Applies To:

Show Versions Show Versions

sol7441: Using the 'X-Remote-Addr' HTTP header to preserve the original client IP address for traffic being translated by BIG-IP WebAccelerator (9.x - 10.x)
How-ToHow-To

Original Publication Date: 05/16/2007
Updated Date: 03/13/2013

This article applies to BIG-IP WebAccelerator 9.x through 10.x. For information about other versions, refer to the following articles:

When the BIG-IP WebAccelerator processes an HTTP request, the source IP address is translated to the IP address of the BIG-IP WebAccelerator. The web server processes the request as originating from the BIG-IP WebAccelerator IP address, not the original client IP address. If the web servers are required to log the original client IP address for requests, the BIG-IP WebAccelerator address translation behavior may become problematic.

Note: In BIG-IP WebAccelerator 9.4.x and 10.x, the source IP address translation is determined by the BIG-IP WebAccelerator-enabled virtual server SNAT pool configuration.

The BIG-IP WebAccelerator inserts the original client IP address into an X-Remote-Addr HTTP header so that the web server receiving the request is able to log the client IP address instead of the BIG-IP WebAccelerator IP address.

No configuration is required for the BIG-IP WebAccelerator to insert the original client IP address in the X-Remote-Addr HTTP header. However, you must configure the web server to extract the IP address from the X-Remote-Addr HTTP header, and log the IP address to the web server log file.

Note: The X-Remote-Addr HTTP header is similar to the X-Forwarded-For HTTP header that can be inserted by an HTTP profile. The X-Forwarded-For HTTP header has been used for other BIG-IP applications where the original client IP address translation has occurred. For information about the X-Forwarded-For HTTP header, refer to SOL4816: Using the X-Forwarded-For HTTP header to preserve the original client IP address for traffic being translated by a SNAT.

Configuring an Apache web server or a Microsoft IIS web server

For information about configuring an Apache or a Microsoft IIS web server to extract the IP address from the HTTP header, refer to the following sections:

Important: For specific details about using HTTP header information in log files, refer to the documentation provided by the vendor for your specific web server.

Apache web server

You can configure an Apache web server to extract the IP address from the X-Remote-Addr HTTP header and log the IP address to the web server log file by adding the appropriate logging directives to the Apache httpd.conf file.

For example:

LogFormat "%{X-Remote-Addr}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""

Microsoft IIS web server

You can configure the Microsoft IIS web server to extract the IP address from an HTTP header and log the IP address to the web server log file. However, you will need to create a custom ISAPI log filter for your Microsoft IIS web server. The custom ISAPI filter will need to look for the X-Remote-Addr HTTP header in the HTTP request. If the ISAPI filter finds an X-Remote-Addr HTTP header in the HTTP request, it will replace the client IP address in the W3SVC log traces with the value of the X-Remote-Addr HTTP header.

Important: Using the X-Forwarded-For HTTP header instead of the X-Remote-Addr HTTP header may be advantageous when using Microsoft IIS web servers, because F5 has already created an ISAPI filter that looks for an X-Forwarded-For HTTP header.

Note: If you use the Microsoft IIS X-Forwarded-For ISAPI filter, you must configure the HTTP profile used by the virtual server to insert the X-Forwarded-For HTTP header. The IIS X-Forwarded-For ISAPI filter is available from the DevCentral site. A DevCentral login is required to access this content; you will be redirected to authenticate or register (if necessary).

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)