Forum Discussion

Nimbostratus

Sep 28, 2008

tracking user sessions when snatting

I am looking at changing configuration for load balancing so that we use a snat pool rather than passing the original client IP back to the webservers. Snat will save me many headaches with routing, ...

Cirrostratus

Sep 29, 2008

As skottieb suggested, using an XFF header is the typical way to track the original client IP address for HTTP requests through a device which performs source address translation to ensure symmetric routing. SOL4816 has some additional information on hwo to configure IIS and Apache to log the custom header (Click here). If you are using the XFF header for something other than reporting, you should consider removing any existing XFF headers in the request. You can do this by configuring the HTTP profile's 'Request Header Erase' field with X-Forwarded-For.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

tracking user sessions when snatting

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Caching based on Surrogate-Control header

4600 rSeries tenant resizing and HA Dependency

DOSl7 reset learning database voor automatic mode

Is there F5 Virtual Wire(vWire) variable support for vCMP or rSeries tenant?

F5 Kubernetes CNF/BNK GSLB functionality ?

Related Content

Tracks, Hacks, and Time to Relax

F5 XC Session tracking and logging with User Identification Policy

MCP Session Affinity With F5 NGINX Plus

The BIG-IP Application Security Manager Part 9: Username and Session Awareness Tracking

Link Tracking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS