proxypass IPv4-over-IPv6 excludes X-Forwarded-For header
Bug #1895877 reported by
ñull
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apache2 (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
Ubuntu 18.04.5 LTS
apache2 2.4.29-1ubuntu4.14
A IPv4 client accesses an Apache2 server configured with proxypass to a IPv6 capable backend. X-Forwarded-For header with the IPv4 is not passed to the backend. Work around is to force IPv4 with ProxySourceAddress <IPv4-address>. Expected behaviour is that it would pass the client's IPv4 without the work around. Even though the Proxy backend connection is IPv6, this does not mean that the X-Forwarded-For header becomes null. Documentation highlighted statement seems to underline this:
"IPv4-over-IPv6 Mapped Addresses
As with httpd in general, any IPv4-over-IPv6 mapped addresses are recorded in their IPv4 representation"
Revision history for this message
| Paride Legovini (paride) wrote | #1 |
| Changed in apache2 (Ubuntu): | |
| status: | New → Incomplete |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in apache2 (Ubuntu): | |
| status: | Incomplete → Expired |
To post a comment you must log in.
Hello and thanks for your bug report.
I didn't try to setup a reproducer, however this sounds like an upstream limitation of bug of apache2. If this is actually a bug, the actions we can take in Ubuntu to fix it very much depend on whether the bug has an upstream fix or not. A first step in this direction is checking if the bug is still present in Ubuntu 20.04, the latest LTS release. This is a coarse step, but should be reasonably easy to take and bounds the problem.
Are you willing to test your setup using proxypass on Ubuntu 20.04 and report back with your findings? Waiting for your reply I'm setting the status of this report to Incomplete, please change it back to New after commenting back and we'll look at it again. Thanks!