I'm using relayd-5.5.20140810 with the config below, when relayd receives a request on TLS, the process consumes 100% cpu after the client sends a hello: (ip addresses changed to protect the innocent) ext_addr="10.0.0.1" webhost1="192.168.0.1" webhost2="192.168.0.1" table <webhosts> { $webhost1 $webhost2 } interval 10 timeout 200 prefork 5 log updates http protocol http { match request header append "X-Forwarded-For" value "$REMOTE_ADDR" match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" match request header set "Connection" value "close" tcp { nodelay, sack, socket buffer 65536, backlog 128 } ssl { no sslv2, sslv3, tlsv1, ciphers HIGH } # ssl session cache disable } relay www { listen on $ext_addr port 80 protocol http forward to <webhosts> port http mode loadbalance check http "/" code 200 } http protocol httpssl { match request header append "X-Forwarded-For" value "$REMOTE_ADDR" match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" match request header set "Connection" value "close" tcp { nodelay, sack, socket buffer 65536, backlog 128 } ssl { no sslv2, sslv3, tlsv1, ciphers HIGH } # ssl session cache disable } relay wwwssl { listen on $ext_addr port 443 ssl protocol httpssl forward to <webhosts> port http mode loadbalance \ check http "/" code 200 }
over to maintainer
Hey, Has anyone had chance to look at this? I've been trying to get something useful out of it but failing :( Cheers, Joe
Is this still relevant?
This port needs a serious update (catch up sources with OpenBSD 6.4 etc.). Don't know when I will have time for that.
I give up maintaining this port.
I believe the ticket could be closed as obsolete. net/relayd has new maintainer and newer version.