Hi Trenton Here we use the stick on src ( Source IP ) and X-Forward-For method so we can stick on both criteria
Also the -1 to move the XFF IP back, Imagine there are 2 or 3 proxy's all inserting X-Forward-For the -1 could also be -2 or -3 etc to move the ip forward in the list 192.168.100.12 172.16.21.20 172.31.31.2 -1 would put the red address like this 172.16.21.20 172.31.31.2 I hope that all makes sense Andruw Smalley Loadbalancer.org Ltd. www.loadbalancer.org <https://www.loadbalancer.org/?gclid=ES2017> <https://plus.google.com/+LoadbalancerOrg> <https://twitter.com/loadbalancerorg> <http://www.linkedin.com/company/3191352?trk=prof-exp-company-name> <https://www.loadbalancer.org/?category=company&post-name=overview&?gclid=ES2017> <https://www.loadbalancer.org/?gclid=ES2017> +1 888 867 9504 / +44 (0)330 380 1064 [email protected] Leave a Review <http://collector.reviews.io/loadbalancer-org-inc-/new-review> | Deployment Guides <https://www.loadbalancer.org/?category=resources&post-name=deployment-guides&?gclid=ES2017> | Blog <https://www.loadbalancer.org/?category=blog&?gclid=ES2017> On 25 July 2017 at 19:42, Trenton Dyck <[email protected]> wrote: > Andrew, > > > > Thanks for this suggestion! When you say ‘move the XFF header back’ and > you have a second stick on parameter what is the behavior you expect? Will > it use src ip if no X-Forwarded-For header is present (our desired > behavior)? > > > > Thanks, > > Trent > > > > *From:* Andrew Smalley [mailto:[email protected]] > *Sent:* Tuesday, July 25, 2017 12:54 PM > *To:* Trenton Dyck > *Cc:* Aleksandar Lazic; [email protected] > *Subject:* Re: X-Forwarded-For Balancing > > > > Hi Trenton > > I hope the below example will help you with X-Forward-For + Stick table + > replication > > listen VIP_Name > > bind 192.168.100.50:65435 transparent > > mode http > > balance roundrobin > > option forwardfor if-none > > stick on hdr(X-Forwarded-For,-1) # Note the ,-1 is to move the XFF > header back one place in the list. > > stick on src > > stick-table type string len 64 size 10240k expire 30m peers > loadbalancer_replication > > server backup 127.0.0.1:9081 backup non-stick > > option http-keep-alive > > timeout http-request 5s > > option redispatch > > option abortonclose > > maxconn 40000 > > server RIP_Name 192.168.100.200:80 weight 100 check inter 500 rise 1 > fall 1 minconn 0 maxconn 0 on-marked-down shutdown-sessions > > server RIP_Name-1 192.168.100.255:80 weight 100 check inter 500 rise > 1 fall 1 minconn 0 maxconn 0 on-marked-down shutdown-sessions > > > Andruw Smalley > > Loadbalancer.org Ltd. > > www.loadbalancer.org <https://www.loadbalancer.org/?gclid=ES2017> > > <https://plus.google.com/+LoadbalancerOrg> > <https://twitter.com/loadbalancerorg> > <http://www.linkedin.com/company/3191352?trk=prof-exp-company-name> > <https://www.loadbalancer.org/?category=company&post-name=overview&?gclid=ES2017> > > <https://www.loadbalancer.org/?gclid=ES2017> > > +1 888 867 9504 / +44 (0)330 380 1064 > > [email protected] > > Leave a Review > <http://collector.reviews.io/loadbalancer-org-inc-/new-review> | Deployment > Guides > <https://www.loadbalancer.org/?category=resources&post-name=deployment-guides&?gclid=ES2017> > | Blog <https://www.loadbalancer.org/?category=blog&?gclid=ES2017> > > > > On 25 July 2017 at 17:36, Trenton Dyck <[email protected]> > wrote: > > Hi Alek, > > I want to balance via round-robin, but I want stick-tables to use the > X-Forwarded-For header instead of src ip. It makes sense in our use case > because a vast majority of our clients are behind a NAT and have the same > source IP, but the X-Forwarded-For header is unique to them. > > Thanks, > Trent > > > -----Original Message----- > From: Aleksandar Lazic [mailto:[email protected]] > Sent: Tuesday, July 25, 2017 11:20 AM > To: Trenton Dyck > Cc: [email protected] > Subject: Re: X-Forwarded-For Balancing > > Hi Trenton, > > Trenton Dyck wrote on 25.07.2017: > > > Hi, > > > > Is it possible to balance, via X-Forwarded-For header? We have come > > across an issue with sticky-sessions and server weight that I can't > > seem to find the answer to online (Unbalanced traffic). I think > > stick-tables with this acl option would be nice to have for a future > version. > > http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4-balance > > Something like this > > balance hdr(X-Forwarded-For) > > Does it make sense to balance based on this header?! > What's the issue you want to solve? > > What do you mean with "stick-tables with this acl option"? > > > Please keep met CCed for responses since I'm not subscribed. > > > > Thanks, > > > > Trent > > -- > Best Regards > Aleks > > >
