in my set-up, traefik is running behind another tcp proxy (e.g. nginx) and behind traefik multiple tcp or http based servers (as container) are running.
This works generally fine, but I struggle with two use cases:
- the tcp proxy in front of traefik enables the Proxy Protocol to ship the actual client IP. I want to print this information in the traefik access logs. By setting the "insecure" parameter in the proxy protocol section of the entry point to true, I achieved that the "ClientAddress" field in the access logs is overwritten with the IP shipped via the proxy protocol. However, this is not really what I would like to achieve. I would like to see the actual client ip (the proxy protocol data) in addition to the ip of the proxy, which forwards the communciation to my traefik instance. I've tried with setting different potential header names to "keep" in the access log configuration, but couldn't find any working approach. Can anybody help me on this?
- In my containerized applications, which are running behind traefik, the client IP of the request maps to the IP of traefik. I understand, that I can find the ip of the connecting client in the X-Real-IP header (if it's a http connection) or I could activate also the proxy protocol in traefik itself (if it is for a tcp connection). However, I'm wondering if there isn't an option that traefik set's its own ip to the ip of the client connecting to it (like other proxies can do). So any confirmation if this is actually not possible or if I just didn't find the right documentation for this, would be highly appreciated.
Thanks for any support!