# HAProxy 配合 Quagga OSPF 實現動態路由流量調度
# HAProxy Dynamic Router with Quagga OSPF for Dynamic Traffic Steering
Description:
應對大規模 DDoS 攻擊並減輕邊緣節點(Edge)負載,開發 HAProxy 動態路由系統。透過內部路由協議 (OSPF)
切換,實現流量秒級導向至防護節點(Protect Edge),加速攻擊隔離與防護生效時間。
Developed a HAProxy-based dynamic routing system to mitigate large-scale DDoS attacks and offload edge
node stress. By leveraging interior routing protocols (OSPF) instead of traditional DNS-based steering,
the system enables second-level traffic redirection to protection edges.
Tech Stack:
Features:
Results:
Architecture Overview:
Dynamic Routing Flow
sequenceDiagram
participant User as Operator
participant Platform as FastAPI Platform
participant HAProxy as HAProxy (Data Plane API)
participant Quagga as Quagga (OSPF)
participant Network as Network (OSPF Neighbors)
participant Jenkins as Jenkins CronJob
participant CDN as CDN Edge Nodes
User->>Platform: Add Frontend (Service IP)
Platform->>HAProxy: Bind IP to Frontend
Platform->>Quagga: Set Route Config
Quagga->>Network: Broadcast OSPF Route
Network-->>Network: Route Propagation (~30s)
Jenkins->>CDN: Fetch Edge Node Status
CDN-->>Jenkins: Return Node Info
Jenkins->>HAProxy: Sync Backend Pool