I run Kong through DCOS and I have a edge machine that runs our edge nginx.
So what we have is like the following:
DOMAIN1 -> EDGE NGINX -> KONG
I’m trying to use ip restriction plugin but when the IP arrives in Kong, it is the EDGE machine internal network’s ip (10.250.3.2).
I have the following configuration in the Edge nginx:
proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Connection "";
And Kong is configured as follows:
KONG_TRUSTED_IPS: 0.0.0.0/0,::0 KONG_REAL_IP_RECURSIVE: on KONG_REAL_IP_HEADER: X-Forwarded-For
I’m running kong 0.14.1
If I put
10.250.3.2 in the ip restriction plugin, it works well but it doesn’t if I use my external ip.