On 12/13/2011 09:02 PM, John Lauro wrote: > Been using haproxy for some time… but have not used it with SSL yet. > > I do need to preserve the IP address of the original client. So either > transparent (is that possible when going through stunnel or other and > haproxy on the same box), or X-Forwarded-for or similar added.
You should probably put stud (https://github.com/bumptech/stud) in front of haproxy. It supports sendproxy protocol from haproxy 1.5, supports ipv6 and scaling out. There's also a patch for sendproxy protocol that pplies to haproxy 1.4. However, you shouldn't be afraid of running haproxy 1.5-devXX, it is really, really very stable. Best regards, Brane