This document elucidates the process of obtaining the genuine client IPs via Proxy Protocol V1/V2 when employing the L4 proxy acceleration.
Use Cases
When data packets are expedited via the L4 acceleration channel, in order to convey the authentic client IP and Port details to the origin server, you may opt to transmit the client IP and Port information through the Proxy Protocol V1/V2. For a comprehensive understanding of the protocol, refer to Proxy Protocol V1/V2.
When the origin server is parsing to obtain the actual client IP, depending on the business scenario and deployment method, the following two methods can be referred to understand how to acquire the real client IP:
Method 1: If the TCP protocol is utilized by your origin server, and Nginx natively supports the Proxy Protocol, it is advisable to append a Nginx server that supports Proxy Protocol V1/V2 ahead of the business server to procure the genuine client IP. For detailed steps, please refer to Obtaining Real Client IPs Through Nginx.
Method 2: If your origin server employs the UDP protocol, or if there is a need to directly parse the real client IP under the TCP protocol scenario within the business origin service for business scheduling, you can develop your own parsing of the Proxy Protocol field within the business origin by referring to the sample code in the Proxy Protocol. For detailed steps, please refer to Parsing Real Client IPs on Application Server.