Solve Haproxy proxy nginx get client real IP problem

Issue background:

Before our company due to DDoS attacks caused by network exports, after understanding, traffic into the Amazon is no money, and unlimited traffic, in order to strengthen the protection of network attacks on the business impact, in the Amazon to deploy a set of Haproxy agent, the part of the business migration trial.

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/83/1F/wKioL1drZeyxEL5mAAA1K9OBwBc668.png-wh_500x0-wm_3 -wmp_4-s_1612962770.png "title=" Aws-lvs-nginx.png "alt=" Wkiol1drzeyxel5maaa1k9obwbc668.png-wh_50 "/>

In order to use Nginx to obtain the IP address of the client, configure option httpclose and option Forwardfor,nginx configuration Set_real_ip_from x.x.x.x in Haproxy, and Real_ip_ Header x-forwarded-for; (where x.x.x.x is the public IP address of Haproxy), observe that the log finds that remote_addr gets the IP address of haproxy.

Then we check the official documents of Haproxy

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/83/1F/wKioL1drbGGTeJhRAABktkXZRw8298.png-wh_500x0-wm_3 -wmp_4-s_2259427357.png "style=" Float:none; "title=" Haproxy-forward1.png "alt=" Wkiol1drbggtejhraabktkxzrw8298.png-wh_50 "/>

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/83/1F/wKiom1drbGKTB8KwAABJlveXLEg236.png-wh_500x0-wm_3 -wmp_4-s_2198325183.png "style=" Float:none; "title=" Haproxy-forward2.png "alt=" Wkiom1drbgktb8kwaabjlvexleg236.png-wh_50 "/>

Add in haproxy config file backend xxx

Option Forwardfor Header x.x.x.x

Re-add Haproxy configuration file, observe nginx Access log, finally can get the client real IP!

Resolve Haproxy proxy nginx get client real IP problem