webserver - When does logging happen in nginx and the addition of http_x_real_ip variable?

Question

I have a reverse-proxy nginx configuration as follows:

log_format test 'http_x_forwarded_for=$http_x_forwarded_for ';


server {
    listen  80;

    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header    Host            $http_host;

    access_log  /dev/stdout test;

    location / {
        proxy_pass http://0.0.0.0:8080;
    }
}

Now I want to use x_real_ip for determination of real client ip address using this: http://nginx.org/en/docs/http/ngx_http_realip_module.html

Now to configure the x_real_ip I removed this proxy_set_header X-Real-IP $remote_addr;

and added

set_real_ip_from  <trusted_CIDRs>;
real_ip_header    X-Real-IP;
real_ip_recursive on;

Final configuration:

log_format test    'http_x_forwarded_for=$http_x_forwarded_for '
                   'http_x_real_ip=$http_x_real_ip ';


server {
    listen  80;

    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header    Host            $http_host;

    access_log  /dev/stdout test;

    set_real_ip_from  <trusted_CIDRs>;
    real_ip_header    X-Real-IP;
    real_ip_recursive on;

    location / {
        proxy_pass http://0.0.0.0:8080;
    }
}

Now my doubts are

1. Will X-real-IP be added in request even if I remove line proxy_set_header X-Real-IP $remote_addr;. If yes, Is line real_ip_header X-Real-IP; is responsible for this addition?
2. When does logging actually takes place? Is the logging of the request in nginx is done after whole processing of the request or before the processing of request? I mean if I add a proxy_header in my conf so will I able to log that header? Or my nginx log wont have access to that header which is added in the config? Or does this depend on the order of directives? If I add access_log directive at the end then it will pickup all the headers added in this config?
3. Is $http_x_real_ip variable present like $http_x_forwarded_for is present for logging? Can I log $http_x_real_ip to get the real IP? Or I have to use the embedded variable $realip_remote_addr for logging the real client IP?
4. If $http_x_real_ip is not present then why $http_x_forwarded_for is present for logging?

I am very confused about these things. Please help.

Answer 1

等待大神答复