Dear Steffen, I reply you inline
BTW what requeriments do you have?
2016-06-16 16:23 GMT+02:00 Steffen Höhne <steffen.hoe...@jmc-software.ch>:
> Hi Emilio
>
>
>
> Okay, With DNAT it works fine.
>
>
>
> But only inbound connections from wan to server with client IP is possible.
>
> Outbound connections from server to wan doesn’t work.
>
Thas is the default behaviour, zen node is going to use the local IP for
outbout connections. what ip do you want to use for outbound to WAN?
>
>
> If I add “iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE” at
> Loadbalancer, the server can connect outbound, but the inbound client IP is
> again the IP from the load balancer.
>
>
>
Yes, it's correct, with the iptable rule you have added you are breaking
the DNAT.
Anyway
> Any help?
>
>
>
> Thank you
>
>
>
> Steffen
>
>
>
> *From:* Emilio Campos [mailto:emilio.campos.mar...@gmail.com]
> *Sent:* Mittwoch, 15. Juni 2016 21:26
>
> *To:* zenloadbalancer-support@lists.sourceforge.net
> *Subject:* Re: [Zenloadbalancer-support] HTTPS X-Forwarded-For
>
>
>
> Not possible, l4xnat doesn't modify anything in application layer
>
> Have a look to l4xnat with DNAT if you need source ip
>
> Sent from mobile
>
> El 15 jun. 2016 10:05 a. m., "Steffen Höhne" <
> steffen.hoe...@jmc-software.ch> escribió:
>
> Hi together
>
>
>
> Is it possible to add X-Forwarded-For to L4xNAT ?
>
>
>
> Thank you for any help
>
>
>
> Steffen
>
>
>
> *From:* Emilio Campos [mailto:emilio.campos.mar...@gmail.com]
> *Sent:* Dienstag, 5. April 2016 16:25
> *To:* zenloadbalancer-support@lists.sourceforge.net
> *Subject:* Re: [Zenloadbalancer-support] HTTPS X-Forwarded-For
>
>
>
> X-Forwarded-For header is added by default for any HTTP[S] farm
>
> L4xNAT profile can work in NAT mode, similar behaviour to Profiles HTTP or
> TCP
>
>
>
> Use Profile L4xNAT with NAT instead of TCP Profile
>
>
>
> Regards!
>
>
>
> 2016-04-05 14:51 GMT+02:00 Mathieu Chateau <mathieu.chat...@lotp.fr>:
>
> Good Question :)
>
>
> Cordialement,
> Mathieu CHATEAU
> http://www.lotp.fr
>
>
>
> 2016-04-05 14:34 GMT+02:00 Steffen Höhne <steffen.hoe...@jmc-software.ch>:
>
> Hi Mathieu
>
>
>
> why does the TCP Farm have the option “Add X-Forwarded-For header to http
> requests.” ?
>
>
>
> best regards
>
> Freundliche Grüsse
>
> Steffen Höhne
>
> System Engineer
>
>
> --------------------------------------------------------------------------------------------------------------
> JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
>
> IT-Systems Nottwil GmbH * Kantonsstrasse 11b * 6207 Nottwil * Switzerland
> Phone: +41 41 937 29 61
> Internet: http://www.jmc-software.ch * Email: *supp...@jmc-software.ch
> <supp...@jmc-software.ch>*
>
> PC Fernwartung: *Teamviewer
> <http://pcsn.ch/media/38904/jmc_quicksupport.exe>*
>
> MAC Fernwartung: Teamviewer
> <http://download.teamviewer.com/download/version_9x/TeamViewerQS.dmg>
>
>
> --------------------------------------------------------------------------------------------------------------
>
>
>
>
>
>
>
>
>
> *From:* Mathieu Chateau [mailto:mathieu.chat...@lotp.fr]
> *Sent:* Dienstag, 5. April 2016 14:01
> *To:* zenloadbalancer-support <
> zenloadbalancer-support@lists.sourceforge.net>
> *Subject:* Re: [Zenloadbalancer-support] HTTPS X-Forwarded-For
>
>
>
> Hello,
>
>
>
> not sure to get what you want. If ZLB is in TCP mode, it does NOT know
> what flow are inside and don't touch anything. So it's not going to add any
> http header.
>
>
>
>
> Cordialement,
> Mathieu CHATEAU
> http://www.lotp.fr
>
>
>
> 2016-04-05 13:50 GMT+02:00 Steffen Höhne <steffen.hoe...@jmc-software.ch>:
>
> Hey Guys
>
>
>
> We have installed a two node cluster with zenlb 3.7.
>
>
>
> Recently we had problems with https encryption and high cpu usaged – so we
> changed the farm to tcp.
>
>
>
> Behind the lb are two https backends IIS server. With http the option“Add
> X-Forwarded-For header to http requests.” works fine. But the development
> unit have a new website “only https” – and that option doesn’t work.
>
>
>
> l4xnat with dnat isn’t an option for us, because the lb can’t be the main
> gateway.
>
>
>
> Do you guys have any idea for me pls?
>
>
>
> Thank you
>
>
>
> Freundliche Grüsse
>
> Steffen Höhne
>
> System Engineer
>
>
> --------------------------------------------------------------------------------------------------------------
> JMC Software AG * Riedstrasse 1 * 6343 Rotkreuz * Switzerland
>
> IT-Systems Nottwil GmbH * Kantonsstrasse 11b * 6207 Nottwil * Switzerland
> Phone: +41 41 937 29 61
> Internet: http://www.jmc-software.ch * Email: *supp...@jmc-software.ch
> <supp...@jmc-software.ch>*
>
> PC Fernwartung: *Teamviewer
> <http://pcsn.ch/media/38904/jmc_quicksupport.exe>*
>
> MAC Fernwartung: Teamviewer
> <http://download.teamviewer.com/download/version_9x/TeamViewerQS.dmg>
>
>
> --------------------------------------------------------------------------------------------------------------
>
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
>
>
>
> --
>
> Load balancer distribution - Open Source Project
> http://www.zenloadbalancer.com
> Distribution list (subscribe):
> zenloadbalancer-support@lists.sourceforge.net
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports.
> http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports.
> http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): zenloadbalancer-support@lists.sourceforge.net
------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
