Load Balancer Headers
Describes using HTTP "X" and host headers in a load balancer.
HTTP requests and responses often include header fields that provide contextual information about the message. RFC 2616 defines a standard set of HTTP header fields. Some nonstandard header fields, which begin with X-
, are common. The Load Balancer service adds or modifies the Host header and the following X-
headers when it passes requests to your servers. Because these headers are always added and cannot be disabled, you cannot remove or modify headers using a rule set.
X-Forwarded-For
Provides a list of connection IP addresses.
The load balancer appends the last remote peer address to the X-Forwarded-For
field from the incoming request. A comma and space precede the appended address. If the client request header does not include an X-Forwarded-For
field, this value is equal to the X-Real-IP
value. The original requesting client is the first (left-most) IP address in the list, assuming that the incoming field content is trustworthy. The last address is the last (most recent) peer, that is, the machine from which the load balancer received the request. The format is:
X-Forwarded-For: original_client, proxy1, proxy2
Example incoming field:
X-Forwarded-For: 202.1.112.187
Example field with appended proxy IP address:
X-Forwarded-For: 202.1.112.187, 192.168.0.10
X-Forwarded-Host
Identifies the original host and port requested by the client in the Host
HTTP request header. This header helps you determine the original host, since the hostname or port of the reverse proxy (load balancer) might differ from the original server handling the request.
X-Forwarded-Host: www.oracle.com:8080
X-Forwarded-Port
Identifies the listener port number that the client used to connect to the load balancer. For example:
X-Forwarded-Port: 443
X-Forwarded-Proto
Identifies the protocol that the client used to connect to the load balancer, either http
or https
. For example:
X-Forwarded-Proto: https
X-Real-IP
Identifies the client's IP address. For the Load Balancer service, the "client" is the last remote peer.
Your load balancer intercepts traffic between the client and your server. Your server's access logs, therefore, include only the load balancer's IP address. The X-Real-IP
header provides the client's IP address. For example:
X-Real-IP: 192.168.0.10
X-Request-Id
The Request ID can help you with tracking and managing a request by providing a unique request identifier exposed in HTTP request and response headers.
When the request ID is enabled, the default header name X-Request-Id is included in the HTTP request header from the load balancer to the backend and HTTP header responses. If not enabled, the load balancer won't add this unique request ID header to the request passed through to the load balancer backend or to the response returned.
You can enter a different header name instead of using the default. Any custom header name must start with "X-".
Host
Identifies the original host and optionally the port requested by the client in the Host HTTP request header. For example:
Host: www.oracle.com