DEV Community

Cover image for YARP .Net Core Reverse Proxy
Sukhpinder Singh
Sukhpinder Singh

Posted on

YARP .Net Core Reverse Proxy

It is a reverse proxy toolkit for developing secure proxy servers in .NET.

YARP stands for “ YARP: A Reverse Proxy” is a project to create a reverse proxy server.

YARP fills into the ASP.NET pipeline for managing incoming requests and then has its sub-pipeline for implementing the steps to proxy the requests to backend servers.

For the specific need of different deployment scenarios, YARP can be easily customized and tweaked.

Getting started with YARP

YARP library provides the core proxy functionality that you can then customize by adding or replacing modules.

For a current preview, the NuGet manager supplies the YARP package. Later on, Microsoft has planned to introduce it as a project template accessible via the dotnet command line.

YARP is currently compatible with either .NET Core 3.1 or .NET 5 preview 4 (or latest).

Download the preview 4 (or latest) of .NET 5 SDK: Link

Create a .Net Core Project

Create a “Blank” ASP.NET Core application using the below command or create a new ASP.NET Core web application via Visual Studio, and choose “Blank” as a project template

dotnet new web -n MyProxy -f
Enter fullscreen mode Exit fullscreen mode

Open the Project just created and make sure to add the following settings.

<PropertyGroup><TargetFramework>netcoreapp5.0</TargetFramework> </PropertyGroup>
Enter fullscreen mode Exit fullscreen mode


<ItemGroup> <PackageReference Include=”Microsoft.ReverseProxy” Version=”1.0.0-preview.1.*” /> </ItemGroup>
Enter fullscreen mode Exit fullscreen mode


YARP is implemented purely as an ASP.NET Core element, and so the bulk of the code is in Startup.cs.

YARP manages configuration files to define the routes and endpoints for the proxy. Load the configurations in the ConfigureServicesmethod, as shown below.

public IConfiguration Configuration { get; }public Startup(IConfiguration configuration){ Configuration = configuration;}public void ConfigureServices(IServiceCollection services) { services.AddReverseProxy() .LoadFromConfig(Configuration.GetSection("ReverseProxy")); }
Enter fullscreen mode Exit fullscreen mode

ASP.Net pipelines for processing requests are defined in the Configure method inside the Startup.cs file.

The reverse proxy adds into ASP.NET endpoint routing and then has its sub pipeline for the proxy. Here proxy pipeline modules can be added to customize the handling of the request. For example, load balancing, as shown below.

public void Configure(IApplicationBuilder app){ app.UseHttpsRedirection();

app.UseRouting(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllers(); endpoints.MapReverseProxy(proxyPipeline => { proxyPipeline.UseProxyLoadBalancing(); }); });}
Enter fullscreen mode Exit fullscreen mode


Currently, the definition of YARP settings are supplied via JSON, i.e., in the appsettings.json file. The configuration structure consists of:


Backends are the complex cluster of various servers to route different requests.

The address is the URI prefix will have the request path joined to it.


Routes map incoming requests to the backend server cluster based upon various aspects of the request, such as

  • Hostname

  • Path

  • The method

  • Request headers

Routes have ordered property, which means the app1 route needs to be defined first as route2.

The following needs to be a peer to the appsettings.json file.

"ReverseProxy": { "Routes": [{ "RouteId": "app1", "BackendId": "backend1", "Match": { "Methods": [ "GET", "POST"], "Host": "localhost", "Path": "/app1/" } }, { "RouteId": "route2", "BackendId": "backend2", "Match": { "Host": "localhost" } } ], "Backends": { "backend1": { "LoadBalancing": { "Mode": "Random" }, "Destinations": { "backend1_destination1": { "Address": "" }, "backend1_destination2": { "Address": "" } } }, "backend2": { "Destinations": { "backend2_destination1": { "Address": "" } } } } }
Enter fullscreen mode Exit fullscreen mode

YARP is a preview project, so users are responsible for the security of their applications.

Thank you for reading. Keep visiting and share this in your network. Please put your thoughts and feedback in the comments section.

Follow me on LinkedIn Instagram Facebook Twitter

Top comments (0)