Load Balancer Headers

Describes using HTTP "X" and host headers in a load balancer.

HTTP requests and responses often include header fields that provide contextual information about the message. RFC 2616 defines a standard set of HTTP header fields. Some nonstandard header fields, which begin with X-, are common. The Load Balancer service adds or modifies the Host header and the following X- headers when it passes requests to your servers. Because these headers are always added and cannot be disabled, you cannot remove or modify headers using a rule set.

X-Forwarded-For

Provides a list of connection IP addresses.

The load balancer appends the last remote peer address to the X-Forwarded-For field from the incoming request. A comma and space precede the appended address. If the client request header does not include an X-Forwarded-For field, this value is equal to the X-Real-IP value. The original requesting client is the first (left-most) IP address in the list, assuming that the incoming field content is trustworthy. The last address is the last (most recent) peer, that is, the machine from which the load balancer received the request. The format is:

X-Forwarded-For: original_client, proxy1, proxy2

Example incoming field:

X-Forwarded-For: 202.1.112.187

Example field with appended proxy IP address:

X-Forwarded-For: 202.1.112.187, 192.168.0.10

X-Forwarded-Host

Identifies the original host and port requested by the client in the Host HTTP request header. This header helps you determine the original host, since the hostname or port of the reverse proxy (load balancer) might differ from the original server handling the request.

X-Forwarded-Host: www.oracle.com:8080

X-Forwarded-Port

Identifies the listener port number that the client used to connect to the load balancer. For example:

X-Forwarded-Port: 443

X-Forwarded-Proto

Identifies the protocol that the client used to connect to the load balancer, either http or https. For example:

X-Forwarded-Proto: https

X-Real-IP

Identifies the client's IP address. For the Load Balancer service, the "client" is the last remote peer.

Your load balancer intercepts traffic between the client and your server. Your server's access logs, therefore, include only the load balancer's IP address. The X-Real-IP header provides the client's IP address. For example:

X-Real-IP: 192.168.0.10

Host

Identifies the original host and optionally the port requested by the client in the Host HTTP request header. For example:

Host: www.oracle.com