relayd For TLS (SSL) Load Balancing example

load balances TLS services

       http protocol "https" {
                   match header append "X-Forwarded-For" value "$REMOTE_ADDR"
                   match header append "X-Forwarded-By" value "$REMOTE_ADDR:$SERVER_PORT"
                   match header set "Keep-Alive" value "$TIMEOUT"

                   match query hash "sessid"
                   match hash "sessid"

                   block path "/cgi-bin/index.cgi" value "*command=*"

                   tls { no tlsv1.0, ciphers "HIGH" }

           relay "tlsaccel" {
                   listen on port 443 tls
                   protocol "https"
                   forward to <phphosts> port 8080 mode loadbalance check tcp

Pre-OpenBSD 5.7:

          http protocol "httpssl" {
	      header append "$REMOTE_ADDR" to "X-Forwarded-For"
	      header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By"
	      header change "Keep-Alive" to "$TIMEOUT"
	      query hash "sessid"
	      cookie hash "sessid"
	      path filter "*command=*" from "/cgi-bin/index.cgi"

	      ssl { sslv2, ciphers "MEDIUM:HIGH" }
	      tcp { nodelay, sack, socket buffer 65536, backlog 128 }

             relay wwwssl {
	     # Run as a SSL accelerator
	     listen on $webserver port 443 ssl
	     protocol "httpssl"
	     table <webhosts> loadbalance check ssl

Also see relayd-dsr