Hi,
for weird reasons I need to implement RELAYD (OpenBSD 6.5) to balance a
service running on the same host but on multiple ports.
something like:
---------------------------------------
protocol "proto_MyHttpProxyWithSSL" {
tcp { nodelay, sack, socket buffer 65536, backlog 100 }
match header append "X-Forwarded-For" value "$REMOTE_ADDR" servers
match header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match header set "Connection" value "close"
match header set "Keep-Alive" value "$TIMEOUT"
tls { no tlsv1.0, ciphers "HIGH" }
}
relay "relay_MyHttpProxyWithSSL" {
listen on $ext_ip port 20101 tls
protocol proto_MyHttpProxyWithSSL
forward to 1.1.1.1 port { 20101 20102 20103 }
}
---------------------------------------
obviously this doesn't work..
so I found that it is possible to specify "forward to" multiple times
forward to 1.1.1.1 port 20101
forward to 1.1.1.1 port 20102
forward to 1.1.1.1 port 20103
but manpage says "subsequent entries will be used as the backup table if
all hosts in the previous table are down".
and anyway even this solution doesn't work
relayd[65845]: /etc/relayd.conf:197: relay relay_MyHttpProxyWithSSL target
or redirection already specified
is there a way to implement this without using PF?
