-
haproxy
while protecting your web servers from being exposed directly to the network.
The drawback of this model is that on multi-core systems, such programs usually scale poorly. That is why they must be optimized so that
each CPU cycle does more work.
Relay Instructions
Suppose your local computer is A, the haproxy server is B, and the Shadowsocks server is C. A
can of course connect directly to C, but as mentioned above, your local network often lacks sufficient international bandwidth, so the actual available speed is not very fast. Suppose B
is a server in a domestic data center. Generally speaking, the bandwidth of a data center server is much greater than that of your local network. A connects to B, and then B connects to C
to relay the traffic. In this way, although the cost increases somewhat, it can significantly improve the network bandwidth situation.
Supported systems
This script supports: CentOS, Debian, Ubuntu
Installation method
Log in as root to the server used for relaying and run the following command:
- # Debian/Ubuntu systems:
- apt–get –y install haproxy
- # Centos systems:
- yum –y install haproxy
The configuration directory is
/etc/haproxy/haproxy.cfg
Change the file contents to the following
global
defaults
log global
mode tcp
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend ss-in
bind *:6666
default_backend ss-out
backend ss-out
server server1 66.66.66.666 maxconn 20480
bind is the port to be forwarded
66.66.66.666 is the IP to be forwarded to
If you want multiple ports,
you can change bind *:6666 to bind *:10000-65000 so that ports between 10000 and 65000 can now be forwarded. Use the command
Start haproxy
service haproxy start
Restart
service haproxy restart
Stop
service haproxy stop
Possible issues
If iptable or firewalld is installed on CentOS 6 or 7 and the port is blocked
A direct way to handle it is to use:
Disable iptables
service iptables stop
Disable firewalld
service firewalld stop
You can also open the port in the firewall rules and then restart the haproxy server.