CSM header modification to report true source-ip

Unanswered Question
Apr 1st, 2009

I have a need to modify the Source-IP in the HTTP header to report the client and not the loadbalancer IP. I've attempted to use the method listed in the documentation, however the client IP is not being logged:

module ContentSwitchingModule 5

vlan 120 client

ip address x.x.x.68 255.255.255.192 alt x.x.x.69 255.255.255.192

gateway x.x.x.65

!

vlan 121 server

ip address y.y.y.100 255.255.255.248 alt y.y.y.101 255.255.255.248

route z.z.z.149 255.255.255.255 gateway y.y.y.97

route w.w.w.117 255.255.255.255 gateway y.y.y.97

route v.v.v.117 255.255.255.255 gateway y.y.y.97

!

natpool POOL1 y.y.y.102 y.y.y.102 netmask 255.255.255.248

!

map HEADER-INSERT header

insert protocol http header Source-IP header-value %is

!

real TESTSERV1

address z.z.z.149

no inservice

real TESTSERV2

address w.w.w.117

no inservice

real TESTSERV3

address v.v.v.117

inservice

!

serverfarm TESTFARM

nat server

nat client POOL1

real name TESTSERV1

inservice

real name TESTSERV2

inservice

real name TESTSERV3

inservice

!

policy INSERT

header-map HEADER-INSERT

serverfarm TESTFARM

!

vserver TESTFARM

virtual x.x.x.70 any

serverfarm TESTFARM

advertise active

persistent rebalance

slb-policy INSERT

inservice

Do I have this correct?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 04/01/2009 - 21:54

Remove the serverfarm from the vserver configuration. Since you are using a policy, the serverfarm serves as a default serverfarm.

I am sure you understand this but just wanted to make sure

You wont see source IP as "source ip" of the request. This config will ensure that your http header will include a header "Source-IP" with source ip of request as the header value.

Syed

joemarr_brodart Thu, 04/02/2009 - 06:43

Did you mean remove the serverfarm from the policy? If I remove it from the vserve, wont this break lb if I have multiple differnet serverfarms and vservs?

As for the Source-IP, I assume this means I need to modify Apache/IIS to add this header to the log entry?

Syed Iftekhar Ahmed Thu, 04/02/2009 - 14:48

I mean

vserver TESTFARM

virtual x.x.x.70 any

serverfarm TESTFARM <-- is not needed

advertise active

persistent rebalance

slb-policy INSERT <-- SF is already referenced here

inservice

Syed

Actions

This Discussion