Source IP in backend

ravr · March 14, 2020, 6:45pm

I’m using HAProxy to load balance client requests to two backend servers (TCP mode). The backend servers see incoming requests as coming from the HAProxy host (which is expected). I’m trying to configure the setup so that the backend servers receive the client IP rather than HAProxy’s IP.

Please let me know if I’ve understood correctly

HAProxy can be configured to send the client’s IP using proxy protocol, but the backend server must support this protocol
HAProxy can spoof the client’s IP to the backend, but the backend must have its default gateway as the HAProxy host

Given that the backend servers do not support proxy protocol, and default gateway cannot be set to the HAProxy host, is there any other way to achieve this?

lukastribus · March 15, 2020, 11:02am

No.

If you cannot transport the information in-band (via PROXY protocol for any protocol, or via L7 header like X-Forwarded-For in HTTP), and you cannot use the actual Layer 3 IPs (via transparent configuration where haproxy would indeed be the default-gateway), then no other options remain, not even theoretically.

nimesh131 · September 25, 2024, 12:00pm

Implementing LUA module in HAProxy you can do that.

Topic		Replies	Views
Send sourceIP to backend Help!	4	546	April 14, 2021
Transparent proxy - configure backend servers Help!	4	7235	December 17, 2019
HAProxy to retain client IP Help!	3	12572	July 2, 2019
Set frontend_ip as source IP for backend Help!	3	9431	June 1, 2016
HaProxy send-proxy-v2 is not sending client_ip Help!	1	339	March 19, 2024

Source IP in backend

Related topics