Add an X-Forwarded-For header
When you configure load balancing via the LB Layer 7 tab, HAProxy ALOHA acts as a reverse proxy, managing client connections on one end and server connections on the other. The downside is that it causes the client's source IP address to be replaced with HAProxy ALOHA's IP address in connections to the servers, which misrepresents the true client in the server logs.
When proxying HTTP traffic, HAProxy ALOHA can add an X-Forwarded-For
header to the request before relaying it to the server. This header contains the client's source IP address, which the server can be configured to log.
To configure HAProxy ALOHA to add an X-Forwarded-For
header to an incoming request, set the option forwardfor
directive in a defaults
, frontend
, listen
, or backend
section.
Adds an X-Forwarded-For
header containing the client's source IP address.
backend webservers
balance roundrobin
option forwardfor
server s1 192.168.56.20:3000 check
server s2 192.168.56.21:3000 check
Optionally, disable the header for an IP address (or CIDR) by adding the except
parameter.
Adds an X-Forwarded-For
header except when the source IP is the address of a known proxy.
backend webservers
balance roundrobin
option forwardfor except 192.168.56.10
server s1 192.168.56.20:3000 check
server s2 192.168.56.21:3000 check
Add the if-none
parameter to add the header only when it is not present.
Adds an X-Forwarded-For
header unless it already exists.
backend webservers
balance roundrobin
option forwardfor if-none
server s1 192.168.56.20:3000 check
server s2 192.168.56.21:3000 check
Next up
Global server load balancing