By using AWS re:Post, you agree to the Terms of Use

Proxy Protocol V2 with Disabling client IP preservation in NLB Target groups

0

Proxy Protocol V2 with Disabling client IP preservation in NLB Target groups

Here, I am doing some R&D type of activity. I have a network load balancer and an EC2 instance running in my private network. In EC2 instance, nginx is installed and configured to accept proxy v2. I have configured the log format as follows in order to log the original client ip of the request.

log_format compression '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" "$gzip_ratio"';

I have enabled proxy V2 in network load balancer and disabled client ip preservation. Security group attached to EC2 instance allow traffic only from network load balancer IP.

What I want to do is allow traffic only from Network Load Balancer and I want to retrieve the Original client ip from the proxy headers. Allow traffic from NLB is working properly but with the above setup nginx still logs the NLB's IP as the client IP. What is the issue of this setup?

1 Answer
1

Thanks for the detailed description.

In this case, $remote_addr still captures the IP address of the NLB node. Try adding $proxy_protocol_addr to the log_format and see if this helps, with more details in https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/.

answered 15 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions