1

Why do software load balancers mask the client IP?

view story
linux-howto

http://serverfault.com – Currently I'm using a Cisco CSS hardware load balancer. From the web server's point of view, the end-user's IP address is stamped on all traffic as if the load balancer weren't even present. I'm now looking at software replacements such as HAProxy, Pound, or AWS ELB. They all have one thing in common: the web server receives the load balancer's IP instead of the end-user's. Your system has to be aware of this and access an X-Forwarded-For header if you want the end-user's IP, or in the case of SSL, decrypt and re-encrypt the traffic. So my question is: Why is this the case? Why can software (HowTos)