External passthrough Network Load Balancer - tcpdump destination IP

czke · March 7, 2025, 2:06pm

I have a setup with an ‘External passthrough Network Load Balancer’ , instance group, and a compute instace with public IP attached.

If accesing the compute instance via the attached IP, in tcpdump the destination IP is the internal one:

5.x.y.z.52544 > 10.128.0.9.80

If accessing via the loadbalancer , the destination IP seen with tcpdump on the server is the loadbalancers external IP:

5.x.y.z.52858 > 34.171.b.c.80

Is there any setting/option to have on the server same behavior with or without loadbalancer?

Thanks.

kensan · March 13, 2025, 4:31pm

Hi @czke ,

Welcome to Google Cloud Community!

You may want to check the Proxy Network Load Balancer and enable the Proxy Protocol. This protocol passes the original destination IP and other connection details to the server, even if traffic is routed through a Load Balancer. This will pass the original destination IP in the request headers. You would then need to configure your server to interpret the Proxy Protocol header to get the correct destination IP.

Proxy Network Load Balancers are intended for TCP traffic only, with or without SSL. For HTTP(S) traffic, we recommend that you use an Application Load Balancer instead.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

Topic		Replies	Views
Accessing Load Balancer from Backend VMs Compute Infrastructure server-configuration	1	28	January 10, 2024
Get client ip from Google Network load balance Compute Infrastructure server-configuration	0	48	December 13, 2024
How to interpret External passthrough Network Load Balancer log entries. Compute Infrastructure server-configuration	0	10	September 25, 2024

External passthrough Network Load Balancer - tcpdump destination IP

AI Suggested topics