Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Usage intructions for x-forwarded-for http header #771

Closed
ohardy opened this issue Mar 4, 2020 · 2 comments
Closed

Usage intructions for x-forwarded-for http header #771

ohardy opened this issue Mar 4, 2020 · 2 comments

Comments

@ohardy
Copy link

ohardy commented Mar 4, 2020

Hi,

Just a question because it's not clear for me.

Imagine that we have a load balancer with IP 10.0.0.10.
A kubernetes pod 10.0.0.20.

A client with an ip address 1.2.3.4 will connect to the LB that will redirect the traffic to the kubernetes pod.
The LB will add an header x-forwarded-for:10.0.0.10

The result ECS log:

{
  "client": {
    "address": "LB IP ? x-forwarded-for ip ?",
    "bytes": 1687,
    "ip": "LB IP ? x-forwarded-for ip ?",
    "port": 56910
  },
  "source": {
    "address": "LB IP ? x-forwarded-for ip ?",
    "bytes": 1687,
    "ip": "LB IP ? x-forwarded-for ip ?",
    "port": 56910,
    "nat": {
      "ip": "LB IP ? x-forwarded-for ip ?",
    }
  },
  "destination": {
    "domain": "example.com",
    "bytes": 691404,
    "address": "10.0.0.20",
    "ip": "10.0.0.20",
    "port": 51501
  },
  "network": {
    "ip": "10.0.0.20",
    "port": 51501,
    "forwarded_ip": "LB IP ? x-forwarded-for ip ?",
    "protocol": "http",
    "transport": "tcp",
    "type": "ipv4",
    "direction": "inbound",
    "bytes": 693091
  },
  ...other_fields
}

Thanks,
Olivier

@dainperkins
Copy link
Contributor

Hi @ohardy,

we added nat fields for just this purpose. When possible (e.g. x-forwarded-for header is present) I would use the actual IP for client/source and the proxy ip as client/source.nat.ip so it is easy to track the connection through the entire session.

Let me know if that makes sense.

Thanks
/d

@ohardy
Copy link
Author

ohardy commented Mar 4, 2020

Yes, then I think the documentation is not really clear about this. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants