Project

General

Profile

Feature #1425

Ability to Proxy Client to Server Connection Based On TLS SNI

Added by mrjester about 5 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
12/27/2016
Due date:
% Done:

0%

Estimated time:
OS:
Any

Description

Problem: Single v4 IP address from ISP. (v6 not available) Want to host multiple services from the v4 IP. Currently, I use SNI to route to the correct backend service.
Request: Add TLS SNI extention to client TLS handshake with server. Add in support for proxied traffic to the server if needed.

https://stackoverflow.com/questions/34741571/nginx-tcp-forwarding-based-on-hostname
https://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html
http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt

History

#1 Updated by mrjester about 5 years ago

After some discussion in #quassel, it seems this is significantly more complicated than just adding the SNI extension. Instead, I request that the new protocol support being reverse proxied.

Also available in: Atom PDF