Forum Discussion
mhd90_359601
Nimbostratus
NimbostratusValues in X-Forwarded-For when SNAT is enable
Hi I have a case where user has pointed out that the X-Forwarded-For has F5 self ip. F5 has automap enabled. Is this expected behaviour? The VS has tcp profile, so nothing being done by F5 to the http header
DaveS_377638Cirrus
I suggest you look at the server that is the node for the VS that is setting this header. Since the LTM is set for SNAT/automap, the self IP address will be the client address seen by that server.
mhd90_359601i do have the header capture from the server, and it shows Header [x-forwarded-for]: x.x.x.x x.x.x.x is the f5 self ip
My question is, is this expected behavior? My understanding was, if i dont change or insert anything in the header through F5, the XFF value should not reflect the f5 ip...
DaveSXFF is used to indicate the originating IP address. The configuration details you've given for the LTM means it's not including the header so it must be the back end server that is doing it, confirmed by the address being the LTM self address.
Is this expected behaviour - it will be if server is configured for XFF insertion.
- DaveS_377638
XFF is used to indicate the originating IP address. The configuration details you've given for the LTM means it's not including the header so it must be the back end server that is doing it, confirmed by the address being the LTM self address.
Is this expected behaviour - it will be if server is configured for XFF insertion.
- DaveS
I suggest you look at the server that is the node for the VS that is setting this header. Since the LTM is set for SNAT/automap, the self IP address will be the client address seen by that server.
- pushkar_misra_2
Altocumulus
Unless server is modifying the XFF header, F5 will always set it as client IP. If you do capture and examine the backend traffic from F5 you can see the XFF details.