Hi Lukas,
While HAProxy is able to do some of those things (not sure about X-FORWARDED-FOR workarounds?), I'd still prefer to use NGINX where possible (for other reasons, such as PageSpeed support, etc)
Is NGINX able to do any of the things mentioned in the question?
Specifically, can it sort by SNI hostname without becoming an SSL endpoint? If not, is there a reason why? (has it been decided by the community that it's not a good idea, or it just hasn't been developed?)
I've seen a few similar questions around, but no definitive answer.
Thanks,
OzJD