Forum Discussion

marko_58148's avatar
marko_58148
Icon for Nimbostratus rankNimbostratus
Sep 28, 2012

Source IP not maintained?

Hello,

 

i have a simple setup with one BigIP system load balancing two proxy servers. Clients point to the virtual server (which is the same IP as the external self) port 8080 to get to the proxies. Connectivity works well (with an outbound SNAT rule), however when i look at the logs of the proxy, all connections seem to come from the internal IP of the BigIP, not the real IPs. After reading the documentation, i was let to believe that the source address field is not changed? how can i configure the F5 to maintain the source IP?

 

 

Thanks

 

  • You are using SNAT, which will change the source IP address of the packet to that of the LTM. With this configuration, you can pass the source IP address of the client back to your proxies by including an X-Forwarded-For header. Your proxies/application will need to be able to extract this information from the header though.

     

     

    Or you can turn off SNAT and the requests will reach your proxies with the original client source IP address intact. This scenario may not work depending on the setup of your environment.