I am trying to apply HAProxy acl to choose mqtt broker backend is not working. I have tried following HAProxy configurations.
Environment:
HAProxy version: 1.8.19
MQTT Broker: EMQ X Broker version 3.0
Sample Config 1
listen mqtt
bind *:80
mode tcp
maxconn 50000
acl mqtt-request hdr_beg(host) -i mqtt.mydoamin.com
use_backend backend_mqtt if mqtt-request
backend backend_mqtt
mode tcp
server smg1 192.168.0.100:1883 check
Sample Config 2
listen mqtt
bind *:80
mode tcp
maxconn 50000
acl mqtt_request req.payload(4,15) -m sub mqtt.mydoamin.com
tcp-request content accept if mqtt_request
use_backend backend_mqtt if mqtt_request
backend backend_mqtt
mode tcp
server smg1 192.168.0.100:1883 check
Sample Config 3
listen mqtt
bind *:80
mode tcp
maxconn 50000
acl host_mqtt hdr(host) -i mqtt.mydoamin.com
use_backend backend_mqtt if host_mqtt
backend backend_mqtt
mode tcp
server smg1 192.168.0.100:1883 check
Sample Config 4
listen mqtt
bind *:80
mode tcp
maxconn 50000
use_backend backend_mqtt if { hdr_end(host) -i mqtt.mydoamin.com }
backend backend_mqtt
mode tcp
server smg1 192.168.0.100:1883 check
None of above configurations is working to match the host (mqtt.mydoamin.com).
Best Answer
If you're using
mode tcp
in haproxy then you can't match HTTP headers withhdr()
etc.Is HTTP being spoken on this connection? Then use
mode http
. If not (you're actually using MQTT protocol on port 80) then you cannot match the hostname, as that is not communicated over the connection. You can only use different MQTT brokers on one system by using differing IP addresses and/or different port numbers.