openstack
/
neutron
Code Issues Proposed changes
OpenStack Networking (Neutron)
23,796 Commits 9 Branches 75 Tags 1,010 MiB
Python 99.5%
Shell 0.4%
Jinja 0.1%
Go to file
Bence Romsics a818c41c25 metadata-ipv6: Accept link local address in X-Forwarded-For 
In the spec we said:
"""
When the metadata proxy processes a request, it gathers the L2 addresses
of a VM, and the source interface, and passes it to the metadata service.

The Metadata service, instead of using the VM IP, uses the "VM MAC" and
"Gateway MAC" to identify the instance.
"""

But since we switched from the home-grown metadata-ns-proxy to haproxy
we no longer control some of the headers included, like X-Forwarded-For.
haproxy allows us to turn X-Forwarded-For on or off, but it cannot
give us an X-Forwarded-For-MAC header.

Instead it seems we have to rely on the source address being the IPv6
link local address generated from the NIC's MAC address as specified
in RFC 4291:
https://tools.ietf.org/html/rfc4291#section-2.5.6
https://tools.ietf.org/html/rfc4291#appendix-A

Note that means you cannot use IPv6 Privacy Extensions:
https://tools.ietf.org/html/rfc4941

Change-Id: Ife592fcfc69e26f61ec1f45c06821cb025cc7cf2
Closes-Bug: #1460177
 		2020-08-31 13:02:49 +02:00
api-ref Fix some typos 2016-06-28 22:46:19 +02:00
devstack [OVN] Update sample local.conf to support segments 2020-08-12 13:08:41 +00:00
doc Merge "Update IPv6 Prefix Delegation docs" 2020-08-28 21:08:39 +00:00
etc Merge "Migrate "ethtool" to oslo.privsep" 2020-08-14 22:58:44 +00:00
neutron metadata-ipv6: Accept link local address in X-Forwarded-For 2020-08-31 13:02:49 +02:00
playbooks Use ebtables-legacy on Ubuntu Focal 2020-08-04 10:57:37 +00:00
rally-jobs [ci] Fix several rally task arguments 2020-05-06 14:56:27 +03:00
releasenotes metadata-ipv6: Accept link local address in X-Forwarded-For 2020-08-31 13:02:49 +02:00
roles Use ebtables-legacy on Ubuntu Focal 2020-08-04 10:57:37 +00:00
tools migration: Restart OVS after setting protocols 2020-08-06 14:48:51 +02:00
vagrant/ovn [OVN] Merge networking-ovn vagrant into neutron 2020-02-18 17:26:15 -05:00
zuul.d Merge "Promote -uwsgi jobs to be gating" 2020-08-28 21:05:46 +00:00
.coveragerc Cleanup coverage configuration 2016-10-17 17:06:19 +05:30
.gitignore Add etc/neutron/*.sample files to be ignored by git 2019-12-12 12:38:24 +01:00
.gitreview OpenDev Migration Patch 2019-04-19 19:38:27 +00:00
.mailmap Add mailmap entry 2014-05-16 13:40:04 -04:00
.pylintrc Remove "six" library 2020-07-28 16:55:52 +00:00
.stestr.conf Fix post gate hook to accommodate for new os-testr 2017-09-12 14:20:12 -06:00
CONTRIBUTING.rst [Community goal] Add contributor and PTL guide 2020-03-03 04:43:26 +01:00
HACKING.rst Remove "six" library 2020-07-28 16:55:52 +00:00
LICENSE Adding Apache Version 2.0 license file. This is the official license agreement under which Quantum code is available to 2011-08-08 12:31:04 -07:00
README.rst Start README.rst with a better title 2019-11-19 17:42:57 +01:00
TESTING.rst Updates for python3.8 2020-04-28 14:03:21 -04:00
bindep.txt Merge "Stop testing python 2" 2019-10-28 00:52:16 +00:00
lower-constraints.txt metadata-ipv6: Accept link local address in X-Forwarded-For 2020-08-31 13:02:49 +02:00
plugin.spec Add OSP16.1 choice to migration plugin spec 2020-05-04 20:34:16 +03:00
requirements.txt metadata-ipv6: Accept link local address in X-Forwarded-For 2020-08-31 13:02:49 +02:00
setup.cfg Remove translation sections from setup.cfg 2020-05-27 22:43:15 +08:00
setup.py Updated from global requirements 2017-03-04 11:19:58 +00:00
test-requirements.txt Bump pylint version to support python 3.8 2020-08-06 16:00:30 +02:00
tox.ini Improve terminology in the Neutron tree 2020-08-19 16:47:53 -04:00

README.rst

OpenStack Neutron

image

Neutron is an OpenStack project to provide "network connectivity as a service" between interface devices (e.g., vNICs) managed by other OpenStack services (e.g., Nova).

To learn more about neutron:

Get in touch via email. Use [Neutron] in your subject.

To learn how to contribute, please read the CONTRIBUTING.rst file.