Layer 7 API Management

Expand all | Collapse all

request.http.header.X-Forwarded-For = nul

  • 1.  request.http.header.X-Forwarded-For = nul

    Posted 01-09-2020 02:13 PM
    Hi Guys,

    I am trying to capture the publicIP using request.http.header.X-Forwarded-For for a SOAP/WSDL API onboarded.
    But I am unable to capture it always null.
    Though I could get tcp.remoteIP.
    What might be the blocker?


  • 2.  RE: request.http.header.X-Forwarded-For = nul

    Posted 01-09-2020 04:34 PM
    Dear Harsha,
    If gateway is behind a load balancer, the tcp.remoteIP will be always the IP of load balancer.
    The x-forwarded-for header a de-facto standard header for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or a load balancer.
    Your load balancer needs to be configured to store the original IP to the x-forwarded-for header before forward the request to gateway.
    Check with your network team on that.


  • 3.  RE: request.http.header.X-Forwarded-For = nul

    Posted 01-09-2020 06:39 PM
    Edited by Chris Bertagnolli 01-09-2020 06:40 PM
    A load balancer does not guarantee that ${request.tcp.remoteIP} will be load balancer - depends on setup. That should only be true if they perhaps terminate SSL before passing request along since that's only way they'd be able to inject the X-Forwarded-For header.

    If the load balancer is just a passthrough though then the X-Forwarded-For header shouldn't be present. In that situation then ${request.tcp.remoteIP} should work - works for all of our load balanced systems without any issues.

    Not knowing their setup, this is just a generic statement that request.tcp.remoteIP can work even in load balanced setups :). If they are in fact terminating SSL then of course it'd be on the LB to make sure it's inserting the appropriate HTTP header.