Just confirmed that Piba's theory. I removed option httpclose and option forwardfor in the inner haproxy (the one right in front of nginx), and only set option httpclose and option forwardfor except 127.0.0.1 in the outer haproxy and I was able to get the client IP! Thanks a lot.
Just out of curiosity. if I use option httpclose and option forwardfor in the outer haproxy, it doesn't work. But using option httpclose and option forwardfor except 127.0.0.1 works. why is that? Thanks, Wei ________________________________ From: David Coulson Sent: Thursday, April 25, 2013 11:31 AM To: PiBa-NL Cc: Wei Kong; [email protected]; Mike Goff Subject: Re: Client ip gets lost after a request being passed through two haproxies? On 4/25/13 2:12 PM, PiBa-NL wrote: Hey Wei Kong, Your probably using "option forwardfor<http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-option%20forwardfor>" right? I checked this - HAProxy does append to the X-Forwarded-For header. In this example 10.2.3.40 is the HAproxy instance, and 192.168.1.1 was the X-Forwarded-For header passed to it. <client ip>/<xforwardfor> 10.250.52.241/192.168.1.1, 10.2.3.40 Maybe you are just parsing X-Forwarded-For wrong? David
