Best practise wanted websockets-offloading-multidomain-singleip

What would be the best practise to tick this functionality

I need to offload clients that are both using https and websocket using same port (443) they are using same domain, and differentiate from eachother with their subdomain and they share public ip, each client should to a separate backend.(1 to 1 mappning, no loadbalance) - only failover if service is down (to a generic backend)

I need to use ssl_fc_sni to catch subdomain for the websocket part. (iot devices with no control over)