Hello all! I am currently trying to configure HAPROXY to load balance everything in our Windows RDS environment. I followed (http://blog.haproxy.com/2015/04/01/microsoft-remote-desktop-services-rds-load-balancing/) and it works awesomely for 95% of what I need it to do. I found out after the configuration, that MS uses UDP to help optimize their remote desktop connections, which, HAPROXY does not support load balancing of UDP.
My question: If I know the port number, (in my case, 5060, but the default is 3391) can I have HAPROXY just ignore the type of traffic it is and forward it blindly on to the gateways I specify? If not, is there something else I can put on the HAPROXY boxes that will help transport that data, or should I start from scratch with a new load balancer. Below, is my config. Some DNS Names have been changed to protect the innocent.
frontend ft_rdweb mode tcp bind 10.40.1.196:443 name rdp bind 10.40.1.196:80 timeout client 12h log global option tcplog tcp-request inspect-delay 2s tcp-request content accept if RDP_COOKIE default_backend bk_rdweb backend bk_rdweb mode tcp balance source persist rdp-cookie timeout server 1h timeout connect 4s log global option tcplog default-server inter 3s rise 3 fall 2 server dev-rdweb01.dev.company.com 10.40.1.60:443 check server dev-rdweb02.dev.company.com 10.40.1.61:443 check server dev-rdweb01.dev.company.com 10.40.1.60:80 check server dev-rdweb02.dev.company.com 10.40.1.61:80 check frontend ft_rdgw bind 10.40.1.194:443 bind 10.40.1.194:5060 mode tcp timeout client 12h log global default_backend bk_rdgw backend bk_rdgw balance source mode tcp timeout server 1h timeout connect 4s log global server dev-rdgw01.dev.company.com 10.40.1.73:443 check check-ssl verify none server dev-rdgw02.dev.company.com 10.40.1.71:443 check check-ssl verify none server dev-rdgw01.dev.company.com 10.40.1.73:5060 check check-ssl verify none server dev-rdgw02.dev.company.com 10.40.1.71:5060 check check-ssl verify none frontend ft_companyweb mode tcp bind 10.40.1.122:443 bind 10.40.1.122:80 timeout client 12h log global option tcplog default_backend bk_companyweb backend bk_companyweb mode tcp balance roundrobin timeout server 1h timeout connect 4s log global option tcplog server devweb01.dev.company.com 10.40.1.169:443 check server devweb01.dev.company.com 10.40.1.169:80 check server devweb02.dev.company.com 10.40.1.92:443 check server devweb02.dev.company.com 10.40.1.92:80 check #Stats page http://10.40.1.231:9000/ listen statistics bind *:80 mode http log global stats enable stats refresh 30s stats show-node stats show-legends stats show-desc stats auth letme:in stats uri /stats [link] [comments]