Hello @misc,
is it possible to configure relayd to act as a websocket proxy with
v6.2/v6.3?
I set up relayd as ssl accelerator:
excerpt from relayd.conf:
....
http protocol "httpfilter2" {
tcp { nodelay, sack, socket buffer 65536, backlog 100 }
return error
match request header set "Connection" value "close"
match header set "Keep-Alive" value "$TIMEOUT"
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value \
"$SERVER_ADDR:$SERVER_PORT"
tls { tlsv1, ciphers "HIGH:!ADH:!NULL:!RC4:-ECDH:ECDHE" }
}
...
relay webrtc_wsc {
listen on $webrtc_wsc_relayd_addr \
port $webrtc_wsc_relayd_port tls
protocol "httpfilter2"
transparent forward to <webrtc_wsc> port $webrtc_wsc_web_port \
mode loadbalance http "/" code 200
}
...
valid .key and .crt-files are placed in /etc/ssl/private and /etc/ssl.
First: "standard" SSL acceleration works fine without problems.
Second: websocket connections don't :-(
As far I can see websocket upgrade messages (decoded in wireshark as
"HTTP/1.1 101 Switching Protocols" packets) from the internal server are
replaced by relayd with packets with the RST-flag set directed to the
WAN client and the connection is closed.
My head-scratching question:
is this possible at all with relayd?
Or do I have to switch to nginx?
Regards
Andre Ruppert
No comments:
Post a Comment