Skip to content
KS
Til Nginx Upstream Keepalive
0%
Til Nginx Upstream Keepalive
0%
BlogProjectsDirectory

© 2026 Karanveer Singh Shaktawat

Last updated: May 15, 2026

  2. Blog
  3. TIL: Nginx upstream keepalive Cuts Latency on Internal Services
Back to Blog
January 20, 20261 min read·260 wordsGrade 8

TIL: Nginx upstream keepalive Cuts Latency on Internal Services

Without keepalive on Nginx upstream blocks, every proxied request opens a new TCP connection to your backend. One directive fixes this.

nginxinfrastructureperformancetil

By default, Nginx closes the connection to your upstream server after each request. For every proxied request: TCP handshake → request → response → TCP teardown. On internal services (same datacenter, low latency), this is still 1–2ms of overhead per request. At 1000 req/s, that's 1–2 seconds of pure TCP overhead per second.

The fix

nginx
upstream app_backend {
  server 127.0.0.1:3000;
  keepalive 32;  # maintain up to 32 idle connections to the backend
}

server {
  location / {
    proxy_pass http://app_backend;
    proxy_http_version 1.1;           # required for keepalive
    proxy_set_header Connection "";   # clear the Connection: close header
  }
}

keepalive 32 tells Nginx to keep up to 32 idle connections open to the upstream. proxy_http_version 1.1 is required — HTTP/1.0 doesn't support keepalive. Connection "" clears the header that would otherwise signal connection closure.

How much it matters

On the Prachyam Nextcloud setup, adding upstream keepalive dropped median response time on the WebDAV API from ~18ms to ~11ms — a 38% reduction just from not doing the TCP handshake on every request.

For a low-traffic portfolio it's marginal. For any service handling real concurrency, it's meaningful.

Verify it's working

Share:TwitterLinkedIn
KS

Karanveer Singh Shaktawat

Full Stack Engineer & Infrastructure Architect

Building portfolio, contributing to open source, and seeking remote full-time roles with significant technical ownership.

More posts

Stay in the loop

Pick what you want to hear about — I'll only email when it's worth it.

Did this resonate?

Love
Fire
Insightful
Clap
Thought-provoking

Comments

Loading comments...

Semantically related

tech100% match

TIL: Docker Layer Cache Invalidation Is Sequential

One changed line in a Dockerfile invalidates every layer after it. Ordering your Dockerfile with this in mind cuts rebuild times dramatically.

Feb 20, 20261 min read
tech98% match

TIL: Nextcloud Chunked Upload via WebDAV

How Nextcloud handles large file uploads under the hood, and how to implement chunked uploads manually when the desktop client isn't an option.

Previous

TIL: PgBouncer Transaction Mode vs Session Mode

Next

How I Vibe Code: Building Software with AI as a Co-Pilot

On this page

  • The fix
  • How much it matters
  • Verify it's working
  • The tradeoff
Bash
# Watch Nginx's upstream connections
watch -n1 'ss -tnp | grep :3000'

# Without keepalive: connections appear and disappear on every request
# With keepalive: you see persistent ESTABLISHED connections between requests

No spam. Unsubscribe anytime.

The tradeoff

More idle connections held open = more file descriptors. For a small internal service, keepalive 8–16 is plenty. Don't set it to 1000 — you'll exhaust file descriptors before you benefit.

Mar 18, 20261 min read
tech97% match

TIL: Postfix Queue Management Under Load

How Postfix queues work, why they pile up, and the exact commands to drain, inspect, and recover them when things go sideways.

Apr 8, 20261 min read