OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: gfontaniere on May 10, 2020, 09:07:43 am

Title: HAProxy : redirection to 3 internal websites
Post by: gfontaniere on May 10, 2020, 09:07:43 am

My version of Opnsense : OPNsense 20.1.6-i386

Hi,

I have a problem with HAProxy. I'd like to do this :

(https://i.ibb.co/dLH4xCz/haproxy.png) (https://ibb.co/Hx9T3wk)
 
My configuration works only with 1 redirection to 1 website. When i activate 3 redirections it only redirects to the 1 same website. The 2 others are ignored.

Here is my configuration of HAProxy :

Real Servers :
-------------
server1.example.com --> 192.168.1.1:5000
server2.example.com --> 192.168.1.1:801
server3.example.com --> 192.168.1.7:80

Backends Pool :
--------------
server1-backend --> HTTP (Layer7) --> Source IP Hash --> server1.example.com
server2-backend --> HTTP (Layer7) --> Source IP Hash --> server2.example.com
server3-backend --> HTTP (Layer7) --> Source IP Hash --> server3.example.com

Public Services :
----------------
server1-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server1-backend
                       --> SSL Offloadind ON --> Certificates : server1.example.com
                       --> Rules --> Select Rules : server1-rule

server2-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server2-backend
                       --> SSL Offloadind ON --> Certificates : server2.example.com
                       --> Rules --> Select Rules : server2-rule

server3-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server3-backend
                       --> SSL Offloadind ON --> Certificates : server3.example.com
                       --> Rules --> Select Rules : server3-rule

Conditions :
-----------
server1-condition --> Condition : Host matches
                            --> Parameters : server1.example.com

server2-condition --> Condition : Host matches
                            --> Parameters : server2.example.com

server3-condition --> Condition : Host matches
                            --> Parameters : server3.example.com

Rules :
------
server1-rule --> Optionnal condition
                    --> Test type : IF --> Select condition : server1-condition --> Logical operator : AND
                    --> HAProxy function --> Execute function : Use specified Backend Pool
                    --> Parameters --> Use backend pool : server1-backend


server2-rule --> Optionnal condition
                    --> Test type : IF --> Select condition : server2-condition --> Logical operator : AND
                    --> HAProxy function --> Execute function : Use specified Backend Pool
                    --> Parameters --> Use backend pool : server2-backend

server3-rule --> Optionnal condition
                    --> Test type : IF --> Select condition : server3-condition --> Logical operator : AND
                    --> HAProxy function --> Execute function : Use specified Backend Pool
                    --> Parameters --> Use backend pool : server3-backend

Could you help me ?

Thanks a lot.

Title: Re: HAProxy : redirection to 3 internal websites
Post by: cmdr.adama on May 10, 2020, 09:25:06 am

What you are after is SNI based routing. Have a look at this blog post on HAProxy about how to set it up to do so https://www.haproxy.com/blog/enhanced-ssl-load-balancing-with-server-name-indication-sni-tls-extension/#choose-a-server-using-sni-aka-ssl-routing

Title: Re: HAProxy : redirection to 3 internal websites
Post by: gfontaniere on May 10, 2020, 10:50:43 am

Thank U. It works !

I use a map file to redirect requests to the right internal servers.

I follow these websites to aim my goal :
https://ops.tips/gists/replacing-haproxy-acls-by-haproxy-maps/
https://www.haproxy.com/fr/blog/introduction-to-haproxy-maps/



Services: HAProxy: Settings --> Map Files

(https://i.ibb.co/L9yGMDK/map-file.png) (https://ibb.co/h2Nqkx0)