From the documentation
It is important to note that as long as HAProxy does not support keep-alive connections, only the first request of a connection will receive the header. For this reason, it is important to ensure that "option httpclose" is set when using this option.
Examples :
# Public HTTP address also used by stunnel on the same machine
frontend www
mode http
option forwardfor except 127.0.0.1 # stunnel already adds the header
# Those servers want the IP Address in X-Client
backend www
mode http
option forwardfor header X-Client
See also : "option httpclose"
Brian Carpio
Senior Systems Engineer
Office: +1.303.962.7242
Mobile: +1.720.319.8617
Email: bcarpio#broadhop.com
-----Original Message-----
From: Julien Vehent [mailto:julien#linuxwall.info]
Sent: Tuesday, April 12, 2011 1:55 PM
To: Haproxy
Subject: x-forwarded-for and server side keep alive
Hi there,
I browsed the list to look for an answer to this question, without success, so I hope you can help me on this.
I want to use Haproxy in front of Tomcat. I need to get the client's IP, so I logically activated 'option forwardfor', which works fine.
I also want server-side keepalive. And this is when I discovered that Haproxy sends the x-forwarded-for header with the first request of the keep-alived connection only. It seems that tomcat 6.0.32 (that we use) cannot remember the x-forwarded-for value across multiple requests. So we would need to send the header with every request.
My first question is: does anybody see anything wrong with those assumptions ?
Then: is there a way to have x-forwarded-for added to each request without giving up on server-side keep alive ?
Thanks,
Julien
Received on 2011/04/12 22:53
This archive was generated by hypermail 2.2.0 : 2011/04/12 23:00 CEST