Proxy Protocol

Proxy Protocol is a connection-level protocol used for communicating the source and destination details of a TCP connection between proxies and other traffic routing/processing devices in the network.

Proxy Protocol enabled clients and servers add the original source and destination IP addresses and ports to a "PROXY" header in the request. This header remains unchanged irrespective of any modifications made to the connection by a proxy, such as the Traffic Manager, during its lifetime.

The Traffic Manager supports the use and processing of Proxy Protocol version 1 in your virtual servers, using plain text headers, on client side connections only.

You can add PROXY headers to server side connections through TrafficScript, although the Traffic Manager does not perform any processing on such connections.

To enable Proxy Protocol support for a virtual server, click Services > Virtual Servers > Edit > Protocol Settings > TCP Connection Settings and set proxy_protocol to "Yes".

Since PROXY header parsing is done on connection setup, the header contents are available through TrafficScript in a request rule (and at later stages). For information concerning the applicable TrafficScript functions, see the Pulse Secure Virtual Traffic Manager: TrafficScript Guide.

All connections handled by a Proxy Protocol enabled virtual server must have a valid PROXY header. If the header is missing or malformed, the connection is dropped. Alternatively, if your virtual server has client connection failure logging enabled, the Traffic Manager reports an error in the event log.

You can also record PROXY header data items in the request log, or observe the contents of the PROXY header on the Activity > Connections page in the Admin UI.