[newman314]

Maybe you could share a scrubbed config?

[js4all]

Sure, here is a gist: https://gist.github.com/dvbportal/cccccbbf6163cfbbbce6

The frontend definition advertises spdy and http/1.1 protocols via npn. (this should be now ALPN, HAProxy supports it)

The ssl_fc_npn ACL routes to the SSL-teminated traffic to the appropriate backends.

Nginx is configured to serve two backends with one port for each protocol. There can be multiple instances with round robin, if necessary.

This setup scales and is extensible for additional protocols

[jsmeaton]

Thanks for sharing. Can the SPDY frontend only be tcp based though, not http? The reason I ask is because my setup does all the routing (path and subdomain based) with http frontends.

[js4all]

Unfortunately, it has to be TCP. You can define other HTTP frontends thought, but then you lose SPDY for that frontend.

You can use the routing capabilities of nginx in the backend to break the traffic further down.

[newman314]

Thanks! I'll go take a look now.