Skip to content

Proxy protocol support #10645

Closed
Closed
@strainovic

Description

@strainovic

Is your feature request related to a problem? Please describe.

I have Kubernetes Cluster with NginX Reverse proxy in a front of worker nodes. Some of my services require Mutual TLS and I setup SSL Pass-trough on NginX Reverse proxy and on Kubernetes Ingress Controller (also NginX). When request hits my services (Kestrel web server), remote (source) IP is IP address of Kubernetes Ingress Controller but not original client IP. It creates me a problem as I need to check ACL based on client IP address. Enabling proxy protocol on both of NginX services I'm able to deliver original client IP to Kestrel but Kestrel at the moment doesn't know to speak proxy protocol in order to get original client IP.

Describe the solution you'd like

I would like to see proxy protocol support for Kestrel web server.

Describe alternatives you've considered

As service itself needs to to Mutual TLS, I see no alternatives for this problem.

Additional context

https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions