Hi!
I’m using the Proxy Protocol in my Stalwart setup.
Before Traefik < v3.5.2, I configured it like this:
- traefik.tcp.routers.esmtp.rule=HostSNI(`*`)
- traefik.tcp.routers.esmtp.entrypoints=esmtp
- traefik.tcp.routers.esmtp.tls.passthrough=true
- traefik.tcp.routers.esmtp.service=esmtp
- traefik.tcp.services.esmtp.loadbalancer.server.port=465
- traefik.tcp.services.esmtp.loadbalancer.proxyProtocol.version=2
After upgrading to v3.5.2, I saw that proxyProtocol on the service is deprecated and should now be set through a serversTransport.
My question:
Do I always need to define a serversTransport in a dynamic config file and then assign it via label, like this:
# dynamic.yaml
tcp:
serversTransports:
proxyprotocolv2:
proxyProtocol:
version: 2
and reference it in my labels:
- traefik.tcp.services.esmtp.loadbalancer.serversTransport=proxyprotocolv2
Or is there also a way to configure it inline, like:
- traefik.tcp.services.esmtp.loadbalancer.serversTransport.proxyProtocol.version=2
I tried both approaches, but I didn’t get a connection (maybe because of this issue, since I don’t get the real IP and the traffic ends up being blocked by fail2ban).
If my assumption (dynamic config + reference via label) is actually correct, but I still don’t get a working connection, then I guess I need to debug my setup further.
One more thing: are there any known Docker containers (similar to Just used a simple python script and disabled TLS passtrough to testtraefik/whoami) that support Proxy Protocol, so I can easily test if it’s propagated correctly?
Thanks a lot