Nuwan, If we have multiple load balancers and multiple servers we need to append each IP to x forward for header by separating with ",". So back end server can trace message flow. Actually x forward for header should have list of ip address of proxies passed through.
Thanks, sanjeewa. On Fri, Oct 25, 2013 at 8:30 AM, Nuwan Dias <[email protected]> wrote: > Sanjeewa, > > What is the purpose of > > <property name="X-Forwarded-For" expression="*fn:concat(get-** > property('clientIP'),get-property('coming-X-Forwarded-**For'))*" > scope="transport" type="STRING"/> > > You are concatenating the clientIP and coming-X-Forwarded-For property > values. So the outgoing X-Forwarded-For header from the ELB will be a > concatenation of the two ip addresses. Is it right to have it that way? > > Thanks, > NuwanD. > > > On Fri, Oct 25, 2013 at 1:20 AM, Sanjeewa Malalgoda <[email protected]>wrote: > >> No, load balancer will not drop any header(x forward for). But we do not >> add client ip to x forward for header list. Normally all hardware load >> balancers do that. Here issue is when request come to load balancer it >> will replace client IP with load balancers IP. So eventually actual back >> end server does not aware about client IP. We can achieve this by adding >> following configuration to load balancers main sequence. I think we need to >> add this to default load balancer configuration. >> >> <property name="coming-X-Forwarded-For" >> expression="get-property('transport','X-Forwarded-For')"/> >> <property name="clientIP" >> expression="fn:concat(get-property('axis2','REMOTE_ADDR'),', ')"/> >> <property name="X-Forwarded-For" >> expression="fn:concat(get-property('clientIP'),get-property('coming-X-Forwarded-For'))" >> scope="transport" type="STRING"/> >> >> Thanks, >> sanjeewa. >> >> >> On Thu, Oct 24, 2013 at 5:17 PM, Kishanthan Thangarajah < >> [email protected]> wrote: >> >>> Are you saying that currently load-balancer drops this header even >>> though you send it? or only the IP of load-balancer get missed, but the >>> client's IP goes through with the header, hence we need to append the IP of >>> load-balancer? >>> >>> >>> On Thu, Oct 24, 2013 at 3:38 PM, Sanjeewa Malalgoda >>> <[email protected]>wrote: >>> >>>> Hi Team, >>>> Normally when requests pass through load balancers client IP for >>>> actual back end server would be load balancers IP. But sometimes >>>> actual back end server may need actual client and load balancers (all load >>>> balancers message passed) IPs to tracing message flows. In such cases >>>> normally we use X-Forwarded-For[1] header. So i think we should add >>>> it to our elastic load balancer by default. Adding following configuration >>>> to main sequence will work. Also if header is already present we should >>>> append ip by separating ",". >>>> >>>> >>>> <property name="X-Forwarded-For" >>>> expression="get-property('axis2','REMOTE_ADDR')" scope="transport" >>>> type="STRING"/> >>>> >>>> >>>> [1]http://en.wikipedia.org/wiki/X-Forwarded-For >>>> >>>> Thanks, >>>> sanjeewa. >>>> -- >>>> * >>>> * >>>> *Sanjeewa Malalgoda* >>>> Senior Software Engineer >>>> WSO2 Inc. >>>> Mobile : +94713068779 >>>> >>>> <http://sanjeewamalalgoda.blogspot.com/>blog >>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> *Kishanthan Thangarajah* >>> Senior Software Engineer, >>> Platform Technologies Team, >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - +94773426635 >>> Blog - *http://kishanthan.wordpress.com* >>> Twitter - *http://twitter.com/kishanthan* >>> >> >> >> >> -- >> * >> * >> *Sanjeewa Malalgoda* >> Senior Software Engineer >> WSO2 Inc. >> Mobile : +94713068779 >> >> <http://sanjeewamalalgoda.blogspot.com/>blog >> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/> >> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Nuwan Dias > > Senior Software Engineer - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > -- * * *Sanjeewa Malalgoda* Senior Software Engineer WSO2 Inc. Mobile : +94713068779 <http://sanjeewamalalgoda.blogspot.com/>blog :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
