Hi Julien

While you could do this with multiple ACLs or a regex, there is a third
option which is even better: use the hdr_end() function instead of hdr().

>From the doc (http://haproxy.1wt.eu/download/1.4/doc/configuration.txt, see
section "7.5.3. Matching at Layer 7"):

-----8<-----
hdr_end <string>
hdr_end(header) <string>
  Returns true when one of the headers ends with one of the strings. See
"hdr"
  for more information on header matching. Use the shdr_end() variant for
  response headers sent by the server.
-----8<-----

If you changed your ACL definitions to this, it would work the way you
expect it to:

      acl host_hdr_siteA hdr_end(host) -i sitea.com
      acl host_hdr_siteB hdr_end(host) -i siteb.org
      acl host_hdr_siteC hdr_end(host) -i sitec.net

There are several hdr_* functions described in the doc, including one for
regex, but the doc warns that regex matching is slower than simple string or
substring matching, so hdr_end is a better choice in your case.

Regards,
Graeme.


On 1 September 2010 11:51, Julien Vehent <[email protected]> wrote:

> Hi there,
>
> I have a quick question for which I haven't found any answer in the doc.
> I use haproxy as a host balancer: it stands in front of my web servers,
> listening on port 80, and directs incoming requests to the good backend
> depending on the value of the host header (site1, site2, and so on...).
>
> I have a frontend section as follow :
>
> ###
> frontend http-in
>       bind *:80
>       default_backend siteX
>
>       acl host_hdr_siteA hdr(host) -i sitea.com
>       acl host_hdr_siteB hdr(host) -i siteb.org
>       acl host_hdr_siteC hdr(host) -i sitec.net
>
>       use_backend siteA if host_hdr_siteA
>       use_backend siteB if host_hdr_siteB
>       use_backend siteC if host_hdr_siteC
> ###
>
> The only thing is that the ACLs seem to match only exact value. Thus, if
> somebody tries 'www.sitea.com' instead of 'sitea.com', the acl of sitea
> doesn't match and the visitor is directed to the default backend.
>
> My question is: what is the clean way to do this ? Should I have two ACLs
> for the same site or can I use regex on header matching ?
>
> (or all of this is just simply wrong, in which case how can/should I do it
> :) )
>
> Thanks,
> Julien
>
>
>

Reply via email to