Source IP in backend

ravr · March 14, 2020, 6:45pm

I’m using HAProxy to load balance client requests to two backend servers (TCP mode). The backend servers see incoming requests as coming from the HAProxy host (which is expected). I’m trying to configure the setup so that the backend servers receive the client IP rather than HAProxy’s IP.

Please let me know if I’ve understood correctly

HAProxy can be configured to send the client’s IP using proxy protocol, but the backend server must support this protocol
HAProxy can spoof the client’s IP to the backend, but the backend must have its default gateway as the HAProxy host

Given that the backend servers do not support proxy protocol, and default gateway cannot be set to the HAProxy host, is there any other way to achieve this?

lukastribus · March 15, 2020, 11:02am

No.

If you cannot transport the information in-band (via PROXY protocol for any protocol, or via L7 header like X-Forwarded-For in HTTP), and you cannot use the actual Layer 3 IPs (via transparent configuration where haproxy would indeed be the default-gateway), then no other options remain, not even theoretically.

Topic		Replies	Views
Send sourceIP to backend Help!	4	446	April 14, 2021
Set frontend_ip as source IP for backend Help!	3	8954	June 1, 2016
Transparent proxy - configure backend servers Help!	4	6221	December 17, 2019
HAProxy to retain client IP Help!	3	11559	July 2, 2019
HaProxy send-proxy-v2 is not sending client_ip Help!	1	183	March 19, 2024

Source IP in backend

Related Topics