Hi, In the Pulsar broker and proxy, there is existing support for receiving the original client IP address from a Load Balancer or Proxy that passes this information in the TCP/IP connection using the HA Proxy Protocol. This feature can be activated with the `haProxyProtocolEnabled=true` setting. It was added in the Pulsar 2.8.0 release with PR 8686.
However, similar support has been missing for HTTP/HTTPS connections. A common security requirement is to log the client IP address information. To meet this important requirement, I suggest that we make an exception and cherry-pick support for logging the original client IP address for HTTP/HTTPS REST API calls to the maintenance branches in Pulsar. I have prepared PR 22524 to add support for both the X-Forwarded-For header (Layer 7 LB/proxy support) and the HA Proxy Protocol (Layer 4 LB/proxy support) for HTTP/HTTPS connections. This PR is now under review. https://github.com/apache/pulsar/pull/22524 I will leave the review open until tomorrow and then proceed with cherry-picking the PR to the maintenance branches unless there are objections to this plan. -Lari
