Point Blog
K
Kaspersky official blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
月光博客
月光博客
T
Tor Project blog
T
Threat Research - Cisco Blogs
T
Tailwind CSS Blog
P
Proofpoint News Feed
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
小众软件
小众软件
Cloudbric
Cloudbric
A
Arctic Wolf

NGINX Community Blog

External Authentication Policy in NGINX Ingress Controller: A Real World Use Case – NGINX Community Blog External Authentication Policy in NGINX Ingress Controller: Patterns for VirtualServer and Ingress – NGINX Community Blog mTLS Policies in NGINX Ingress Controller – NGINX Community Blog Optimising NGINX Ingress Controller Startup Performance – NGINX Community Blog Meet With Us: NGINX Gateway Fabric & NGINX Ingress Controller Community Calls  – NGINX Community Blog Security, Performance, and Easier Migration – NGINX Community Blog Strengthening the NGINX Community – NGINX Community Blog F5 WAF for NGINX Comes to the Gateway API – NGINX Community Blog How NGINX Ingress Controller and NGINX Gateway Fabric Handle Kubernetes Backend Changes Natively – NGINX Community Blog Cache Policy in NGINX Ingress Controller: A Practical Guide for VirtualServer – NGINX Community Blog Access Control Policy in NGINX Ingress Controller: Patterns for Ingress – NGINX Community Blog Enterprise-Grade Features and Gateway API 1.5 Conformance – NGINX Community Blog Keep-alive to upstreams is now default in NGINX 1.29.7 – NGINX Community Blog CORS Policy in NGINX Ingress Controller v5.4.0: Patterns for VirtualServer and Ingress – NGINX Community Blog A Community Hub for NGINX on Kubernetes, Including a New Ingress-NGINX Migration Tool – NGINX Community Blog
NGINX OSS 1.29.6 and 1.29.7: Open-sourced Session Persistence, Multipath TCP and More – NGINX Community Blog
Michael Vernik · 2026-03-27 · via NGINX Community Blog

NGINX 1.29.6 and 1.29.7 introduce significant updates and mark the first in a planned series to add capabilities to NGINX Open Source formerly limited to NGINX Plus. With updates to core runtime behavior and network support, these releases ensure that NGINX can continue to meet the needs of modern applications and AI workloads. 

Highlights of these releases include: 

  • Open sourced sticky cookie session persistence 
  • Upstream proxy connections now default to HTTP/1.1 and no longer require explicitly configured keep-alives and connection headers 
  • Multipath TCP (MPTCP) support 
  • Several important security-related fixes 

Together, these changes expand what operators can do with NGINX Open Source while simplifying configurations for optimizing performance to proxied services. 

Open Sourced Sticky Cookies for Session Persistence 

NGINX 1.29.6 adds support for cookie-based session persistence to open source, a capability previously only available commercially in NGINX Plus. 

Sticky cookies allow NGINX to issue a session cookie and route subsequent requests from that client to the same upstream server. Unlike IP-based affinity methods, cookie persistence avoids issues introduced by NAT, mobile networks, carrier-grade proxies, or large-scale edge routing. 

Example configuration: 

upstream backend { 
   server backend1.example.com; 
   server backend2.example.com; 
 
   sticky cookie srv_id expires=1h domain=.example.com path=/; 

Why it matters

  • Many production workloads still rely on in-memory session state 
  • Stateless design is not always immediately achievable 
  • Cookie-based persistence provides deterministic routing without requiring external session stores or application refactoring 

Who it helps

  • E-commerce platforms maintaining transactional continuity 
  • Real-time dashboards and WebSocket applications 
  • Enterprises modernizing legacy stateful services 
  • Platform teams that need controlled session affinity in Kubernetes or VM environments 

Default to HTTP/1.1 for Upstream Connections 

NGINX 1.29.7 now defaults to HTTP/1.1 when proxying to upstreams. 

HTTP/1.1 enables persistent upstream connections via keep-alives, chunked transfer encoding, and broader compatibility with modern application frameworks. Learn more about this change in our dedicated post on this topic

Why it matters

  • Operators no longer need to explicitly configure HTTP/1.1, enable keep-alives and remove connection headers when routing traffic to upstreams 
  • Backend interoperability issues are reduced 
  • Default behavior aligns with modern framework expectations 

Who it helps

  • Teams running modern frameworks that expect persistent connections 
  • Operators troubleshooting inconsistent upstream behavior 
  • Platform teams standardizing proxy behavior across environments 

Multipath TCP (MPTCP) Support 

NGINX 1.29.7 adds support for Multipath TCP (MPTCP). MPTCP allows a single TCP connection to use multiple network paths simultaneously, improving resilience and throughput in multi-homed or heterogeneous network environments. 

Why it matters

  • Applications benefit from improved reliability without modification 
  • Transport-layer resilience increases as kernel-level MPTCP support matures 
  • Infrastructure performance improves across heterogeneous networks 

Who it helps

  • Edge and mobile deployments with variable connectivity 
  • Multi-interface servers in high-availability configurations 
  • Infrastructure teams optimizing network resilience 

A Deliberate Direction 

NGINX 1.29.6 and 1.29.7 represent our continued effort to align NGINX Open Source more closely with modern application requirements. Over the next several months, we will continue to release more commercial features as open source and, while subject to change, we have made these and other plans public in our new Github roadmap

Capabilities made available in NGINX 1.29.6 and 1.29.7, along with several bug and security fixes, mean that NGINX Open Source is now even more performant and production-ready. We encourage you to upgrade to NGINX 1.29.7 to take advantage of all the new features and ensure that you’re protected by all the latest security patches. 

View all updates and fixes in GitHub:  

1.29.6 -> https://github.com/nginx/nginx/releases/tag/release-1.29.6 

1.29.7 -> https://github.com/nginx/nginx/releases/tag/release-1.29.7 

Download NGINX and view the full changelog

NGINX Community Forum