Learn to setup HAProxy on OPNsense with step-by-step guidance, backend setup, ACLs, actions, and frontend configuration for smooth traffic handling. Our Live Support team is always here to help you.
How to Setup HAProxy on OPNsense for Reliable Load Balancing
Handling multiple servers and directing traffic efficiently can be challenging. Using HAProxy on OPNsense makes this task manageable. This guide walks you through how to setup HAProxy OPNsense, covering everything from backend configuration to starting the service.
An Overview
Installing HAProxy Plugin
First, you need to install the HAProxy plugin (os-haproxy) from the plugins view in OPNsense. Once installed, you can begin configuring your servers and traffic rules.
Configure Your Backend Servers
The initial step is setting up backend servers. Navigate to the Servers page and click + to create a new server. Every server you want to load balance requires an entry. For a typical HTTP backend, configure the following:
- Name: Name of this server
- Description: Keep it empty
- FQDN or IP: Enter the IP of your server
- Port: Port of the server
- SSL: Keep default (disabled)
- Verify SSL Certificate: Keep default (checked)
- SSL Verify CA: Keep default (empty)
Assemble Your Backend
Next, group servers into a backend. This allows HAProxy to balance traffic across servers serving the same service. To create a backend, click + and complete the form:
- Enabled: Checked
- Name: Enter a name for the backend
- Description: Optional
- Mode: HTTP
- Balancing Algorithm: Choose your load balancing method
- Servers: Select the previously configured servers
Set Up ACLs
Access Control Lists (ACLs) determine which traffic goes to which backend. Click + to create a new ACL and configure:
- Name: Choose a name
- Description: Optional
- Expression: Host contains
- Negate condition: Keep unchecked
- Value: Enter partial hostname to compare
Then, click Save changes.
Link ACLs with Actions
Actions connect ACLs to backends. Click + and fill the form as follows:
- Name: Choose a name
- Description: Optional
- Test Type: Keep default (“IF”)
- Select ACLs: Choose the ACLs
- Logical operator: Keep default (“AND”)
- Choose action: Use Backend
- Use Server: Keep default (“none”)
Create the Frontend
The frontend listens for incoming traffic and routes it according to your actions. Click + to configure:
- Enabled: Checked
- Name: Any name
- Description: Optional
- Listen Address: Use one or more host:port, e.g., 0.0.0.0:80
- Type: HTTP / HTTPS
- Default Backend: Keep default “None”
Under advanced settings, enable X-Forwarded-For-header so the backend knows the client’s real IP. Finally, assign your configured actions to the frontend.
Enable and Launch HAProxy
On the General tab, check Enable HAProxy and click Apply. Test the configuration, and once successful, HAProxy will start. Remember to create firewall rules to allow access to your HAProxy instance.
[If needed, Our team is available 24/7 for additional assistance.]
Conclusion
Using this method, you can easily setup HAProxy OPNsense to distribute traffic efficiently across multiple servers. This setup ensures better uptime, faster responses, and scalable infrastructure for your applications.
