X-Remote-Addr is showing as 0.0.0.0

Question

Dear Dev Team,&nbsp;
Users are trying to access the URL "www.test.com/connect"&nbsp;
We are seeing X-Remote-Addr as 0.0.0.0 in HTTP header for some requests and we are seeing the "actual client ip address" for some requests on the same VIP&nbsp;
Nodes will determine the action to be performed based on -X-Remote-Addr.&nbsp;
Whenever the request consists of X-Remote-Addr as "0.0.0.0" the requests are failing.&nbsp;
BTW, we have LTM with WA module.&nbsp;
Could you pls someone give any suggession on how to overcome this behaviour?&nbsp;

what_lies_bene1 · Answer

What is inserting this header, the F5 or something else? If the F5 how are you doing this. If not then I'll assume it's some upstream device that's the cause of the issue.

muzammil_88686 · Answer

X-Remote-Addr is getting inserted by Web Accelerator.&nbsp;
&nbsp;
GET /connect HTTP/1.1&nbsp;
Connection: keep-alive&nbsp;
Host: www.test.com&nbsp;
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8&nbsp;
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 3912.43.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.69 Safari/537.36&nbsp;
X-Chrome-UMA-Enabled: 1&nbsp;
X-Chrome-Variations: CM61yQEIj7bJAQictskBCKa2yQEIqLbJAQiptskBCLq2yQEI/IPKAQishcoB&nbsp;
Accept-Language: en-US,en;q=0.8&nbsp;
Cookie: test_cookie=2063336970.20480.0000&nbsp;
Surrogate-Capabilities: WA="ESI/1.0", WA="ESI-Inline/1.0"&nbsp;
Accept-Encoding: identity&nbsp;
X-Remote-Addr: 0.0.0.0&nbsp;
X-Client: WA&nbsp;
X-PvMAC: 00:01:D7:A2:6B:01  &nbsp;

what_lies_bene1 · Answer

Have any actual users complained? Could this just be monitoring traffic?

afedden_1985 · Answer

how are you doing this via the web accelerator?   "X-Remote-Addr is getting inserted by Web Accelerator." 
&nbsp; This is normally done in the HTTP profile in version 10 and 11,   by selecting &gt; Insert X-Forwarded-For   enabled  &nbsp;

drew_kane_23142 · Answer

The pvac process (pvac is the WebAccelerator data plane daemon in 9.x and 10.x) will insert the X-Remote-Addr for traffic it processes.  If pvac processing is bypassed- for example, when the system is under a lot of load and the request queue is full- then the chunk pvac code that writes the client IP address into the X-Remote-Addr header can be bypassed as well.  Hence, you see 0.0.0.0 rather than the real client IP address. 
&nbsp;  
&nbsp; You can use an iRule to change the X-Remote-Addr header's value to what it should be.  Something like this: 
&nbsp;  
&nbsp; when HTTP_REQUEST_SEND { 
&nbsp;     clientside { 
&nbsp;         if { [HTTP::header exists "X-Remote-Addr"] and [HTTP::header "X-Remote-Addr"] equals "0.0.0.0" } { 
&nbsp;             HTTP::header replace "X-Remote-Addr" [IP::client_addr] 
&nbsp;         } 
&nbsp;     } 
&nbsp; } 
&nbsp;  
&nbsp;  
&nbsp; Addressing the cause of the WebAccelerator bypass or enabling/using the X-Forwarded-For header are other options to do instead of/in addition to the iRule workaround above.

Forum Discussion

X-Remote-Addr is showing as 0.0.0.0

6 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

Related Content

Bot Log is not showing in BIG-IQ

Performance Reports don't show data

captcha not show after enable header security

X-Remote-Addr is showing as 0.0.0.0

Nodes status show blue status