Non-Transparency
From LB Wiki
Non-Transparency is when the source IP address of the client is hidden from the server. This is also known as "proxy" mode, as the load balancer makes the request on behalf of the client.
Here is how the progression of source/destination IPs happen with a non-transparency:
| Step | Source IP | Destination IP |
| 1 | 192.168.0.10 | 10.0.0.200 |
| 2 | 10.0.0.200 | 10.0.0.100 |
| 3 | 10.0.0.100 | 10.0.0.200 |
| 4 | 10.0.0.200 | 192.168.0.10 |
Contents |
Advantages
When doing Non-Transparency, you don't need to change the default route on the web server. And actually, as long as the server is on the same subnet as the load balancer, the server doesn't even need a default route in order to serve up public web pages.
Disadvantages
The biggest problem with Non-Transparent/Proxy mode is that the servers logs are filled with only an IP address on the load balancer. This makes many log analysis methods mostly useless.
This is a common "gotcha", as a user will configure load balancing with Non-Transparent mode (perhaps because it's the default), and then weeks later will go back to munge the logs, only to find they're full of a single IP address.
HTTP Headers
To counteract the drawback of not having the IP address of the client in the connection, many load balancing vendors insert the source IP address in an HTTP header. From this, you can insert the actual IP address into the server logs.
Apache
Apache can be easily configured to take an HTTP header from the request and add it to the log file. For example, take the configuration for CLF (Common Log Format) logs (from the Apache 2.2 Documentation Project):
"%h %l %u %t \"%r\" %>s %b"
The first entry, %h, is puts in the remote host. If the load balancer is using a proxy/non-trasnaparent mode, this will show up as the load balancer for every connection coming in. However, Apache lets you custom configure your log file, and that can include header entries. Let's say that your have an HTTP header called X-Forward-For which contains the IP address of the actual client. In the CLF configuration, replace %h with %{X-Forward-For}, so your Apache CLF configuration would look like this:
CustomLog "%{X-Forward-For}i %l %u %t \"%r\" %>s %b" HeaderCLF
This would make a custom log format called HeaderCLF, which would display logs in the same way as the standard CLF.
Windows IIS
For IIS, to insert an HTTP header into the log file requires an ISAPI filter. F5 has created on one such filter, called the X-Forward-For filter. This assumes of course your HTTP header is called "X-Forward-For".
