Return-Path: 
 <users-return-24995-apmail-cloudstack-users-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-users-archive@www.apache.org
Delivered-To: apmail-cloudstack-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 7EB851822F
	for <apmail-cloudstack-users-archive@www.apache.org>;
 Thu, 17 Mar 2016 08:31:50 +0000 (UTC)
Received: (qmail 24710 invoked by uid 500); 17 Mar 2016 08:31:49 -0000
Delivered-To: apmail-cloudstack-users-archive@cloudstack.apache.org
Received: (qmail 24656 invoked by uid 500); 17 Mar 2016 08:31:49 -0000
Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:users@cloudstack.apache.org>
List-Id: <users.cloudstack.apache.org>
Reply-To: users@cloudstack.apache.org
Delivered-To: mailing list users@cloudstack.apache.org
Received: (qmail 24645 invoked by uid 99); 17 Mar 2016 08:31:49 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO
 spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 17 Mar 2016 08:31:49 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org)
 with ESMTP id 7B9411A0C26
	for <users@cloudstack.apache.org>; Thu, 17 Mar 2016 08:31:48 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 0.999
X-Spam-Level: 
X-Spam-Status: No, score=0.999 tagged_above=-999 required=6.31
	tests=[KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-0.001]
	autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new,
 port 10024)
	with ESMTP id pavHfxKfaUem for <users@cloudstack.apache.org>;
	Thu, 17 Mar 2016 08:31:46 +0000 (UTC)
Received: from mail.proio.com (mail.proio.com [194.9.10.10])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS
 id AA24D5F19A
	for <users@cloudstack.apache.org>; Thu, 17 Mar 2016 08:31:46 +0000 (UTC)
X-Footer: cHJvaW8uY29t
Received: from [93.190.65.78] ([93.190.65.78])
	(authenticated user s.brueseke@proio.com)
	by mail.proio.com (Kerio Connect 9.0.2) with ESMTPSA;
	Thu, 17 Mar 2016 09:29:54 +0100
Date: Thu, 17 Mar 2016 09:31:35 +0100
Subject: AW: Persisting Source IP on Load Balancers
Importance: Normal
X-Priority: 3
Thread-Index: AdF/ln1KfQh/SSR5Ram9nsTOn+cFXwADUZgwAAEdylAAH7s/4A==
Message-ID: <9d75d34a-6818-4f35-a09a-8d37b57a62da@proio.com>
References: <546dca806ad6485c80f1513cb3c30cde@CDM-EXMB01.onealternative.net>
	<2f123b1b-38bf-4cf8-880d-2e7952ed2d16@proio.com>
	<f3ffb65d8c2947c2abc837826240058c@CDM-EXMB01.onealternative.net>
In-Reply-To: <f3ffb65d8c2947c2abc837826240058c@CDM-EXMB01.onealternative.net>
X-Mailer: Kerio Outlook Connector (Offline Edition) (9.0.2.749 T0)
From: =?iso-8859-1?q?S=2E_Br=FCseke_-_proIO_GmbH?= <s.brueseke@proio.com>
To: 'Len Bellemore' <Len.Bellemore@alternativenetworks.com>,
	users@cloudstack.apache.org
Reply-To: =?iso-8859-1?q?S=2E_Br=FCseke_-_proIO_GmbH?= <s.brueseke@proio.com>
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi Len=2C

I am not aware of a solutions for ssl traffic for this=2E=20
A workaround would be to delete loadbalancing for ssl on the VR and create=
 a nginx instance running ssl lb=2E

Mit freundlichen Gr=FC=DF=65=6E=20/ With kind regards=2C

Swen


-----Urspr=FC=6E=67=6C=69che Nachricht-----
Von=3A Len Bellemore =5Bmailto=3ALen=2EBellemore=40alternativenetworks=2Eco=
m=5D=20
Gesendet=3A Mittwoch=2C 16=2E M=E4=72=7A 2016 18=3A22
An=3A S=2E Br=FC=73=65=6B=65 - proIO GmbH=3B users=40cloudstack=2Eapache=2E=
org
Betreff=3A RE=3A Persisting Source IP on Load Balancers

