cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Len Bellemore <Len.Bellem...@alternativenetworks.com>
Subject RE: Persisting Source IP on Load Balancers
Date Wed, 16 Mar 2016 17:22:22 GMT
Thanks Swen,

OK, then I suppose my next question would be, could I then terminate the SSL on the virtual
router, and then follow your suggestion?

Thanks
Len

-----Original Message-----
From: S. Brüseke - proIO GmbH [mailto:s.brueseke@proio.com] 
Sent: 16 March 2016 16:53
To: users@cloudstack.apache.org
Cc: Bellemore, Len - Data Analytics
Subject: AW: Persisting Source IP on Load Balancers

Hi Len,

you need to change the LogFormat on the target servers behind the LB.

If you are using apache2 do the this:

1. open your apache2 conf file
2. add "LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %O" common_lb" to the LogFormat
section 3. open your vhost file and swap "common" to "common_lb" in your CustomLog line.
4. Restart apache2

Now you can see the client IP in the log.

This will only work with http and not with https traffic because LB cannot open https traffic.

Mit freundlichen Grüßen / With kind regards,

Swen


-----Ursprüngliche Nachricht-----
Von: Len Bellemore [mailto:Len.Bellemore@alternativenetworks.com]
Gesendet: Mittwoch, 16. März 2016 16:15
An: users@cloudstack.apache.org
Betreff: Persisting Source IP on Load Balancers

Hi Guys,

Does anyone know if it is possible to preserve the source IP that is coming in to servers
behind the virtual router load balancer?

In my web servers logs, every connection is from the virtual router.

Thanks
Len


- proIO GmbH -
Geschäftsführer: Swen Brüseke
Sitz der Gesellschaft: Frankfurt am Main

USt-IdNr. DE 267 075 918
Registergericht: Frankfurt am Main - HRB 86239

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. 
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren
Sie bitte sofort den Absender und vernichten Sie diese Mail. 
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet. 

This e-mail may contain confidential and/or privileged information. 
If you are not the intended recipient (or have received this e-mail in error) please notify
the sender immediately and destroy this e-mail.  
Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly
forbidden. 



Mime
View raw message