@simos, just opened my eyes to the existence of the nat=true parameter on the proxy devices…
It was recommended in the context of having a better performance.
In another post, it is mentioned that non-nat proxy devices fork the connection.
And then there’s the additional work of the Proxy-protocol=true to pass the proper headers…
I use HA Proxy to route Inet HTTP traffic into the containers and LXD proxy devices to route the traffic from the host to the HAP container.
In the docs it says that 2 things are different if you use nat=true.
- The container needs to have a fixed IP.
- There is no need for proxy_protocol=true anymore.
My 2 questions are:
How much more performant would nat=true be when compared with non-nat proxy + proxy protocol=true?
Or at which levels of traffic would that start to be noticeable? or worth it?
(if it ain’t broken don’t fix it)
What are the consequences of using a fixed IP for the HAP container? (if any).
Any other reason to use one over the other in a medium traffic environment?