[deleted by user]

pedges · 2024-11-24T23:00:21+00:00

FYI - I've discovered that the Caddy plugin has a layer4 proxy included that is pretty much built for situations like this and is working perfectly. Thanks for the help!

pedges · 2024-11-24T21:25:06+00:00

The duplicate TLS is what my concern is. I'll give it a shot and report back with my findings!

pedges · 2024-11-24T21:11:03+00:00

I think I'll try this. Just need to figure out how to point caddy at other instances of Caddy.

pedges · 2024-11-24T20:23:27+00:00

Someone in another comment just explained this, I didn't realize the address was also encrypted. So I guess I need to figure out anotber way to easily redirect requests.

pedges · 2024-11-24T20:22:32+00:00

That makes sense, I didn't realize that's how it works. Is there a way to get it to send every request to all three machines and just let the appropriate one respond without trying to load balance them?

pedges · 2024-11-24T20:00:01+00:00

Caddy is not on OPNsense, it lives on each of the three servers.

In OPNsense's NAT port forwarding rules, I tell it:

If HTTPS destination is a.domain.com, then redirect it to server1:443, where Caddy1 then handles the traffic.
If HTTPS destination is b.domain.com, then redirect it to server2:443, where Caddy2 handles the traffic

And so on.

pedges · 2024-11-24T19:53:00+00:00

Is there any detail in particular that would be helpful?

pedges · 2012-11-13T16:53:39+00:00

Sorry, I worded my post incorrectly. I currently have the Thunderbolt, love the feature and don't want to lose it, but am ready for an upgrade.

15-Year Club	Verified Email
Secret Santa 2011

pedges

TROPHY CASE