- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If a client connects directly to the connection server then that client's IP address will show under 'ClientIPAddress'. If a client connects through a load balancer then one of the floating IPs will show under 'ClientIPAddress' and the actual client IP address will show under 'ForwardedClientIPAddress' as long as the load balancer is configured to insert the 'X-Forwarded-For' header. If 'X-Forwarded-For' isn't configured then the value will be NULL.
If 'X-Forwarded-For' is enabled then the connection server will see something similar to this:
2018-03-23T05:22:33.365-05:00 DEBUG (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) Request from /10.205.1.82: POST /broker/xml
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) Content-Type: application/x-www-form-urlencoded
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: host: [virtual.example.org]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: user-agent: [VMware-client]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: accept: [*/*]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: cookie: []
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: content-length: [179]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: content-type: [application/x-www-form-urlencoded]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: x-forwarded-for: [10.95.2.59]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) Forcing content type for XML API request to: text/xml
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: content-type: [text/xml]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: vdmconnectionsource: [VkRJQ09OTkkwMS53aHJzZC5uZXQ=]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: gateway-type: [SG-cohosted]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [r] (ajp:broker:Request5712720) Header: gateway-location: [Internal]
2018-03-23T05:22:33.365-05:00 DEBUG (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) Gateway headers sent to the broker:
2018-03-23T05:22:33.365-05:00 DEBUG (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) gateway-type = [SG-cohosted]
2018-03-23T05:22:33.365-05:00 DEBUG (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) gateway-location = [Internal]
2018-03-23T05:22:33.365-05:00 TRACE (0D88-1148) <Thread-35> [SimpleAJPService] (ajp:broker:Request5712720) Request task queued.
The POST to the connection server will be from an IP address belonging to the load balancer. In the data being posted, the load balancer will add the additional 'x-forwarded-for' header containing the source client ip address. In this example the load balancer is 10.205.1.82 and the client is 10.95.2.59.
You mentioned you are using an F5 in your environment. Are you using the F5 Horizon iApp template? Did you configure SSL bridging or SSL offloading? If you go to your http service profiles under 'Local Traffic' -> 'Profiles' is 'X-Forwarded-For' enabled?