Thanks Swen=2C

OK=2C then I suppose my next question would be=2C could I then terminate th=
e SSL on the virtual router=2C and then follow your suggestion=3F

Thanks
Len

-----Original Message-----
From=3A S=2E Br=FC=73=65=6B=65 - proIO GmbH =5Bmailto=3As=2Ebrueseke=40proi=
o=2Ecom=5D=20
Sent=3A 16 March 2016 16=3A53
To=3A users=40cloudstack=2Eapache=2Eorg
Cc=3A Bellemore=2C Len - Data Analytics
Subject=3A AW=3A Persisting Source IP on Load Balancers

Hi Len=2C

you need to change the LogFormat on the target servers behind the LB=2E

If you are using apache2 do the this=3A

1=2E open your apache2 conf file
2=2E add =22LogFormat =22=25=7BX-Forwarded-For=7Di =25l =25u =25t =5C=22=25=
r=5C=22 =25=3Es =25O=22 common=5Flb=22 to the LogFormat section 3=2E open y=
our vhost file and swap =22common=22 to =22common=5Flb=22 in your CustomLog=
 line=2E
4=2E Restart apache2

Now you can see the client IP in the log=2E

This will only work with http and not with https traffic because LB cannot=
 open https traffic=2E

Mit freundlichen Gr=FC=DF=65=6E=20/ With kind regards=2C

Swen


-----Urspr=FC=6E=67=6C=69che Nachricht-----
Von=3A Len Bellemore =5Bmailto=3ALen=2EBellemore=40alternativenetworks=2Eco=
m=5D
Gesendet=3A Mittwoch=2C 16=2E M=E4=72=7A 2016 16=3A15
An=3A users=40cloudstack=2Eapache=2Eorg
Betreff=3A Persisting Source IP on Load Balancers

Hi Guys=2C

Does anyone know if it is possible to preserve the source IP that is coming=
 in to servers behind the virtual router load balancer=3F

In my web servers logs=2C every connection is from the virtual router=2E

Thanks
Len


- proIO GmbH -
Gesch=E4=66=74sf=FC=68=72=65=72=3A Swen Br=FC=73=65=6B=65
Sitz der Gesellschaft=3A Frankfurt am Main

USt-IdNr=2E DE 267 075 918
Registergericht=3A Frankfurt am Main - HRB 86239

Diese E-Mail enth=E4=6C=74 vertrauliche und/oder rechtlich gesch=
=FC=74=7A=74=65 Informationen=2E=20
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt=
=FC=6D=6C=69=63h erhalten haben=2C informieren Sie bitte sofort den Absende=
r und vernichten Sie diese Mail=2E=20
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nic=
ht gestattet=2E=20

This e-mail may contain confidential and/or privileged information=2E=20
If you are not the intended recipient =28or have received this e-mail in er=
ror=29 please notify the sender immediately and destroy this e-mail=2E =20=

Any unauthorized copying=2C disclosure or distribution of the material in t=
his e-mail is strictly forbidden=2E=20




- proIO GmbH -
Gesch=E4=66=74sf=FC=68=72=65=72=3A Swen Br=FC=73=65=6B=65
Sitz der Gesellschaft=3A Frankfurt am Main

USt-IdNr=2E DE 267 075 918
Registergericht=3A Frankfurt am Main - HRB 86239

Diese E-Mail enth=E4=6C=74 vertrauliche und/oder rechtlich gesch=
=FC=74=7A=74=65 Informationen=2E=20
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt=
=FC=6D=6C=69=63h erhalten haben=2C=20
informieren Sie bitte sofort den Absender und vernichten Sie diese Mail=2E=
=20
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nic=
ht gestattet=2E=20

This e-mail may contain confidential and/or privileged information=2E=20
If you are not the intended recipient =28or have received this e-mail in er=
ror=29 please notify=20
the sender immediately and destroy this e-mail=2E =20
Any unauthorized copying=2C disclosure or distribution of the material in t=
his e-mail is strictly forbidden=2E=20