Packets sent to LoadBalancer Services are source NAT'd (source IP is replaced by the IP of the node) by default because all schedulable nodes in the "Ready" state are eligible for load-balanced traffic. When your ingress controller routes a client's request to a container in your AKS cluster, the original source IP of that request is unavailable to the target container. You can preserve source IP on requests to your containers in AKS by enabling client source IP preservation. The client source IP is stored in the request header under X-Forwarded-For. One caveat is when using an ingress controller with client source IP preservation enabled, TLS pass-through to the destination container will not work. The following details explain how to setup client source IP preservation.
Send data to the application to see the client's IP address.
Now the client IP is the same as the source IP(srjumpbox).
How load is balanced when a client source IP is preserved
Setting the service.spec.externalTrafficPolicy field to "Local" forces nodes without Service endpoints to remove themselves from the list of nodes eligible for loadbalanced traffic by deliberately failing health checks.
Get the health check node port of the load balancer service.
kubectl get pod -o wide -l run=source-ip-app
Get the pod details to check on which node pod is running.
kubectl get pod -n sourceip -o wide -l app=source-ip-app
Create ssh connection to the node containing the pod.