GitHub user senthilnathan-am added a comment to the discussion: Preserve Client Source IP in Virtual Router
> I thought it was @senthilnathan-am . can you add the scenario you are using > here, for people to reproduce the possible issue, please? > > Why virtual router is not preserving source IP during port forwarding? > > Do you use vpc ? @DaanHoogland @weizhouapache I have narrow down it and found this is occurring only in Kubernetes platform. Normal VM running inside/outside vpc is showing actual source IP in it's log but K8 isn't. Kubernetes cluster is created manually and running as one controlplane and one worker node VMs. CloudStack 4.19.1.1 K8s version => v1.30.3 Istio version => 1.17.3 CNI is Weave Net Nginx pod is running Exposing the port 80 to public through Istio Ingress Gateway. As suggested by Istio, I have mentioned #1 as trusted proxy in their gateway topology config while installing Istio since VR is running in-front of Istio LB. https://istio.io/latest/docs/ops/configuration/traffic-management/network-topologies/ Currently, in the nginx log, it is showing weave interface IP instead of actual source IP. I would really appreciate your inputs here. GitHub link: https://github.com/apache/cloudstack/discussions/9529#discussioncomment-10355090 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
