Log $http_x_forwarded_for behind Cisco ACE LB
Max
nginxyz at mail.ru
Fri Mar 2 12:55:29 UTC 2012
02 марта 2012, 15:01 от Edho Arief <edho at myconan.net>:
> 2012/3/2 Tib1 <nginx-forum at nginx.us>:
> > Hello !
> >
> > I'm new to Nginx.
> >
> > I installed Nginx (on Gentoo) instead of Apache behind a Cisco
> > LoadBalancer.
> >
> > My problem is that the directive $http_x_forwarded_for always write
> > local IP of the LoadBalancer instead of Real IP.
> >
> > But I have the good IP in the header HTTP_X_FORWARD.
> >
>
> perhaps something like this:
>
> set_real_ip_from load_balancer_ip;
> real_ip_header X-Forwarded-For;
Replace X-Forwarded-For with X-Forward and that shouldl work.
You may want to update your Cisco ACE loadbalancing policy
map configuration to insert the standard X-Forwarded-For
instead of the X-Forward header by doing something like this
in Exec mode:
host1/Admin# show running-config policy-map
You should see something like this:
policy-map type loadbalance http first-match L7_LB_POLICY
class L7_LB_CLASS
serverfarm SERVER_FARM_1
insert-http x-forward header-value "%is"
Then just replace the header:
Host1/Admin# configure terminal
Host1/Admin(config)# policy-map type loadbalance first-match L7_LB_POLICY
host1/Admin(config-pmap-lb)# class L7_LB_CLASS
host1/Admin(config-pmap-lb-c)# no insert-http X-Forward header-value "%is"
host1/Admin(config-pmap-lb-c)# insert-http X-Forwarded-For header-value "%is"
host1/Admin(config-pmap-lb-c)# exit
host1/Admin(config)# exit
If everything works as expected just save your configuration and that's it:
host1/Admin# copy running-config startup-config
Max
More information about the nginx
mailing list