DigitalOcean

Report this

What is the reason for this report?
Question

Load Balancer does not forward source ip

Posted on October 24, 2017
Load Balancing
dmitryd82bcfce79091cfb1d29

By dmitryd82bcfce79091cfb1d29

I have a service in a kubernetes cluster exposed through a load balancer. However, the load balancer is not correctly forwarding request headers to Kubernetes. For instance X-Forwarded-For contains the load balancer’s private IP address 10.X.X.X when it should have been [ClientIP],[LoadBalancerPrivateIP]. This is not due to the kubernetes routing controller, because when the service is exposed with an Ingress Controller I am getting all the headers correctly filled.

my kubernetes service definition is the following

apiVersion: v1
kind: Service
metadata:
  name: myservice
  labels:
    app: myapp
spec:
  ports:
  - port: 80
    targetPort: 5000
    protocol: TCP
    name: http
    type: LoadBalancer
  selector:
    app: myapp

Can someone please help out on this?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Gisleburt
Gisleburt
February 6, 2018

This might be too late for you but perhaps it will help others.

In theory, you should be able to resolve this by setting service.spec.externalTrafficPolicy to Local, example below. However, this only seems to work with some vendors (Google Cloud, Azure). I’ve tried it in DO and it doesn’t seem to work unfortunately.

---
kind: Service
apiVersion: v1
metadata:
  name: traefik-ingress-service
  namespace: public
spec:
  selector:
    k8s-app: traefik-ingress-lb
  ports:
    - protocol: TCP
      port: 80
      name: http
    - protocol: TCP
      port: 443
      name: https
    - protocol: TCP
      port: 8080
      name: admin
  type: LoadBalancer
  externalTrafficPolicy: Local

I’ll update if I find anything.

0
brunokakele
brunokakele
January 13, 2020

It still doesn’t work. Another thread with the same issue: https://www.digitalocean.com/community/questions/transparent-load-balancers

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.