I'm not sure this is the right forum for this question. At the least this 
deserves an Off-topic (OT) in the subject.

-d

On 20-Mar-2013, at 3:04 PM, Nirmalya Lahiri wrote:

> Hi all,
>  for last few days I am facing problem while configuring ELB at Amazon cloud 
> (EC2). The issue is, I am not getting client IP address while I have 
> configured the ELB listener in Layer 4(TCP) mode in server variable, while I 
> am getting that in Layer 7(HTTP) mode. I need client IP for my application.
> 
>  Still ELB has the issue of SSL/TLS Renegotiation vulnerability. So, I am not 
> able to use ELB listener in Layer7(HTTP) mode, rather I am using ELB listener 
> in Layer4(TCP) mode and handle the SSL/TLS Renegotiation vulnerability 
> through Apache web server.
> 
> That means......
> Mode of Listener    |  Client IP address                  |       SSL/TLS 
> Renegotiation vulnerability     
> ---------------------------------------------------------------------------------------------------------------------------------------
> Layer4(TCP)           |   Not Available                       |          
> Vulnerability can be overcome
> Layer7(HTTP)         |     Available                           |          
> Vulnerability can not be overcome
> 
> 
> 
> I need both the feature(Client IP and Vulnerability overcome).
> 
> 
> I have written to Amazon support, but till now got very poor support from 
> them. Now I am posting this issue to these list, so that if anyone have any 
> idea to resolve that can share with everyone.
> 
> 
> Below is the mail that I have written to Amazon support......
> ---------------------------------------------------
> Hi,
>  as per the document published at 
> http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.html
>  ....
> 
> "When you use TCP for both front-end and back-end connections, your load 
> balancer will forward the request to the back-end instances without 
> modification to the headers."
> 
> But unfortunately I am not getting IP address of client from the server 
> variable "REMOTE_ADDR" on Layer 4 configuration of ELB. I am getting modified 
> address on that variable. How can I get the actual one?
> 
> I have no option to create Layer 7 configuration of ELB because still ELB has 
> issue with SSL/TLS Renegotiation. Currently I am handling this issue from  
> Apache server of back-end instance.
> 
> Now I need to know the process to know the IP address of client through Layer 
> 4 configuration of ELB. Without client IP our application will not run 
> properly. I am not able to run the application. 
> 
> Waiting for prompt reply 
> .. thanks.
> ---------------------------------------------------
> 
> 
> ---
> Nirmalya Lahiri
> Mobile: +91-9433113536
> VOIP: nirmalyalah...@sip.linphone.org 
> 
> _______________________________________
> Pune GNU/Linux Users Group Mailing List 


_______________________________________
Pune GNU/Linux Users Group Mailing List 

Reply via email to