I've been developing an app that interacts with web services that are behind Layer 7 balancing in a context where packets must either be from the correct original source IP or if not then using x-fowarded is supported. This is absolutely mandatory for reasons out of my control (I only control the client software).
Because I need a development environment that works I've been using Zevenet which has met my needs just fine.
However I now have to support a Layer 4 balancing scenario.
- the packets must be from the original source ip or x-fowarded-for must be inserted
- and in the scenario I need to support TLS tunnels must NOT end at the balancer, and therefore x-fowarded-for cannot be inserted,
Zevenet can no longer be used as it only supports Layer 4 balancing trough NAT/SNAT.
For instance, F5 BigIP's can do this as NAT / SNAT can be disabled. In this scenario the F5 needs to be the gateway (otherwise it would not work due to routing problems). But I don't access to one, nor am I going to get it.
Is there any non-comercial / open-source product / appliance that is able to do something similar to what F5s can do in this contex?
Thanks in advance for any help