5

Situation

I created the following setup on OpenBSD:

vm-server-structure

So I have my OpenBSD server on 192.168.1.250 redirecting all http-requests to the host-vm on 192.168.30.2.

The host-vm itself operates nginx for redirecting subdomain-requests like so:

## the virtual server for the foo-vm
server {
    listen 80;
    server_name foo.hermes-technology.de;

    location / {
        proxy_pass http://192.168.30.3;
    }
}

## the virtual server for the bar-vm    
server {
    listen 80;
    server_name bar.hermes-technology.de;

    location / {
        proxy_pass http://192.168.30.4;
    }
}
  • So if users send a http-request to foo.hermes-technology.de this request will be redirected to the host-vm.
  • Thereafter the host-vm redirects the request based on the name of the subdomain to the local ip of the foo-vm.

Question

I would like to be dependent only on base packages of OpenBSD, so my question is:

How is it possible to redirect subdomain requests on the host machine to other local ip-addresses, achieving the same result as above only using httpd and relayd?

More Information

If you need or want more information on this setup for answering my question I have a writeup of the whole configuration here: blog.hermes-technology.de.

Jan
  • 107
  • 1
  • 8

1 Answers1

9

concerning relayd I guess something like would achieve what you want :

This defines the ip where you can find the foo "service" it's a list of host basically (pf style)

table <fooservice> { 192.168.30.3 }
table <barservice> { 192.168.30.4 }

Here you define a template for the rules to apply in a relay section you match the request with the header Host being foo.hermes-technology.de and in that case you forward to the host being in the table fooservice in the relayd manual they say that the forward section needs a matching forward instruction in the relay section

http protocol "httpproxy" {

    pass request quick header "Host" value "foo.hermes-technology.de" \
        forward to <fooservice>

    pass request quick header "Host" value "bar.hermes-technology.de" \
        forward to <barservice>
    block
}

This defines the relay and uses both the tables and the protocol defined above.

relay "proxy" {
    listen on 192.168.30.2 port 80
    protocol "httpproxy"

    forward to <fooservice> port 80
    forward to <barservice> port 80
}
Aaron Miller
  • 107
  • 2
Pierre-Alain TORET
  • 1,254
  • 8
  • 14
  • Thank you, I will try this out as soon as I'm connected to the server tomorrow. Could you provide some additional information, like what each section does and means, and how those commands work and why? That would be great. – Jan Jul 02 '17 at 11:45
  • 1
    @Jan I updated with more details and a foo/bar distinction :) I hope it's clearer – Pierre-Alain TORET Jul 02 '17 at 19:39
  • Thank you for the Update! I'm trying it out right now, but its not completely working when I have more than 2 services: e.g. --- **foo.hermes-technology.de -> fooservice** --- **bar.hermes-technology.de -> barservice** --- **other.hermes-technology.de -> fooservice** --- Although `other.hermes-technology.de` should lead to `otherservice`. – Jan Jul 04 '17 at 11:49
  • Hm weird, if I define only **one** protocol (e.g. called "protoreverseproxy") that encloses all three `match request ...` rules then it works perfectly fine. Maybe we should update your answer accordingly, although I really don't know why this behavior occurs. – Jan Jul 04 '17 at 13:12
  • I implemented it as I wrote in my last comment: [Configuring relayd on the host-vm](http://blog.hermes-technology.de/openbsd/server/virtualmachine/network/2017/06/12/vmd-for-a-virtual-server-network.html#configuring-relayd-on-the-host-vm) – Jan Jul 04 '17 at 14:40
  • @Jan I see you have edited the post :) thank you ! So does it work as expected now ? – Pierre-Alain TORET Jul 05 '17 at 07:19
  • 1
    Yes everything is working now, thank you for your answer! Now I understand how relayd is working. :D – Jan Jul 05 '17 at 08:19