Load balancer/reverse proxy rule using source IP

Hi there!

Would it be possible to use Cloudflare to perform the following:

  • Application XYZ has two web servers - Server1 and Server2
  • Cloudflare to analyze the incoming connections and decide to send the connection either to Server1 or Server2 based on the source IP, as in: source IP = 1.2.3.4 --> fwd to Server1 and source IP = any --> fwd to Server2

Is there a way to create customisable rules as the above?

Many thanks!

To my knowledge, this is not possible with Cloudflares load balancing feature.

You could however write your own load balancer with service workers. Service workers will allow you to redirect to alternative origin servers based on any parameter. See the worker docs on controlling Cloudflare features (Resolve Override).

Out of curiosity, what is your use case for such a setup?

1 Like

Basically we want to have two copies of the same web server environment, with only one open to external users (ENV1), and the other one only accessible from our network (ENV2). But we need both environments to be accessed by the same URL, so ideally the LB/Proxy would redirect to either environment based on the source IP.

The reason behind this would be to enable a development team to deploy releases continuously to one of the environments and being able to test thoroughly before making it available to external users.

Thanks very much for your reply - unfortunately I can’t test the service workers with the basic free account but I’ll make sure this is possible and if it is I’ll create a test environment to work with Cloudflare.

I done something like that in the past(now I am working with dev domain) anyway you can edit your windows hosts file on your developments machines and add there the new ip like
12.12.12.12 example.com

the hosts file located in C:\Windows\System32\drivers\etc it will bypass Cloudflare but it may be good enough depends on your needs

That’s an option but I’m afraid we don’t want to rely on hosts files for this as it’ll be a production environment.

What about a separate dev host? www.whatever for the public, dev.whatever for internal.

If that difference in hostname is not a problem it would the most simple and most economical soluton maybe.

Yeah that’s an issue because of the way our websites talk to each other - their addresses are hard coded so we wanted to test using the same addresses used in production before releasing this environment to external users.

I’m afraid we’re going to have to make a change on the websites for this to work better.

In that case the most feasible option might be to set up a reverse proxy yourself and direct requests to the respective endpoints depending on the client address.

It’s just 5$ to test it, even with the free account. You don’t like it you cancel for the next month.

Would that possible with Cloudflare? I might experiment with service workers as suggested by @matteo :slight_smile:

Well, you’d put your reverse proxy inbetween Cloudflare and your two servers.

The worker suggestion might certainly work too, it just might be a bit pricey depending on you traffic.

You just subscribe to the Cloudflare Workers and then do something like this:

It depends on his infrastructure, the price/convenience calculation is something he needs to do on his own.

3 Likes

I’ll try that and report back soon! Thanks everyone!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.