Variable Reference

$binary_remote_addr

The $binary_remote_addr variable contains the binary representation of the client's IP address. — NGINX Core (HTTP)

$binary_remote_addr NGINX Core (HTTP)

Description

The $binary_remote_addr variable in NGINX is used to obtain the binary format of the client's IP address that is associated with a request. This variable can be particularly useful in access control and filtering configurations. When a request is received, NGINX retrieves the client’s IP address and converts it into a 32-bit or 128-bit binary format, depending on whether the client is using IPv4 or IPv6, respectively. By using this variable, system administrators can efficiently compare and match IP addresses in various access control settings such as 'allow' and 'deny'. Typically, this variable is set during the initial processing of the request, where it is populated from the 'sockaddr' structure that contains client's address information. The binary representation makes it straightforward for NGINX to perform quick comparisons and checks against lists of allowed or denied IP addresses without needing to convert back and forth between formats. Because it is in binary form, this variable is significantly more efficient for NGINX when handling access control directives, especially in high-throughput scenarios.

Config Example

http {
    server {
        location / {
            deny 192.168.1.1;
            allow all;
        }
    }
}

Subsystem

http

Cacheable

Yes

Contexts

http, server, location, if

This variable is not easily human-readable compared to its string equivalent ($remote_addr) and should only be used in contexts where binary format is acceptable.

Care must be taken when using it alongside other directives that expect string formats to avoid misconfigurations.

Related Variables

$remote_addr$binary_remote_port