mixctl – Forward TCP to different upstream servers behind a tunnel

mixctl by inlets is a TCP proxy to forward multiple TCP connections over a single inlets Pro TCP tunnel.

What’s it for?

mixctl can be used to replace HAProxy, Traefik and/or Nginx with streams in certain scenarios.

It could also be used as a lightweight load-balancer for K3s servers.

Perhaps use this instead of IP Virtual Server (IPVS)?

This is a lightweight, multi-arch, multi-OS, uncomplicated way to reverse proxy different TCP connections and/or load balance them.

IPVS is going to be more performant, but requires a Linux host and capabilities, which you may be remiss to grant through Docker or Kubernetes.


  1. Write a rules.yaml file such as: ./rules.example.yaml:

version: 0.1

- name: rpi-k3s

- name: rpi-ssh
  1. Run the tool: mixctl -f ./rules.yaml

  2. Run inlets-pro tcp client --ports 6443 --ports 22222 --upstream

  3. Connect to ports 6443 or 22222 on your inlets Pro tunnel server to access any of the servers in the “to” array

Connections are load balanced if there are multiple hosts in the to field.

To make the upstream address listen on multiple ports, use instead of in the from field.

The port for the from and to addresses do not need to match.


This software is licensed MIT.


View Github