Public bug reported: While looking at an unrelated issue I noticed log lines like this in the neutron-ovn-metadata-agent log file:
No port found in network b62452f3-ec93-4cd7-af2d-9f9eabb33b12 with IP address 10.246.166.21,10.131.84.23 While it might seem harmless, looking at the code it only showed a single value being logged: LOG.error("No port found in network %s with IP address %s", network_id, remote_address) The code in question is looking for a matching IP address, but will never match the concatenated string. Google shows the additional IP address(es) that might be present in this header are actually proxies: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded- For And sure enough in my case the second IP was always the same. The code needs to be changed to account for proxies, which aren't actually necessary to lookup what port is making the request, but it could be logged for posterity. I'll send a change for that soon. ** Affects: neutron Importance: Medium Assignee: Brian Haley (brian-haley) Status: In Progress -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/2026775 Title: Metadata agents do not parse X-Forwarded-For headers properly Status in neutron: In Progress Bug description: While looking at an unrelated issue I noticed log lines like this in the neutron-ovn-metadata-agent log file: No port found in network b62452f3-ec93-4cd7-af2d-9f9eabb33b12 with IP address 10.246.166.21,10.131.84.23 While it might seem harmless, looking at the code it only showed a single value being logged: LOG.error("No port found in network %s with IP address %s", network_id, remote_address) The code in question is looking for a matching IP address, but will never match the concatenated string. Google shows the additional IP address(es) that might be present in this header are actually proxies: https://developer.mozilla.org/en- US/docs/Web/HTTP/Headers/X-Forwarded-For And sure enough in my case the second IP was always the same. The code needs to be changed to account for proxies, which aren't actually necessary to lookup what port is making the request, but it could be logged for posterity. I'll send a change for that soon. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2026775/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp