We have a load balancer running in front of our node.js servers, so by the time the connection gets to our node.js server, the socket's remote address is always the IP of our load balancer. We want to get the original IP of the original connection, and most load balancers and SSL terminators (nginx, stud, HAProxy (we're using variants of the first two)) support inserting the original IP into the stream before the actual data (the HTTP request in the case of HTTP streams). Sadly, none of these support HTTP header rewriting at the same time as the other features we need (HTTP 1.1, WebSockets, single port, consistent/stateful load balancing), so it seems we must use the simple TCP-level load balancing option that just inserts the IP before the rest of the stream, which is simple to parse out, just not from userland.
On Mar 2, 3:09 pm, Ben Noordhuis <i...@bnoordhuis.nl> wrote: > On Fri, Mar 2, 2012 at 23:46, Jimb Esser <wastel...@gmail.com> wrote: > > For various reasons, we've got our node.js server running behind a > > protocol-agnostic (dumb TCP-pass through) reverse proxy/load balancer > > and SSL terminators, and we need to get the IP address of the original > > connection. HTTP header rewriting isn't feasible because of the > > protocol-agnostic load balancing and the point at which the SSL > > termination happens. > > > It's easy to add in things like a HAProxy PROXY protocol line (one > > line of text inserted before the actual stream of data with the > > original IP), but I can't find any way to parse this out of HTTP > > requests which doesn't require modifying and rebuilding node. > > > I made a change to node to allow this, and it is pretty small, simply > > emitting a 'preparse' event before sending the stream to the HTTP > > parser:https://github.com/Jimbly/node/commit/e8952ebbba5fa278aeada1af41b524f... > > > Is there a better way of going about this? Any way to inject this > > kind of functionality without modifying the node source (which is > > painful for maintenance and roll-out if we need to maintain and update > > our own fork/branch/etc). > > > For the maintainers: would this functionality be acceptable to add to > > the core http module? Any better way of implementing this (seems a > > bit hacky the way I did it). > > Jimb, I'm not 100% clear on what you're trying to do. Is the intent to > load-balance a connection based purely on the source or destination > address? Or on a token in the HTTP request headers like the > X-Forwarded-For header? -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
