OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: gfontaniere on May 10, 2020, 09:07:43 am
-
My version of Opnsense : OPNsense 20.1.6-i386
Hi,
I have a problem with HAProxy. I'd like to do this :
(https://i.ibb.co/dLH4xCz/haproxy.png) (https://ibb.co/Hx9T3wk)
My configuration works only with 1 redirection to 1 website. When i activate 3 redirections it only redirects to the 1 same website. The 2 others are ignored.
Here is my configuration of HAProxy :
Real Servers :
-------------
server1.example.com --> 192.168.1.1:5000
server2.example.com --> 192.168.1.1:801
server3.example.com --> 192.168.1.7:80
Backends Pool :
--------------
server1-backend --> HTTP (Layer7) --> Source IP Hash --> server1.example.com
server2-backend --> HTTP (Layer7) --> Source IP Hash --> server2.example.com
server3-backend --> HTTP (Layer7) --> Source IP Hash --> server3.example.com
Public Services :
----------------
server1-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server1-backend
--> SSL Offloadind ON --> Certificates : server1.example.com
--> Rules --> Select Rules : server1-rule
server2-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server2-backend
--> SSL Offloadind ON --> Certificates : server2.example.com
--> Rules --> Select Rules : server2-rule
server3-public --> Listen Addresses : 0.0.0.0:443 --> Default Backend Pool : server3-backend
--> SSL Offloadind ON --> Certificates : server3.example.com
--> Rules --> Select Rules : server3-rule
Conditions :
-----------
server1-condition --> Condition : Host matches
--> Parameters : server1.example.com
server2-condition --> Condition : Host matches
--> Parameters : server2.example.com
server3-condition --> Condition : Host matches
--> Parameters : server3.example.com
Rules :
------
server1-rule --> Optionnal condition
--> Test type : IF --> Select condition : server1-condition --> Logical operator : AND
--> HAProxy function --> Execute function : Use specified Backend Pool
--> Parameters --> Use backend pool : server1-backend
server2-rule --> Optionnal condition
--> Test type : IF --> Select condition : server2-condition --> Logical operator : AND
--> HAProxy function --> Execute function : Use specified Backend Pool
--> Parameters --> Use backend pool : server2-backend
server3-rule --> Optionnal condition
--> Test type : IF --> Select condition : server3-condition --> Logical operator : AND
--> HAProxy function --> Execute function : Use specified Backend Pool
--> Parameters --> Use backend pool : server3-backend
Could you help me ?
Thanks a lot.
-
What you are after is SNI based routing. Have a look at this blog post on HAProxy about how to set it up to do so https://www.haproxy.com/blog/enhanced-ssl-load-balancing-with-server-name-indication-sni-tls-extension/#choose-a-server-using-sni-aka-ssl-routing
-
Thank U. It works !
I use a map file to redirect requests to the right internal servers.
I follow these websites to aim my goal :
https://ops.tips/gists/replacing-haproxy-acls-by-haproxy-maps/
https://www.haproxy.com/fr/blog/introduction-to-haproxy-maps/
Services: HAProxy: Settings --> Map Files
(https://i.ibb.co/L9yGMDK/map-file.png) (https://ibb.co/h2Nqkx0)