Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

How to transparently transmit the IP of the F5 device itself?

ioii
Nimbostratus
Nimbostratus

The topology map is client-->F5-->backend nginx service
Now the nginx service log only has the customer’s real ip, I want the F5’s ip to be recorded in the log, what should I do?

2 REPLIES 2

Paulius
MVP
MVP

@ioii Depending on the F5 IP that you want to record, you could create a log entry when the client connection is accepted as shown in the following FQDN. Tricky part is you will have to match what you see in the nginx to the log on the F5 to see what the IP is. The other option is if this is HTTP or HTTPS and you are performing SSL termination you can inject a new HTTP header field and associate the value you choose based on the article and what IP you want to record. Doing it the second way should allow nginx to search for the header field and record it.

https://clouddocs.f5.com/api/irules/IP__local_addr.html

JRahm
Community Manager
Community Manager

As mentioned by @Paulius , you could insert a header in an iRule like this:

when HTTP_REQUEST_RELEASE {
  HTTP::header insert X-F5-SOURCE [IP::local_addr]
}

and in your log format on the nginx side, something like:

[f5-ip=$upstream_http_x_f5_source]