Thank you so much for the response.
unai
Willy Tarreau wrote:
> Hello,
>
> On Thu, Feb 07, 2008 at 06:07:30PM +0800, Unai Rodriguez wrote:
>> Dear all,
>>
>> Would it be possible to set HAPROXY so it redirects traffic based on the
>> PROTOCOL?
>>
>> Something like this (I know the keywords don't exist, it is just a
>> hypothesis):
>>
>> [haproxy.cfg]
>> ...
>> ...
>> ...
>> listen http_requests 1.1.1.1:80 PROTOCOL=HTTP
>> ...
>> ...
>> ...
>>
>> listen tcp_requests 1.1.1.1:80 PROTOCOL=TCP
>> ...
>> ...
>> ...
>> [haproxy.cfg]
>>
>> NOTE: yeah, both listen on the same IP and port, the only difference is
>> the protocol.
>
> No that's not possible. I've thought about something like this in the past
> for the day SSL will be supported, but this would be possible only for
> protocols where the client talks first.
>
> You cannot mix general TCP with HTTP because you don't know whether you expect
> the client to talk or not in TCP mode. When a TCP connection establishes, its
> server-side equivalent is immediately established too and data are exchanged.
> In HTTP, we have to wait for client's request.
>
> For instance, if you're trying to do this to support both HTTP and SSH, it will
> not be possible. However, you may find proxies on the net which fit exactly
> that usage. They more or less wait for the client's request for a few seconds,
> and if it does not come, they consider it's pure TCP and connect to the TCP
> server. But this is still dirty because someone telneting to your HTTP port
> and not typing fast enough would suddenly notice this SSH version and discover
> the magic trick.
>
> Regards,
> Willy
>
>
Received on 2008/02/18 09:07