diff --git a/administration/http-proxy.md b/administration/http-proxy.md
index 5ce973c49..13d2f33de 100644
--- a/administration/http-proxy.md
+++ b/administration/http-proxy.md
@@ -13,3 +13,14 @@ The `HTTP_PROXY` environment variable is a [standard way](https://docs.docker.co
 
 **Note**: HTTP proxy is also supported using the [HTTP output plugin](https://docs.fluentbit.io/manual/pipeline/outputs/http). This configuration continues to work, however it _should not_ be used together with the `HTTP_PROXY` environment variable. This is because under the hood, the `HTTP_PROXY` environment variable based proxy support is implemented by setting up a TCP connection tunnel via [HTTP CONNECT](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/CONNECT). Unlike the plugin's implementation, this supports both HTTP and HTTPS egress traffic.
 
+# NO_PROXY
+
+In some environments, we wish HTTP traffic for some domains don't go through the HTTP_PROXY, and this is where we need to use `NO_PROXY` environment variable.
+
+`NO_PROXY` is a comma-separated list of host names that shouldn't go through any proxy is set in (only an asterisk, * matches all hosts), e.g. `foo.com,bar.com`. This is as a [curl convention](https://curl.se/docs/manual.html).
+
+One typical use case for `NO_PROXY` is when running fluent-bit in a Kubernetes environment, where we want:
+
+* All real egress traffic goes through a HTTP proxy.
+* All "Kubernetes local" traffic does not go through the HTTP proxy.
+* We can set `NO_PROXY=127.0.0.1,localhost,kubernetes.default.svc` in this case.