HAProxy (High Availability Proxy) is an open-source, TCP and HTTP load balancer used to distribute incoming connections across multiple backend servers. It is widely used for its high performance, reliability, and scalability.
It is capable of handling and forwarding incoming requests based on various load balancing algorithms, such as Round Robin, Least Connections, Source IP Hash, URI Hash, URL Parameter Hash, Static Round Robin, and First Available and terminate SSL/TLS connections (offloading), content caching, compression, request and response rewriting, health checks, and detailed logging.
Loadbalancing SOCKS5 connections over multiple other SOCKS5 proxies is a way to maximize the performance when using Open Proxy Servers for example. Checkout a frequently updated list of servers at [Link].
COMPARISON (basic and superficial based on my experience)
- Apache
- It is a fully flagged web server that is also capable of running WAF (e.g.
modsecurity) plus working as a reverse proxy.
- It is a fully flagged web server that is also capable of running WAF (e.g.
- NGINX
- It is also a fully flegged web server but lighter than Apache.
- Varnish
- Super powerful reverse proxy technology for offloading backend web applications by caching and encryption termination.
- HAProxy
- A proxy capable of load balancing not only HTTP/HTTPS but also any TCP and UDP traffic.
Note: many could argue that most of the features are common to all of the solutions mentioned above, and it is true. But that is how I prefer to use them for.
INSTALLATION
sudo apt update && sudo apt upgrade -y sudo apt install haproxy -y sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bkp sudo nano /etc/haproxy/haproxy.cfg
LOADBALACING TCP TRAFFIC
For the following example the SOCKS5 Loadbalancer will listen on port 1080 of all interfaces. It will forward each new connection (in a round-robin fashion) to one of the SOCKS4 proxy servers (in this case on local host ports 9050 to 9059).
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
maxconn 4096
user haproxy
group haproxy
defaults
log global
mode tcp
option tcplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
listen socks5
bind :1080
mode tcp
balance roundrobin
server server0 127.0.0.1:9050
server server1 127.0.0.1:9051
server server2 127.0.0.1:9052
server server3 127.0.0.1:9053
server server4 127.0.0.1:9054
server server5 127.0.0.1:9055
server server6 127.0.0.1:9056
server server7 127.0.0.1:9057
server server8 127.0.0.1:9058
server server9 127.0.0.1:9059
sudo systemctl restart haproxy
Note: as one may guess, this SOCKS5 Loadbalancer can be used to distribute the traffic to a Tor connection over multiple circuits. It requires the Tor service to be configured to listen on multiple ports and run as a daemon.
sudo nano /etc/tor/torrc
... SocksPort 0.0.0.0:9050 SocksPort 0.0.0.0:9051 SocksPort 0.0.0.0:9052 SocksPort 0.0.0.0:9053 SocksPort 0.0.0.0:9054 SocksPort 0.0.0.0:9055 SocksPort 0.0.0.0:9056 SocksPort 0.0.0.0:9057 SocksPort 0.0.0.0:9058 SocksPort 0.0.0.0:9059 ... RunAsDaemon 1 ...
sudo nano /lib/systemd/system/tor.service
... ExecStart=/usr/sbin/tor -f /etc/tor/torrc ...
BONUS
On the following example a different syntax in being used. Instead of a single block, two blocks are being used. One for the frontend and another to the backend.
frontend http-inbound-traffic
bind :80
mode http
default_backend apache-servers
backend apache-servers
mode http
balance leastconn
server apache1 10.1.1.100
server apache2 10.1.1.200:8080