Load Balancing - NGINX forwards TCP to the backend server. How does the backend server obtain the user's real IP address? The NGINX server and the backend server are not in the same network segment
高洛峰
高洛峰 2017-06-16 09:19:41
0
1
1877

Recently there is a requirement to forward TCP requests to the real back-end server through a transit server, but the problem encountered now is that the back-end server cannot obtain the user's real IP.

Please note that it is a TCP connection, not HTTP. It is a function in the stream module of NGINX. I checked a lot of information online. The official NGINX document says it can be solved, but does not give detailed operation guidance. , I hope friends who have already implemented it can help answer the question. Also, if LVS is used as a load, can the back-end server obtain the real IP of the client if the machine is not in the same network segment? If possible, please link to relevant articles.

Reference documentation:
https://nginx.org/en/docs/str...
https://www.nginx.com/blog/tc...

高洛峰
高洛峰

拥有18年软件开发和IT教学经验。曾任多家上市公司技术总监、架构师、项目经理、高级软件工程师等职务。 网络人气名人讲师,...

reply all(1)
黄舟

LVS cannot obtain the real IP by default in nat or fullnat mode.

Alibaba’s fullnat can pass the real IP to the backend through TCP Option.

nginx’s stream module can pass the real IP through proxy protocol https://www.haproxy.org/downl...

Both have one thing in common:

The backend needs to modify the code to obtain this IP.

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template