I have a FreeBSD server at domain.com that resolves to 1 public WAN IP address, running several jails with each jail running various services.
I would like to run a (reverse) proxy on that server, so when a client asks for a service at A.domain.com, the proxy would forward the service request to the appropriate Jail A.
The service request could be anything, not just an http request.
(A,B,C).domain.com resolves to the same 1 public IP where SERVER is hosted, running the (Reverse) PROXY service.
Each Jail (A,B,C) has it's own private lan IP
Each jail runs several services (i.e. sshd [22], httpd [443], zeromq [5535] etc)
The SERVER accepts connections on these ports (22,443,5535 etc.) and depending on the Client's request to (A,B,C).domain.com, "forwards" the request to the appropriate Jail (A,B or C) via the PROXY.
i.e
Client.A (ssh user@A.domain.com:22) --> [SERVER/PROXY.domain.com:22] --> Jail.A A.domain.lan:22
Client.B (zeromq_subscribe B.domain.com:5535) -> [SERVER/PROXY.domain.com:5535] --> Jail.B B.domain.lan:5535
If these were just http requests, this could easily be done for example with nginx reverse proxy.
But how could you forward service requests based not only on IP/Domain (Layer 3) but combined also also with Application protocols (Layer 7) and/or data transfer protocols (Layer 4)?
Is net/haproxy what I am looking for, or am I missing a complete different implementation for example with pf and NAT/Port forwarding under FreeBSD?
Thank you in advance for your time.
I would like to run a (reverse) proxy on that server, so when a client asks for a service at A.domain.com, the proxy would forward the service request to the appropriate Jail A.
The service request could be anything, not just an http request.
Code:
Client.A -> A.domain.com --| |--> Jail.A A.domain.lan (local IP.A)
| [SERVER.domain.com] |
Client.B -> B.domain.com --|--> (PROXY) --> |--> Jail.B B.domain.lan (local IP.B)
| (1 public IP) |
Client.C -> C.domain.com --| |--> Jail.C C.domain.lan (local IP.C)
Each Jail (A,B,C) has it's own private lan IP
Each jail runs several services (i.e. sshd [22], httpd [443], zeromq [5535] etc)
The SERVER accepts connections on these ports (22,443,5535 etc.) and depending on the Client's request to (A,B,C).domain.com, "forwards" the request to the appropriate Jail (A,B or C) via the PROXY.
i.e
Client.A (ssh user@A.domain.com:22) --> [SERVER/PROXY.domain.com:22] --> Jail.A A.domain.lan:22
Client.B (zeromq_subscribe B.domain.com:5535) -> [SERVER/PROXY.domain.com:5535] --> Jail.B B.domain.lan:5535
If these were just http requests, this could easily be done for example with nginx reverse proxy.
But how could you forward service requests based not only on IP/Domain (Layer 3) but combined also also with Application protocols (Layer 7) and/or data transfer protocols (Layer 4)?
Is net/haproxy what I am looking for, or am I missing a complete different implementation for example with pf and NAT/Port forwarding under FreeBSD?
Thank you in advance for your time.