Forum Discussion
NimbostratusHow to send client ip to the backend, if we use iRule to map different context
NoctilucentEnable X-Forward option in custom HTTP profile & attached to VIP to send client IP address to server.
jdevprosThanks, we try this.
- jdevpros
But this is a header, so is possible to see the client ip like the client connect directly to real's server's? I mean, if we use netstat -an | grep client_ip
- Samir_Jha_52506
You can check client IP with command tmsh Show sys connection | grep vip_ip
- jdevpros
But I mean, we need to see real client ip on the backend server not at f5
- Samir_Jha_52506
You need to enable x-fwd in lb and apply server setting on back-end to accept client IP.
- Samir_Jha_52506
@jdevpros, Hope SNAT automap is disabled? When the BIG-IP system translates the source IP address of the incoming packet to the SNAT address, the web server sees the request as originating from the SNAT address, not the original client IP address. If the web servers are required to log the original client IP address for requests, the SNAT address translation behavior can become problematic.
In fact you can use iRule also in VIP to accept client IP.
when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::remote_addr] }Please go through below link, which will help to enable x-fwd setting on server side to accept remote IP address
nag_54823Cirrostratus
Hi Jdevpros,
you need to extract x-forwarded-for header using some logging features on server end to see original client ipaddress.
