Hi,
I post this just in case someone came across something like this, I struggled a lot to get this to work.
So I had to implement NSX Load Balancing on existing Distributed Port Groups, which meant existing physical gateways and firewalls, so the deployment option ended up being One Armed instead of Inline (I don´t think there´s a way to make Inline mode play nice with existing physicals gateways/firewalls).
When in One Armed deployment mode I think one is supposed to use the :
-
Option in the Application Profile, I´m using NSX 6.3.1 and that option did not carried the Original Client IP address no matter what, the other option offered by NSX load Balancing is the Transparent Mode of the Pool, but it´s my understanding that this option only works when in Inline mode, so I was lost without a way to implement NSX Load Balancing since almost no deployment would consider it an option to lose the Original Client IP address.
What I ended up finding is that since NSX Load Balancing is based on HAProxy, I could add an Application Rule that added that information, and it worked!!
These are the rules that I added :
# add X-FORWARDED-FOR
option forwardfor
# add X-CLIENT-IP
http-request add-header X-CLIENT-IP %[src]
Hope someone find this useful, I sure spend a lot of time looking for a way to make the X-Forwarded-For work on NSX and it was a complete waste of time.
Regards,
Carlos.