Skip to content

pfsense_2_3_haproxy_sni_plus_offloading_backends

PiBa-NL edited this page Jan 9, 2016 · 4 revisions

Frontends on 1 IP serving websites from several backends

Features used: acl's / actions / offloading / SNI / certificates

  • Some HTTPS traffic is forwarded as-is to the backend while using SNI to select differentiate between different domains
  • Some HTTPS traffic is decrypted on haproxy, then host header is used for selecting the backend
  • For some domains HTTP traffic is redirected to HTTPS, others are served by the default backend.

If SNI backend selection without offloading is not required for some, then Frontend2 does not need to be configured, and Frontend3 should be configured to listen on WAN:443

Frontend / Backend overview

Frontend 1

Frontend 2

Frontend 3

Backends

offloading backend with special check

Stats

You can’t perform that action at this time.