You need to add `accept-proxy` keyword in receiving haproxy bind line.

https://cbonte.github.io/haproxy-dconv/1.9/configuration.html#5.1-accept-proxy

Hth
 Aleks

Wed May 22 14:03:26 GMT+02:00 2019 praveen kumar <praveenkumar.2...@gmail.com>:

>
> have a haproxy setup as follow:
>
> Client --> Haproxy (LOCATION A)------> HAProxy(LOCATION B)----> Server
>
> Both HA Proxy are running in TCP mode in both frontend and backend. My server 
> wants to see actual client ip connecting to it, so I have enabled  send-proxy 
>  on location A haproxy and sending it haproxy at location B. I can proxy 
> header on my server. I can see initial ssl handshake between haproxy at 
> location B and server, but no data is being sent and response not received at 
> the client end.
>
> Location A config :
>
> global
> log  127.0.0.1:514 [http://127.0.0.1:514]  local0 info
> log  127.0.0.1:514 [http://127.0.0.1:514]  local0 debug
>   #log   127.0.0.1:514 [http://127.0.0.1:514]  local1 notice
>   #log  loghost local0 info
> maxconn 4096
>   #chroot  /usr/share/haproxy
>   #user  haproxy
>   #group  haproxy
> daemon
> debug
>   #quiet
>   #ssl-server-verify  none
> defaults
> mode tcp
> log global
> option httplog
> option dontlognull
> option http-server-close
> option redispatch
> retries 3
> timeout http-request 10s
> timeout queue 1m
> timeout connect 10s
> timeout client 1m
> timeout server 1m
> timeout http-keep-alive 10s
> timeout check 10s
> maxconn 3000
>
> frontend https_in
> bind *:443
> mode tcp
> option tcplog
> timeout client 1m
> default_backend https
>
> backend https
> mode tcp
> option tcplog
> option log-health-checks
>   #option  redispatch
> server halocb x.x.x.x:443 check send-proxy-v2
>
> Location B config :
>
> global
> log  127.0.0.1:514 [http://127.0.0.1:514]  local0 info
> log  127.0.0.1:514 [http://127.0.0.1:514]  local0 debug
>   #log   127.0.0.1:514 [http://127.0.0.1:514]  local1 notice
>   #log  loghost local0 info
> maxconn 4096
>   #chroot  /usr/share/haproxy
>   #user  haproxy
>   #group  haproxy
> daemon
> debug
>   #quiet
>   #ssl-server-verify  none
> defaults
> mode tcp
> log global
> option httplog
> option dontlognull
> option http-server-close
> option redispatch
> retries 3
> timeout http-request 10s
> timeout queue 1m
> timeout connect 10s
> timeout client 1m
> timeout server 1m
> timeout http-keep-alive 10s
> timeout check 10s
> maxconn 3000
>
> frontend https_in
> bind *:443
> mode tcp
> option tcplog
> timeout client 1m
> default_backend https
>
> backend https
> mode tcp
> option tcplog
> option log-health-checks
>   #option  redispatch
> server halocb  mysite.ul.com:443 [http://mysite.ul.com:443]  check ssl verify 
> none
>
>
> --
> V.PRAVEEN KUMAR
>

Reply via email to