forwardfor information is missing

Posted by FAFA on Server Fault See other posts from Server Fault or by FAFA
Published on 2012-11-14T10:00:31Z Indexed on 2012/11/14 11:05 UTC
Read the original article Hit count: 313

Filed under:
|
|

I use following configuration to load balance https connections, using haproxy 1.4.8. SSL offloading is done by apache.

listen ssl_to_waf 192.168.101.54:443
mode tcp
balance roundrobin
option ssl-hello-chk

server wafA 192.168.101.61:444 check
listen ssl_from_waf 192.168.101.61:445
balance roundrobin
option forwardfor

server webA 192.168.101.46:80 check

For HTTP requests this works great, requests are distributed to my Apache servers just fine. But for HTTPS request, I lose the "forwardfor" information. I need to save the client IP address. How can I use HAproxy to load balance across a number of SSL servers, allowing those servers to know the client's IP address?

© Server Fault or respective owner

Related posts about load-balancing

Related posts about https