diff --git a/oauthproxy.go b/oauthproxy.go
index 314b6862f..2270ca93b 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -16,6 +16,8 @@ import (
 	"strings"
 	"time"
 
+	"golang.org/x/net/http2"
+
 	"github.com/18F/hmacauth"
 	"github.com/openshift/oauth-proxy/cookie"
 	"github.com/openshift/oauth-proxy/providers"
@@ -91,11 +93,22 @@ func (u *UpstreamProxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	u.handler.ServeHTTP(w, r)
 }
 
-func NewReverseProxy(target *url.URL, UpstreamFlush time.Duration) (proxy *httputil.ReverseProxy) {
+func NewReverseProxy(target *url.URL, upstreamFlush time.Duration) (proxy *httputil.ReverseProxy) {
 	proxy = httputil.NewSingleHostReverseProxy(target)
-	proxy.FlushInterval = UpstreamFlush
+	proxy.FlushInterval = upstreamFlush
+
+	transport := &http.Transport{
+		MaxIdleConnsPerHost: 500,
+		IdleConnTimeout:     1 * time.Minute,
+	}
+	if err := http2.ConfigureTransport(transport); err != nil {
+		log.Printf("WARN: Failed to configure http2 transport: %v", err)
+	}
+	proxy.Transport = transport
+
 	return proxy
 }
+
 func setProxyUpstreamHostHeader(proxy *httputil.ReverseProxy, target *url.URL) {
 	director := proxy.Director
 	proxy.Director = func(req *http.Request) {
diff --git a/options.go b/options.go
index 51d3ad7ed..69eb08f2b 100644
--- a/options.go
+++ b/options.go
@@ -98,7 +98,7 @@ func NewOptions() *Options {
 		ProxyPrefix:         "/oauth2",
 		HttpAddress:         "127.0.0.1:4180",
 		HttpsAddress:        ":443",
-		UpstreamFlush:       time.Duration(5)*time.Millisecond,
+		UpstreamFlush:       time.Duration(5) * time.Millisecond,
 		DisplayHtpasswdForm: true,
 		CookieName:          "_oauth2_proxy",
 		CookieSecure:        true,