From the documentation
It is important to note that as long as HAProxy does not support keep-alive
connections, only the first request of a connection will receive the header.
For this reason, it is important to ensure that "option httpclose" is set
when using this option.
Examples :
# Public HTTP address also used by stunnel on the same machine
frontend www
mode http
option forwardfor except 127.0.0.1 # stunnel already adds the header
# Those servers want the IP Address in X-Client
backend www
mode http
option forwardfor header X-Client
See also : "option httpclose"
Brian Carpio
Senior Systems Engineer
Office: +1.303.962.7242
Mobile: +1.720.319.8617
Email: bcar...@broadhop.com
-----Original Message-----
From: Julien Vehent [mailto:jul...@linuxwall.info]
Sent: Tuesday, April 12, 2011 1:55 PM
To: Haproxy
Subject: x-forwarded-for and server side keep alive
Hi there,
I browsed the list to look for an answer to this question, without success,
so I hope you can help me on this.
I want to use Haproxy in front of Tomcat. I need to get the client's IP, so I
logically activated 'option forwardfor', which works fine.
I also want server-side keepalive. And this is when I discovered that Haproxy
sends the x-forwarded-for header with the first request of the keep-alived
connection only.
It seems that tomcat 6.0.32 (that we use) cannot remember the x-forwarded-for
value across multiple requests. So we would need to send the header with every
request.
My first question is: does anybody see anything wrong with those assumptions ?
Then: is there a way to have x-forwarded-for added to each request without
giving up on server-side keep alive ?
Thanks,
Julien
