We have a issue in our application where the client IP is not getting passed to the App servers in the following setup.
USER———> AWS ELB ———–> HAPROXY ———–> Application server(apache)
Our ELB is using TCP listeners and we have enabled Proxy protocol header.
In HA proxy we have added "option forwardfor" in the haproxy.cfg
We are able to get the client IP for http requests through "x-forwarded-for" header, but not for https.
Appreciate any help in identifying what is the missing part in our setup.
thanks
Best Answer
Amazon ELB resets the TCP parameters when used as TCP listener. You can enable proxy protocol on ELB to retain these parameters:
http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html
Once done, you can modify haproxy to understand proxy protocol: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-send-proxy