Hi,
I recently ran into the problem, that using "send-proxy" with Apache's
mod_remoteip and RemoteIPProxyProtocol on fails for all IPv4 addresses.
The main problem is mod_remoteup, which doesn't accept IPv4-mapped IPv6
addresses. I've reported that bug in
https://bz.apache.org/bugzilla/show_bug.cgi?id=69672 and hope that this
will get fixed.
Of course you can work around the problem by not listening on ":::443"
for both IPv6 and IPv4 at the same time but use "v6only" and listen on
"*:443" separately.
People might argue however, that it's not ideal to report IPv4-mapped
IPv6 addresses via the proxy protocol. You might consider to change
haproxy here, too, so that IPv4 addresses are reported, even if the
incoming address technically was a IPv4-mapped IPv6 address. I would
prefer that actually.
Let me know if you want this as a bug report to track this as an issue
for haproxy.
Björn
- issues with IPv6 listening sockets and send-proxy Björn Jacke
-
