Trying to route two Terraria servers based on domain name using same port

Traefik Traefik v2 (latest)
1

My goal is to be able to use terraria.domain.com:7777 to get in first server, and terraria2.domain.com:7777 in order to get into second. But using the :7777 port is always getting routed to the first image. It appears that the HostSNI is behaving like a wildcard.

    terraria:
        image: atgomez6555/terraria:tshock-latest
        container_name: terraria
        ports:
            - 7777:7777
        environment:
            - world=Avernus.wld
        volumes:
            - /home/alex/docker/terraria/config:/config
        tty: true
        stdin_open: true
        restart: unless-stopped
        labels:
            traefik.enable: "true"
            traefik.tcp.routers.terraria.entrypoints: "terraria"
            traefik.tcp.routers.terraria.rule: "HostSNI(`terraria.domain.com`)"
            traefik.tcp.routers.terraria.tls: "true"
        depends_on:
            - traefik

    terraria2:
        image: atgomez6555/terraria:tshock-latest
        container_name: terraria2
        ports:
            - 7778:7778
        environment:
            - world=The_Island_of_Silver.wld
        volumes:
            - /home/alex/docker/terraria/config2:/config
        tty: true
        stdin_open: true
        restart: unless-stopped
        labels:
            traefik.enable: "true"
            traefik.tcp.routers.terraria2.entrypoints: "terraria"
            traefik.tcp.routers.terraria2.rule: "HostSNI(`terraria2.domain.com`)"
            traefik.tcp.routers.terraria2.tls: "true"
        depends_on:
            - traefik

And this is my toml config file:

# [global]
[log]
  level = "INFO"

[entryPoints]
  [entryPoints.web]
    address = ":80"
    [entryPoints.web.http.redirections.entryPoint]
      to = "websecure"
      scheme = "https"

  [entryPoints.websecure]
    address = ":443"

  [entryPoints.traefik]
    address = ":8083"

  [entryPoints.terraria]
    address = ":7777"
  

[providers]
  providersThrottleDuration = "2s"
  [providers.docker]
    swarmModeRefreshSeconds = "15s"
    exposedByDefault = false
    endpoint = "unix:///var/run/docker.sock"

[api]
  insecure = true
  dashboard = true

[ping]
  # terminatingStatusCode = 0

[certificatesResolvers]
  [certificatesResolvers.default]
    [certificatesResolvers.default.acme]
      email = "xxxx"
      storage = "acme.json"
      [certificatesResolvers.default.acme.dnsChallenge]
        provider = "cloudflare"
        delayBeforeCheck = "0s"
        resolvers = ["dara.ns.cloudflare.com", "elliot.ns.cloudflare.com"]

Ideally I do not want to have to port forward a separate port for every server I run.

2

Well, SNI is a TLS concept, and games rarely use TLS for their connection (unless they use HTTP(S) as the protocol).

In short, what you are trying to achieve is impossible in principle.

3

Ok, I'm still trying to learn this. So 1 port per server running is pretty much a technical requirement? Thanks for the insight. At least I'm still able to give a name via proxy vs. having to use IP.

4

Yeah, there is no public information in the incoming connection that could help deduce which server it's intended for.

5

@atg22896 How do you do to connect the client of terraria through traefik?