trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steven R. Feltner" <sfelt...@godaddy.com>
Subject Re: Client IP
Date Wed, 23 Jan 2019 14:34:39 GMT
Hi, Adi…

First, you’ll need to enable the Proxy Protocol on your ELB.  That will pass the Proxy Protocol
information (client IP) on to your EC2 Instance running ATS.  In your ATS config, you’ll
need to enable the Proxy Protocol on your port (proxy.config.http.server_ports in records.config)
and you’ll need to enable inserting the Forwarded: header (proxy.config.http.insert_forwarded
in records.config).  ATS will then accept the ProxyProtocol v1 header and transform that information
to the Forwarded: header that then gets passed to your origin.

This is available starting in ATS v8.0.x and is documented here: Proxy Protocol<https://docs.trafficserver.apache.org/en/8.0.x/admin-guide/configuration/proxy-protocol.en.html?highlight=proxy%20protocol>

Thanks,
Steven

From: Adi Mallikarjuna Reddy V <adimallikarjunareddy@gmail.com>
Reply-To: "users@trafficserver.apache.org" <users@trafficserver.apache.org>
Date: Tuesday, January 22, 2019 at 6:31 PM
To: "users@trafficserver.apache.org" <users@trafficserver.apache.org>
Subject: Client IP

Our setup is like this in AWS.

          (HTTPS)            (HTTPS)
Client  ======>   ELB ======> EC2 instance (ATS) ====> Origin

We are not terminating HTTPs at ELB, continuing HTTPS all the way till the node that runs
ATS. In this case, if we look at squid.log, it shows ELB IP as client IP, instead of the real
client IP.

Is there anything wrong with this setup/configuration?


Thanks
Adi


Mime
View raw message