Thanks for the detailed description.
In this case,
$remote_addr still captures the IP address of the NLB node. Try adding
$proxy_protocol_addr to the log_format and see if this helps, with more details in https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/.
[Feature request] dualstack NLB target groupsasked 3 months ago
NLB Preserving Client IPAccepted Answerasked 2 years ago
EKS NLB target groups protocol change to httpsAccepted Answerasked a month ago
NLB IP preservation over peering target groupasked 2 months ago
Proxy Protocol V2 with Disabling client IP preservation in NLB Target groupsasked 15 days ago
Network Load Balancer SSH with Proxy V2 and Client IP Preservingasked 12 days ago
Source IP using PrivateLink and NLBAccepted AnswerMODERATORasked 3 years ago
How does it work differently per target group?Accepted Answerasked 4 years ago
Client IP Preservation for Network Load Balancer endpoints for Global Acceleratorasked 8 months ago
Obtain client IP address through a network load balancer (TCP socket server, Python)asked 3 months ago