- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
- User Guide
-
Best Practices
- Using Global Accelerator to Speed Up Cross-Border Access to Web Servers
- Using CDN and Global Accelerator to Speed Up Cross-Border Access
- Using Global Accelerator to Speed Up Cross-Border Access to Third-Party On-premises Servers
- Using Global Accelerator to Accelerate Communications Between Cloud and On-Premises Servers and Implement Multi-active DR
- Transferring the Source IP Address of a Client
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Global Accelerator
- Listener
- Endpoint Group
- Endpoint
- Health Check
-
IP Address Group
- Creating an IP Address Group
- Querying IP Address Groups
- Querying Details of an IP Address Group
- Updating an IP Address Group
- Deleting an IP Address Group
- Adding CIDR Blocks to an IP Address Group
- Removing CIDR Blocks from an IP Address Group
- Associating an IP Address Group with a Listener
- Disassociating an IP Address Group from a Listener
- Region
- Tag
- Log
- Permissions Policies and Supported Actions
- Appendix
- SDK Reference
-
FAQs
- Can I Use the Ping Command to Test Latency?
- How Will I Be Billed for Global Accelerator?
- How Can I Increase the Global Accelerator Quotas?
- How Can I Use Traffic Dial to Distribute Traffic?
- What Types of Endpoints Can Be Added to a Global Accelerator?
- Can I Use Global Accelerator in an Area That Is Not Listed Among the Acceleration Areas?
- What Are the Statuses and Health Check Results of Endpoints?
- What Should I Do If an Endpoint Is Unhealthy?
- Most Frequently Asked Questions
- Configuring the TOA Module
- How Can I Use Global Accelerator to Enable European Users to Access the Applications Deployed in or Outside the Chinese Mainland (Excluding Europe) Faster?
- General Reference
Copied.
Transferring the Source IP Address of a Client
Scenarios
Global Accelerator can transfer the client IP address to backend servers.
This section describes how the source IP addresses are transferred in different scenarios.
Constraints
The constraints on this feature vary by the listener's protocol.
- UDP: The client IP address cannot be transferred.
- TCP: The backend server must be configured differently depending on the endpoint type.
For details, see the below table.
Endpoint Type
Support for Client IP Address Transferring
Backend Server Configuration
Description
ECS
Supported
Not required (The source IP address in the packet received by the backend service is the source IP address of the client.)
- By default, Global Accelerator uses the TCP Option Address (TOA) kernel module to transfer client IP addresses to backend servers. You need to configure the TOA plug-in on each backend server to obtain the source IP addresses.
For details, see Configuring the TOA Module.
- If Proxy Protocol is enabled, the global accelerator uses it to transfer the source IP address of the client to backend servers. Ensure that Proxy Protocol is also enabled on your backend servers.
EIP
Required
ELB
IP address
Custom domain name
Custom EIP
- By default, Global Accelerator uses the TCP Option Address (TOA) kernel module to transfer client IP addresses to backend servers. You need to configure the TOA plug-in on each backend server to obtain the source IP addresses.
Transferring Client IP Addresses Using Proxy Protocol
The following uses an EIP as an endpoint to describe how to enable Proxy Protocol and view the obtained client IP addresses.
- Submit a service ticket to enable Proxy Protocol.
- Enable Proxy Protocol on the backend servers.
To enable Proxy Protocol, add the corresponding port to either the http{} or stream{} module of Nginx.
http { #... server { listen 8080 proxy_protocol; #Enable proxy protocol parsing on port 8080. #... } } stream { #... server { listen 8090 proxy_protocol; #Enable proxy protocol parsing on port 8090. #... } }
- Transfer the client IP addresses.
After Proxy Protocol is enabled, Nginx preserves the source IP addresses of the clients in proxy_protocol_addr. You can save it in logs.
http { #... log_format main '[$time_local] $proxy_protocol_addr : $proxy_protocol_port $host "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; } stream { #... log_format main '[$time_local] $proxy_protocol_addr : $proxy_protocol_port $host "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; }
- Check the log to view the source IP addresses of the clients.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot