Release Notes

HTTP REST API

List HAProxy Enterprise modules and their versions from the CLI

LUA support is now enabled in HAProxy

New lb-update features

• TLS session ticket keys

• Ability to launch an update from the CLI

• Optional logs

• Various fixes

TCP layer statistics are available in the form of new sample fetches (rtt, rtt variance, retransmits, losses, etc.)

New dst_is_local, src_is_local sample fetches make it easier to take care of locally initiated connections in contrast with remote connections

The peers protocol was updated to version 2.1 with support for synchronization of expiration dates

CLI keyword registration to allow modules to plug-in on the command line and receive actions (for example: refresh now)

SO_REUSEPORT can now be disabled with a new bind directive: noreuseport

New possibilities for accessing load balancer internals with LUA

Idle time in logs is now ignored by default for time measurements so that HTTP request time corresponds to the time elapsed between the first character and the full request. The handshake time is also available to measure the time spent in SSL/PROXY handshakes.

stick-tables now use native types to guarantee better accuracy of tracked information, especially binary keys

Mailers now support a configurable connection timeout

Changing server address, port and checkport is now possible from the CLI

New tcp-request session rule-sets makes it possible to track some L5-only information, for example anything negotiated in the handshake such as SSL DN or the client's IP address as passed by the PROXY protocol. Previously it was needed to do it in tcp-request content rules, which would count one new connection event per request.

New stats field for denied connections and denied sessions

New hash-balance-factor directive for consistent hashing method

New http-response rule track-sc

SSL/TLS

• SNI filters supported in multi-type certificates