cluck
commented
3 weeks ago I'm currently investigating why use_backend %[req.ssl_sni,lower,map(..., default_pool)] is not working as expected. When I log req.ssl_sni it is always undefined, while if I remove the default_pool from the use_backend it gets set. Workaround is either to not support defaults with SNI, or to work with e.g. tcp-request content set-var(...,ifnotset).
Also need to swap map_dom with map_str, and add map_dom as match type option.
This adds two options to the "Map domains to backend pools using a map file". One of the options is addressing https://github.com/opnsense/plugins/issues/3641.
The first option adds all map_dom, map_str, map_beg, map_end and map_reg (regex) support.
The second option adds SNI support.
Defaults are chosen such that existing setups don't change behavior.
I am currently testing this in our lab, but the more testing this gets the better.