Hi kvadrakot
I am not an expert in this at all,
You might have to have an http mode front end in order to use forwardfor.
It is possible to have 2 front ends listening on the same port, one in TCP mode and the other in HTTP mode. Its a bit convoluted but you take one tcp mode front end and split it into two internal backends which in turn forward to your 2 new front ends. You can see my working config in the last post of this thread: https://discourse.haproxy.org/t/challenges-proxying-to-rds-gateway/7761
And, note that in one of my earlier tests I did use the forwardfor option but I used it in the front end rather than the backend. My test config worked (this was an ssl bridging test) but I don’t know if it would also work putting it in the backend as you do.