I am running a datacenter for different customers and use HAProxy to different servers based on the domain they connect with. This works really great.
Now I want to extend this to allow our customers to also setup internal FTPS servers through a proxy.
The reason we do this is to preserve external IPs as much as possible.
As I understand it, FTP does support Host Headers as long as the FTP server have implemented that feature which Microsoft IIS (in this case) does.
My question is, how can I configure a HAProxy ACL to lookup the host header and direct traffic based on domain name?
I have tried the following without success:
#FRONTEND CONFIG
frontend fe_ftp
bind (haproxy-ip):21 transparent
bind (haproxy-ip):50010-50020 transparent
option tcplog
mode tcp
#ACL Lists
#FTP ACL
acl ftp-test.xyz.com req.ssl_sni -i ftp-test.xyz.com
use_backend be_ftp if ftp-test.xyz.com
#default_backend be_ftp
#BACKEND CONFIG
backend be_ftp
mode tcp
balance source
hash-type consistent
stick on src
stick-table type ip size 10240k expire 30m
server ftp-test.xyz.com 10.0.30.10 check port 21 inter 10s rise 2 fall 2
If I remove the comment on “default_backend be_ftp” everything works like a charm.