25-Jun-2020 02:58
Hi, have enabled XFF header, but could see more than one ip is reflecting in downstream devices.
we can fix it with iRule, but binding iRules in all the virtual servers increases overhead on CPU/Memory,
is there a way to restrict last know public ip being retained in XFF header.
25-Jun-2020 07:57
Hello Bsb.
iRules are very efficient, don't worry about performance when you only need to include a XFF header.
One solution would be:
when HTTP_REQUEST {
HTTP::header remove X-Custom-XFF
HTTP::header insert X-Custom-XFF [IP::remote_addr]
}
Using the HTTP profile, you could try modifying the XFF header name
See option "XFF Alternative Names".
REF - https://support.f5.com/csp/article/K40243113
Regards,
Dario.