Cloudflare + ELB original Client IP in Ingress nginx

We proxied some nginx-ingress endpoint to cloudflare, we need to capture the actual source IP and white list that in nginx ingresss.

Now we have enabled proxy in nginx ingress which is providing the Client IP access the ingress endpoints via ELB. We need to capture both ELB side traffic and Cloudflare Client IP as well. I tried enabling the real_ip to CC_connnecting_ip which is not working and it is impacting existing one (ELB side not working)

Is there any way to get both the Source IP or can we enable the cloudflare flag only specific to the ingress which is routed through cloudflare.

I need help on this.

It should be cf-connecting-ip.

1 Like

It was a type, I used the right one but its not working. It impacts the exisitng header one (ELB side Client IP was not coming)

I need to know the full syntax how we can use this to have both ELB and cloudflare client IP.

I have tried the below in ingress nginx but its not working. I didn’t get the souce client IP which hits the cloudflare.

proxy-real-ip-cidr: "173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/12,172.64.0.0/13,131.0.72.0/22,2400:cb00::/32,2606:4700::/32,2803:f800::/32,2405:b500::/32,2405:8100::/32,2a06:98c0::/29,2c0f:f248::/32,10.0.0.0/8"

use-proxy-protocol: "True"
server-snippet: |
  real_ip_header CF-Connecting-IP;

@sdayman can you please suggest here, I tried lot of combined option but not working as expected.