Customize TCP → Proxy rule | Selectel Documentation

Configure TCP → Proxy rule

To see the actual IP addresses of the clients that access the load balancer, you can create a TCP → Proxy rule and use the Proxy Protocol. The client information will be added to the connection header.

For more information, see the Changing the load balancer IP address to the IP address of the nginx documentation client instruction.

For HTTP
For HTTPS

Verify that you have created a load balancer with the following parameters:
- for the target group — PROXY protocol and port 80;
- for the rule — TCP protocol and port 80.
Available balancers can be viewed in the Control Panel: in the top menu, click Products → Cloud Servers → Balancers → Balancers tab.
Connect to the cloud server from the target group.

Install and configure nginx:

apt update
apt install nginx
systemctl start nginx

Open the configuration file on the cloud server:
```
nano /etc/nginx/sites-enabled/default
```
Change the lines in the server block:
```
server {
    listen 80 proxy_protocol;

    set_real_ip_from <loadbalancer_ip_address>;
    real_ip_header proxy_protocol;

    ...
}
```
Specify < loadbalancer_ip_address > — private IP address of the load balancer, for example 192.168.0.3. It can be viewed in the control panel: in the top menu click Products → Cloud Servers → Balancers → Balancers tab → Balancers tab → Load Balancer page → Settings block → Network field . Used as a trusted address — see the nginx documentation for details on the set_real_ip_from directive.

Verify that you have created a load balancer with the following parameters:
- for the target group — PROXY protocol and port 80;
- for the rule — TCP protocol and port 80.
Available balancers can be viewed in the Control Panel: in the top menu, click Products → Cloud Servers → Balancers → Balancers tab.
Connect to the cloud server from the target group.

Install and configure nginx:

apt update
apt install nginx
systemctl start nginx

Open the configuration file on the cloud server:
```
nano /etc/nginx/sites-enabled/default
```
Change the lines in the server block:
```
server {
    listen 443 ssl proxy_protocol;

    ssl_certificate /etc/nginx/ssl/public.example.com.pem;
    ssl_certificate_key /etc/nginx/ssl/public.example.com.key;

    set_real_ip_from <loadbalancer_ip_address>;
    real_ip_header proxy_protocol;

    ...
}
```
Specify < loadbalancer_ip_address > — private IP address of the load balancer, for example 192.168.0.3. It can be viewed in the control panel: in the top menu click Products → Cloud Servers → Balancers → Balancers tab → Balancers tab → Load Balancer page → Settings block → Network field . Used as a trusted address — see the nginx documentation for details on the set_real_ip_from directive.