1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
2
The reason that you can do that in Nginx is because Nginx has support for Proxy Protocol v2. You'll need to find a SSH server/daemon that provides support and performs the logging you require.
Why disable Client IP Preservation and then use Protocol Proxy v2? It seems like extra work when NLB will preserve the client IP for you.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos
Disabling client IP preservation to make the request looks like coming from NLB. So I can add NLB private ip to security group to only allow traffic from it.
But if your targets are in a private subnet then they can only receive traffic from the NLB or other sources in that VPC (or on your network). Seems like an easier path to go.