Exposing through 443 with TLS multiple protocols

cruizba · July 28, 2024, 6:10pm

Hi everyone,

I’ve been experimenting with the Caddy Layer 4 module because I see a lot of potential in it. I have a question about its capabilities and whether something specific is possible.

I want to expose two services over port 443 with TLS with a domain name: one HTTP server and one TURN server. I noticed that Layer 4 can be configured using the layer4.matchers.regexp.

Is it possible to use this matcher to multiplex traffic to both servers over port 443 with TLS?

I was considering the following approach:

Identify TURN bytes in TCP traffic with layer4.matchers.regexp
If a regex match is found, forward the traffic to the TURN server.
If no match is found, fall back to the HTTP server.

I’m curious if this setup is feasible or if my assumptions are incorrect.

Best regards.

francislavoie · July 29, 2024, 6:42am

It should be possible. Is “TURN over TLS” a thing? You’d need a tls handler first to unwrap the TLS connection, and then you can match the bytes to see if it’s HTTP or TURN traffic then proxy it where it needs to go.

cruizba · July 29, 2024, 11:21am

Yes! Turn over TLS exists (turns). It’s the last resort when a WebRTC direct UDP or TCP connection is not possible

I will try it and let you know

Thanks for your answer!

system · August 28, 2024, 11:21am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.