Relayd config to forward traffic for two different FQDNs to two different ports on the same machine
This week had to come up with a relayd config on OpenBSD to forward incoming traffic over port 443 for two different FQDN's to two different ports on the same host.
Two different subdomain names to same host
So let's say that incoming traffic over port 443 for both name1.example.com and name2.example.com has to be forwarded to host 1.2.3.4, and that incoming traffic over port 443 for other.example.com has to be forwarded to host 1.2.4.5.
Two different ports
Let us say that incoming traffic over port 443 for name1.example.com has to be forwarded to port 4040 on host 1.2.3.4, and that incoming traffic over port 443 for name1.example.com has to be forwarded to port 8080 on the same host 1.2.3.4.
And that that incoming traffic over port 443 for other.example.com has to be forwarded to port 80 on the host 1.2.4.5.
Use a macro per FQDN
The solution I came up with, is the use of macros.
table <name1> { 1.2.3.4 }
table <name2> { 1.2.3.4 }
table <other> { 1.2.4.5 }
Forward to macro-names
Now we can set up some rules:
http protocol "twonames" {
match header set "X-Forwarded-For" value "$REMOTE_ADDR"
match header set "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
...
pass request quick header "Host" value "name1.example.com" forward to <name1>
pass request quick header "Host" value "name2.example.com" forward to <name2>
pass request quick header "Host" value "other.example.com" forward to <other>
...
}
Setup relay config
relay wwwtls {
listen on $ext_ip port https tls
protocol twonames
forward to <name1> port 4040
forward to <name2> port 8080
forward to <other> port 80
}
It works
In hindsight this looks easy, but it took my some time to figure out. Also, I don't know if this is the preferred way to do this. But it works :)
Made with ♥ by a human - Proud member of the 250kb.club and the Blogroll.Club.