-
NLB Client IP preservation vs Proxy protocol V2
updated 7 months, 3 weeks ago
4 Members
·
7
Posts
-
Hi,
For NLB it seems that both Client IP preservation & Proxy protocol V2 can be used to retrieve the client IP address. What is the difference and which would be suitable what kind of circumstance?
Thanks!
-
Hi, just bumping this thread in case this is missed out.
-
Hi,
Thank you for your email. Yes, You can use both the Client IP preservation and Proxy Protocol V2 on your NLBs. The usage depends on the type of Target Group you’ll be configuring for your load balancer, which can be an:
-
Instance type target group
-
IP type target group
-
IP type target group (TCP, TLS)
Another consideration is the health check connection. If you enabled the proxy protocol, the proxy protocol header is also included in health check connections from the network load balancer by default but with health check connections, the client convection information is not sent in the proxy protocol header.
The client IP preservation is enabled by default. There are cases where kt can’t be disabled such as for instance and IP type target groups with UDP and TCP_UDP protocols. However, you can enable or disable client IP preservation for TCP and TLS target groups using the: preserve_client_ip.enabled target group attribute.
I highly recommend reading this official AWS documentation for full reference:
Client IP Preservation https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#client-ip-preservation
Proxy Protocol
-
-
Client IP Preservation lets your backend see the real client IP without extra setup, and it works by default on AWS NLB for TCP targets. Proxy Protocol V2 adds a header with client info but requires your backend to support parsing it. Use Client IP Preservation when possible and enable Proxy Protocol only if needed (e.g., cross-VPC).
-
Hi jersyogg,
Thank you for your message and for sharing your thoughts on Client IP Preservation and Proxy Protocol v2. Could you kindly confirm which specific item you’re referring to in your note? Knowing whether you mean Client IP Preservation, Proxy Protocol v2, or a combination of both will help us give you a precise answer.
If possible, please also share a short snippet of the question item. This will allow us to check the details on our end and confirm if the feature is working as expected.
We appreciate your patience and look forward to your reply so we can help you resolve this quickly.
Cheers,
Nikee @ Tutorials Dojo
-
-
Client IP Preservation shows the original client IP by default on AWS NLB for TCP targets, while Proxy Protocol V2 adds headers that require backend parsing. Use Client IP Preservation when possible, and Proxy Protocol only if needed. For consistent outbound IPs or whitelisting, an ipv6 proxy from LightningProxies offers large subnet pools, static or rotating sessions, unlimited bandwidth, and global coverage.
-
This reply was modified 7 months, 4 weeks ago by
jersyogg.
-
Hi jersyogg,
Apologies for the confusion earlier, and thank you for sharing your thoughts on Client IP Preservation and Proxy Protocol v2. Please share a short snippet of the practice exam question item to ensure we fully understand and can provide the most accurate clarification. This will help us check the details on our end and confirm whether the explanation aligns correctly with the intended answer.
We appreciate your patience and look forward to your reply so we can help resolve this quickly.
Cheers,
Nikee @ Tutorials Dojo
-
This reply was modified 7 months, 4 weeks ago by
Log in to reply.