Text only | Text with Images

OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: Tubs on January 05, 2025, 09:02:35 PM

Title: Caddy: use case "Proxy TCP/UDP on Layer 4"
Post by: Tubs on January 05, 2025, 09:02:35 PM
Hello,

what is the advantage of using "Proxy TCP/UDP on Layer 4 (https://docs.opnsense.org/manual/how-tos/caddy.html#proxy-tcp-udp-on-layer-4)" by Caddy instead of using port forwarding in OPNsense?

I just migrated from HAProxy to Caddy. Reverse proxy (https://docs.opnsense.org/manual/how-tos/caddy.html#creating-a-simple-reverse-proxy) with TLS termination and TLS (SNI) Multiplexing on HTTPS Port (https://docs.opnsense.org/manual/how-tos/caddy.html#tls-sni-multiplexing-on-https-port) with TLS passthrough were easy to set-up and just work fine. It was a pain to get this combination running in HAProxy.

Not clear to me is what a use case for "Proxy TCP/UDP on Layer 4" could be where it is better to use Caddy instead of just do port forwarding.
Title: Re: Caddy: use case "Proxy TCP/UDP on Layer 4"
Post by: Monviech (Cedrik) on January 05, 2025, 09:23:34 PM
A common use case would be to translate from externally IPv6 to internally IPv4, or load balance between multiple targets.

Otherwise without an additional layer 7 matcher it has no real benefit from port forward.
Title: Re: Caddy: use case "Proxy TCP/UDP on Layer 4"
Post by: Tubs on January 06, 2025, 07:08:19 PM
Thank you.
Text only | Text with Images