7

I want to use haproxy to deploy one ftp proxy server. Here's scene:

ftp client <---> ftp-proxy-server(ip:10.0.1.1) <---> ftp-server(ip:172.126.1.1)

ftp server listen on port 21 for control command, data port range [20100-20199]

I had haproxy config on ftp-proxy-server:

listen ftp-proxy-server 10.0.1.1:21
    mode tcp
    server ftp-server 172.126.1.1:21

listen ftp-proxy-server 10.0.1.1:20100-20199
    mode tcp
    server ftp-server 172.126.1.1:20100-20199

Here's the question, I can successfully login ftp service from ftp-client, but failed to execute ls command which output "connection refused" message. I guess the reason is port mapping from ftp-proxy-server to ftp-server is random. So when ftp-client get a reserved port(e.g. 20101), but ftp-proxy-server may map it to another port(e.g. 20109), which is not the port ftp-server assigned to ftp-client.

I am think of one solution that configured 100 listens, one listen to one port, but it's complex to write the configure file. Is'there a simply configuration option to map port one by one? Just like 10.0.1.1:20001 -> 172.126.1.1:20001, 10.0.1.1:20002 -> 172.126.1.1:20002.

Welcome any answer:)

neil
  • 81
  • 1
  • 2
  • 4

2 Answers2

10

You have to remove the port range from the server definition. The haproxy documentation shows that the same port from the source is used for the destination.

listen ftp-proxy-server 10.0.1.1:20100-20199
    mode tcp
    server ftp-server 172.126.1.1
kirrmann
  • 480
  • 5
  • 15
1

For haproxy 1.5 on centos,

listen web *:8080-8090
    mode tcp
    server worker1 10.0.0.1
    server worker2 10.0.0.2

For haproxy 1.7 on debian,

listen web
    bind *:8080-8090
    mode tcp
    server worker1 10.0.0.1
    server worker2 10.0.0.2
wizawu
  • 1,881
  • 21
  • 33