Enable the Proxy Protocol
When HAProxy Enterprise proxies a TCP connection, it overwrites the client's source IP address with its own when communicating with the backend server. The Proxy Protocol adds a header to a TCP connection to preserve the client's IP address. This method solves the lost-client-IP problem for any application-layer protocol that transmits its messages over TCP/IP. To work, both the sender (the load balancer) and receiver (backend server) must support the protocol and have it enabled.
HAProxy Enterprise adds the header to connections before relaying them to upstream servers. When placed behind another proxy, it can also receive the Proxy Protocol header attached to the incoming connection. This feature supports IPv4 and IPv6 addresses.
To accept a Proxy Protocol header on incoming TCP connections, add an
accept-proxyparameter to the
bindline in a
frontendsection. This parameter detects both Proxy Protocol version 1 (text format) and Proxy Protocol version 2 (binary format).
To send a Proxy Protocol header to the backend server, add a
send-proxyparameter to the
serverlines in a
backendsection if you want to send a Proxy Protocol version 1 header (text format).
send-proxy-v2parameter to send a Proxy Protocol version 2 header (binary format).
Accepts the Proxy Protocol header from incoming connections and also attaches the Proxy Protocol header to outgoing connections.
frontend mywebsite bind :80 accept-proxy default_backend webservers backend webservers balance roundrobin server s1 192.168.56.20:3000 check send-proxy server s2 192.168.56.21:3000 check send-proxy