I had a similar issue, especially since we have nodes split behind F5 and 
Netscaler, which both operate differently with respect to header preservation, 
modification.

Our solution was to write our own HeaderParser.pm module and register it as the 
handler of that apache phase, and attempt to derive the "real" client IP 
(parsing CLIENT_IP || X-Forwarded-For, etc.) and set that in a new header 
called "X-Derived-Client-IP", which the load balancers ignore.  Also, we have a 
GUID cookie we use to identify unique clients, and we parse the cookies at that 
phase as set a "X-Derived-Client-ID" header.  Then, at the normal LogHandler 
apache phase, we use the %{Header}i in our LogFormat configuration to get it in 
the access logs.  We are running on the Apache 1.3* stack.

Hope this helps,
- Jeff


----- Original Message ----
From: Carl Johnstone <[EMAIL PROTECTED]>
To: modperl@perl.apache.org
Sent: Thursday, August 2, 2007 8:07:53 AM
Subject: reverse proxy/logging problem

Hi,

I've got a two-apache reverse proxy setup, split over two hosts.

The problem I've got is that I'd like to put the user_id in the access logs 
so that our log analysis software can make use of it.

Setting apache->user correctly logs the user at the back-end however the IP 
addresses are wrong, being the internal address of the front-end proxy. Also 
requests dealt with purely at the front-end aren't logged.

Logging at the front-end means all requests are logged with the right IP 
address. Additional bonuses for me are that those servers are less loaded, 
and I'd be able to turn off logging at the back-end. However the user_id 
isn't available.

Is there any easy way to pass the user_id from the back-end in such a way 
the front-end could log it? Or is there another option?

Carl




Reply via email to