Forum Discussion
Johan_Van_Geste
Nimbostratus
NimbostratusHTTP-header to real-server
Hi all,
we have a BIG-IP 1500 deployed in a 'flat network' (one VLAN to cover everything, VS-address and Node-addresses all in the same range, serving HTTP on port 80). Downside: this way th...
Johan,
First, let me say that this is an iRules question, so next time if you could post it to the iRules forum that would be best...
With that being said, this is a very common question and there are many ways to can have BIG-IP insert that true client address.BIG-IP's http profile:
in BIG-IP v9.0, the http profile has the following option: "Insert XForwarded For". If you enable this, a "X-Forwarded-For" HTTP header containing the true client address will be inserted into each HTTP Request.iRules:
If for some reason you don't want to enable this in your profile, you can issue a HTTP::header command to insert the X-Forwarded-For header (or any other header you wish) in an iRule.
when HTTP_REQUEST {
Replace X-Forwarded-For if you wish a different header name
HTTP::header insert X-Forwarded-For [IP::remote_addr]
}You might also want to take a look at this thread:http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&forumid=5&postid=1461Click here
Once you have picked one of these methods, you'll need to be able to extract that value in your logs. I've created a ISAPI Filter (if you are running IIS) that will substitute the c-ip value in the IIS logs with the value of the X-Forwarded-For header (if it exists). The source and binaries can be downloaded in CodeShare (Click here). I'm sure if you are using Apache on the backend there are Apache modules out there to do this as well.
Good luck and let us know how it goes!
-Joe
