Unable to determine client IP - please help!

Based on a read through of other users and Joe's comments (Click here), it looks like the DLL will replace the value of the C-IP field in the IIS logs with the parsed value of the X-Forwarded-For header. I believe he parses out internal IP addresses and writes the remaining IPs in a comma plus (1.1.1.1, +2.2.2.2) separated list. So if the BIG-IP is configured to insert the X-Forwarded-For header and you enable this DLL on your web server(s), you should see in the C-IP field, what the BIG-IP got as the source IP of the TCP packet it received.

 

 

A self IP address is an address the BIG-IP uses to source requests as well as receive them as a gateway. Take a look at the Network & System Mgmt Guide for details (Click here).

 

 

The reason that you are seeing the BIG-IP address in the IIS logs is that you either have SNAT enabled on the virtual server or you have a default SNAT defined which matches the requests to the IIS servers. Typically the reason you would have a SNAT enabled is because the web servers do not have their default gateway set to the BIG-IP. Enabling SNAT in this scenario forces the web servers to respond back to the BIG-IP and ensures symmetric routing. I was suggesting that if you were able to set the default gateway of the web servers to the BIG-IP's floating self IP address (or static self IP if you have a standalone unit), you could avoid the need to translate the source address of requests to the web servers.

 

 

Aaron