Load Balancer Headers
Describes using HTTP "X" and host headers in a load balancer.
HTTP requests and responses often include header fields that provide contextual
information about the message. RFC 2616 defines a standard set of HTTP header fields. Some non-standard
header fields, which begin with X-
, are common. The Load Balancing service adds or modifies the Host header and the
following X-
headers when it passes requests to your servers. Because
these headers are automatically added, they cannot be removed or modified using a rule
set.
X-Forwarded-For
Provides a list of connection IP addresses.
The load balancer appends the last remote peer address to the
X-Forwarded-For
field from the incoming request. A comma and space
precede the appended address. If the client request header does not include an
X-Forwarded-For
field, this value is equal to the
X-Real-IP
value. The original requesting client is the first
(left-most) IP address in the list, assuming that the incoming field content is
trustworthy. The last address is the last (most recent) peer, that is, the machine from
which the load balancer received the request. The format is:
X-Forwarded-For: original_client, proxy1, proxy2
Example incoming field:
X-Forwarded-For: 202.1.112.187
Example field with appended proxy IP address:
X-Forwarded-For: 202.1.112.187, 192.168.0.10
X-Forwarded-Host
Identifies the original host and port requested by the client in the
Host
HTTP request header. This header helps you determine the
original host, since the hostname or port of the reverse proxy (load balancer) might
differ from the original server handling the request.
X-Forwarded-Host: www.oracle.com:8080
X-Forwarded-Port
Identifies the listener port number that the client used to connect to the load balancer. For example:
X-Forwarded-Port: 443
X-Forwarded-Proto
Identifies the protocol that the client used to connect to the load balancer, either
http
or https
. For example:
X-Forwarded-Proto: https
X-Real-IP
Identifies the client's IP address. For the Load Balancing service, the "client" is the last remote peer.
Your load balancer intercepts traffic between the client
and your server. Your server's access logs, therefore, include only the load
balancer's IP address. The X-Real-IP
header provides the client's
IP address. For example:
X-Real-IP: 192.168.0.10
Host
Identifies the original host and optionally the port requested by the client in the Host HTTP request header. For example:
Host: www.oracle.com