HAProxy 3.2: What's New, Release History & EOL Status

3.2.15

Latest release in branch 3.2
Released 1 month ago (March 19, 2026)

Software	HAProxy
Branch	3.2
Status	LTS Supported
End of life	April 01, 2030
First official release version	3.2.0
First official release date	10 months ago (May 28, 2025)
Release notes	https://www.haproxy.org/download/3.2/src/CHANGELOG
Source code	http://git.haproxy.org/?p=haproxy-3.2.git;a=tree;h=refs/tags/v3.2.15
Download	https://www.haproxy.org/download/3.2/
HAProxy 3.2 Releases	View full list

What Is New in HAProxy 3.2

Category	Key Updates
New Features	DNS over TCP, Dynamic TLS Record Sizing, HTTP/3 Support (Tech Preview), Lua Service Discovery
Improvements	HTTP compression, Logging, Prometheus Exporter, Stick Tables, Server Queue Priority
Bug Fixes	Numerous fixes across HTTP, DNS, SSL, Lua, and the runtime API
Deprecated	The `nbproc` configuration option and the `-sf` signal

How is DNS resolution more robust now?

HAProxy 3.2 adds native support for DNS over TCP. This is a big deal because it prevents resolution failures for large DNS responses that exceed the typical 512-byte UDP limit. In practice, this makes service discovery much more reliable when dealing with large DNS records or DNSSEC-enabled zones.

The resolver can now automatically fall back to TCP when a truncated UDP response is received. You just need to ensure your DNS server is configured to handle TCP queries.

What's new for TLS performance?

Dynamic TLS Record Sizing is a major performance enhancement. It optimizes network latency by dynamically adjusting the size of TLS records based on the type of traffic.

For bulk data transfers, it uses large records for higher throughput. For interactive traffic, it uses smaller records to reduce latency. This happens automatically and can significantly improve the user experience for HTTPS traffic.

Is HTTP/3 ready to use?

HTTP/3 support has been introduced as a tech preview. This allows you to start experimenting with the next-generation HTTP protocol which is built on QUIC instead of TCP.

Since it's a preview, it's not recommended for production workloads yet. You can enable it by adding the h3 option to a bind line. This lays the groundwork for full production-ready support in future releases.

How is service discovery improved?

You can now implement custom service discovery logic directly in Lua. The new core.register_service() function allows a Lua script to act as a DNS server, returning dynamic responses to HAProxy's resolver queries.

This is powerful for integrating with proprietary discovery systems or cloud metadata services that aren't supported by the built-in resolvers. Your Lua script gets the query and returns the IP addresses directly.

What else got better under the hood?

Logging & Observability

The Prometheus exporter now supports rich labels for metrics, and you can log the QUIC connection ID for better tracing of HTTP/3 sessions. The fc_pp_authority sample fetch was added to capture the :authority pseudo-header.

Stick Tables & Routing

Stick table counters can now be cleared using the clear table command. Server queue priority was added, allowing you to prioritize requests from certain clients when servers are busy.

HTTP Compression

The compression engine is now more efficient. It avoids trying to compress already compressed content types and supports the zstd compression algorithm.

FAQ

Should I enable HTTP/3 in production?
No, it is currently a tech preview. It's intended for testing and development to prepare for the future stable release. Avoid using it for critical production traffic at this time.

Do I need to change my DNS configuration for TCP support?
HAProxy will handle the TCP fallback automatically. You just need to make sure your upstream DNS server (e.g., Bind, CoreDNS) is configured to accept TCP queries on port 53, which is typically the default.

What replaces the deprecated nbproc option?
You should use thread groups instead. The modern configuration uses the nbthread and thread-groups directives for better performance and scalability on multi-core systems.

How do I use the new Lua service discovery?
You must write a Lua script that uses the new core.register_service() function to register a callback. This callback will receive DNS queries and must return a response containing the IP addresses for the requested name.

Is Dynamic TLS Record Sizing enabled by default?
Yes, it is enabled automatically. There's no need for any configuration change to benefit from this performance improvement for your TLS connections.

Releases In Branch 3.2

Version	Release date
3.2.15	1 month ago (March 19, 2026)
3.2.14	1 month ago (March 09, 2026)
3.2.13	2 months ago (February 19, 2026)
3.2.12	2 months ago (February 12, 2026)
3.2.11	2 months ago (January 29, 2026)
3.2.10	4 months ago (December 18, 2025)
3.2.9	5 months ago (November 21, 2025)
3.2.8	5 months ago (November 07, 2025)
3.2.7	5 months ago (October 23, 2025)
3.2.6	6 months ago (October 03, 2025)
3.2.5	6 months ago (September 23, 2025)
3.2.4	8 months ago (August 13, 2025)
3.2.3	9 months ago (July 09, 2025)
3.2.2	9 months ago (July 02, 2025)
3.2.1	10 months ago (June 11, 2025)
3.2.0	10 months ago (May 28, 2025)
3.2-dev17	11 months ago (May 21, 2025)
3.2-dev16	11 months ago (May 14, 2025)
3.2-dev15	11 months ago (May 09, 2025)
3.2-dev14	11 months ago (May 02, 2025)
3.2-dev13	11 months ago (April 30, 2025)
3.2-dev12	11 months ago (April 25, 2025)
3.2-dev11	1 year ago (April 18, 2025)
3.2-dev10	1 year ago (April 11, 2025)
3.2-dev9	1 year ago (April 02, 2025)
3.2-dev8	1 year ago (March 21, 2025)
3.2-dev7	1 year ago (March 07, 2025)
3.2-dev6	1 year ago (February 19, 2025)
3.2-dev5	1 year ago (February 08, 2025)
3.2-dev4	1 year ago (January 24, 2025)
3.2-dev3	1 year ago (January 09, 2025)
3.2-dev2	1 year ago (December 25, 2024)
3.2-dev1	1 year ago (December 11, 2024)
3.2-dev0	1 year ago (November 26, 2024)