Hi,
behind my OpenWrt Router, i have a 2 Reverse Proxy's (HAPROXY). I'd like to setup a basic master/slave failover.
┌─────┐
│MODEM│
└─┬───┘
│
┌─┴─────────┐
│OpenWrt │
│192.168.1.1│
└─┬─────────┘
│
┌┴─────┐
│SWITCH│
└┬────┬┘
│ │
┌───────────┴┐ ┌┴───────────┐
│HAPROXY01 │ │HAPROXY02 │
│192.168.1.10│ │192.168.1.20│
└───────────┬┘ └┬───────────┘
│ │
┌┴────┴┐
│SWITCH│
└─┬────┘
│
┌─┴───────┐
│WebServer│
└─────────┘
OpenWrt has a Port Forward 443:WAN-IP to 443:HAPROXY-IP. Quite common so far.
I'd like build a a Failover for these two Reverse Proxys.
I was thinking for a simple solution to check when the Master Reverse Proxy is down, update the PortForward Destination to the Slave Node.
Changing the portforward Destination IP in the redirect rule from 192.168.1.10 to 192.168.1.20.
What would be the way to go. Is a reload of firewall rules enough or do i have to restart the Firewall after each redirect failover?
Dynmaic Routing depending on the health status of the Destination possible?
If A is down, send to B.
The other solution would be to use VRRP/keepalived on both HAProxy systems, and share a virtual IP between both. If the Reverse-Proxys have to distinguish on themselves, if they are master or slave, all the fan with quorum, fencing and splitbrain starts.
Therefore, at the moment i want to keep the focus on a solution to update the routing on my OpenWrt Device.
On the OpenWrt Router it's easy to distinguish which destination is reachable, i could keep static IP's on my destinations, also round-robin would be easier.
Any ideas how to do that on OpenWrt in an elegant way?