TLS Pasthrough not working

Hi, I created a TLS router with TLS passthrough as follows
kind: IngressRouteTCP
name: test
namespace: test-qa

  • websecure
  • match: HostSNIRegexp({subdomain:[a-zA-Z0-9-]+}\.test\.com$)
    • name: test
      namespace: test-qa
      port: 8080
      passthrough: true

When i curl my website curl -v I see 404 page not found error. In traefik logs I see the following
time="2024-04-01T12:14:45Z" level=debug msg="Serving default certificate for request: """ - - [01/Apr/2024:12:14:45 +0000] "GET /api/test/v1/ HTTP/2.0" 404 19 "-" "-" 22201 "-" "-" 0ms

couple of questions here -

  1. I am not sure if traefik is forwarding just the path to the backend and getting 404 or is it passing the host+path to the backend and getting 404. I don't see any access logs on my backend envoy running on port 8080...
  2. I don't see this TCProuter on traefik dashboard where as i see the other HTTP routers I have.

From Traefik Docker I know you can set access log to JSON format to see differentiated OriginStatus (from target) and DownstreamStatus (from Traefik).

I was able to fix the 2nd issue above by adding annotations of ingress controller on my ingressroutetCP resource.

I still see 404 page not found errors. Instead of using HostSNIRegexp({subdomain:[a-zA-Z0-9-]+}\.test\.com$), I updated to HostSNI(*) and I was able to hit the backend successfully. Not sure why it is not working with domain name? Any idea @bluepuma77

No idea, not a fan of Traefik regex.

HostSNIRegexp({subdomain:[a-zA-Z0-9-]+} ) this worked