From the documentation It is important to note that as long as HAProxy does not support keep-alive connections, only the first request of a connection will receive the header. For this reason, it is important to ensure that "option httpclose" is set when using this option.
Examples : # Public HTTP address also used by stunnel on the same machine frontend www mode http option forwardfor except 127.0.0.1 # stunnel already adds the header # Those servers want the IP Address in X-Client backend www mode http option forwardfor header X-Client See also : "option httpclose" Brian Carpio Senior Systems Engineer Office: +1.303.962.7242 Mobile: +1.720.319.8617 Email: bcar...@broadhop.com -----Original Message----- From: Julien Vehent [mailto:jul...@linuxwall.info] Sent: Tuesday, April 12, 2011 1:55 PM To: Haproxy Subject: x-forwarded-for and server side keep alive Hi there, I browsed the list to look for an answer to this question, without success, so I hope you can help me on this. I want to use Haproxy in front of Tomcat. I need to get the client's IP, so I logically activated 'option forwardfor', which works fine. I also want server-side keepalive. And this is when I discovered that Haproxy sends the x-forwarded-for header with the first request of the keep-alived connection only. It seems that tomcat 6.0.32 (that we use) cannot remember the x-forwarded-for value across multiple requests. So we would need to send the header with every request. My first question is: does anybody see anything wrong with those assumptions ? Then: is there a way to have x-forwarded-for added to each request without giving up on server-side keep alive ? Thanks, Julien