Discuss mailing list

[Julian De Marchi <julian AT jdcomputers.com.au>]

On 10/06/15 10:28, Fusl Dash wrote:
> No, this is a different case here. As Julian already explained, the Linode 
> loadbalancer does not act like nginx and therefore does not add an 
> additional HTTP-Header (e.g. X-Forwarded-For/X-Real-IP/...), but instead 
> just passes the raw TCP connection to the server itself...
> 
> ... at least from what I understood from his email.

I'll explain a bit more. There are a few options with the nodebalancer,
http, https, tcp.

HTTP mode passes on the x-forwarded-for header. HTTPS does to. However
HTTPS does not perform SSL re-negotiation, so we are stuck if using that
option to one SSL site per nodebalancer only.

This is an issue with most "cloud" load-balancers, including AWS. I'm
unsure of cloudfare though.

A work around for this is to use the nodebalancer for our main site only
and then for the other SSL sites LB at the node to the pool of
webservers we have.

--julian