Hi, Adi… First, you’ll need to enable the Proxy Protocol on your ELB. That will pass the Proxy Protocol information (client IP) on to your EC2 Instance running ATS. In your ATS config, you’ll need to enable the Proxy Protocol on your port (proxy.config.http.server_ports in records.config) and you’ll need to enable inserting the Forwarded: header (proxy.config.http.insert_forwarded in records.config). ATS will then accept the ProxyProtocol v1 header and transform that information to the Forwarded: header that then gets passed to your origin.
This is available starting in ATS v8.0.x and is documented here: Proxy Protocol<https://docs.trafficserver.apache.org/en/8.0.x/admin-guide/configuration/proxy-protocol.en.html?highlight=proxy%20protocol> Thanks, Steven From: Adi Mallikarjuna Reddy V <[email protected]> Reply-To: "[email protected]" <[email protected]> Date: Tuesday, January 22, 2019 at 6:31 PM To: "[email protected]" <[email protected]> Subject: Client IP Our setup is like this in AWS. (HTTPS) (HTTPS) Client ======> ELB ======> EC2 instance (ATS) ====> Origin We are not terminating HTTPs at ELB, continuing HTTPS all the way till the node that runs ATS. In this case, if we look at squid.log, it shows ELB IP as client IP, instead of the real client IP. Is there anything wrong with this setup/configuration? Thanks Adi
