Bug #84329 Some Class B private address is not permitted automatically
Submitted: 24 Dec 2016 12:31 Modified: 9 Jun 2017 14:44
Reporter: 智史 三谷 Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Group Replication Severity:S3 (Non-critical)
Version:5.7.17 OS:Any
Assigned to: CPU Architecture:Any

[24 Dec 2016 12:31] 智史 三谷 
Description:
According to https://dev.mysql.com/doc/refman/5.7/en/group-replication-options.html#sysvar_group_replic...,
when group_replication_ip_whitelist = AUTOMATIC, private network is permitted automatically.

below 172.21.134.27/23 is class C private IP address, but 172.21.134.0 is not permitted.

[root@samitani-gr02 ~]# grep 'Added automatically IP ranges' /var/log/mysqld.log
2016-12-24T11:55:50.386842Z 3 [Note] Plugin group_replication reported: '[GCS] Added automatically IP ranges 127.0.0.1/8 to the whitelist'

[root@samitani-gr02 ~]# ifconfig
eth1      Link encap:Ethernet  HWaddr FA:16:3E:0B:2B:7C
          inet addr:172.21.134.27  Bcast:172.21.135.255  Mask:255.255.254.0
          inet6 addr: fe80::f816:3eff:fe0b:2b7c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:366120 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76432 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:629521001 (600.3 MiB)  TX bytes:10116792 (9.6 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:136 errors:0 dropped:0 overruns:0 frame:0
          TX packets:136 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:22084 (21.5 KiB)  TX bytes:22084 (21.5 KiB)

[root@samitani-gr02 ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.7.17-log MySQL Community Server (GPL)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show global variables like '%white%';
+--------------------------------+-----------+
| Variable_name                  | Value     |
+--------------------------------+-----------+
| group_replication_ip_whitelist | AUTOMATIC |
+--------------------------------+-----------+
1 row in set (0.00 sec)

How to repeat:
set class C private address except for 172.16.X.X

Suggested fix:
fixe get_ipv4_local_private_addresses in gcs_xcom_networking.cc
[24 Dec 2016 12:37] 智史 三谷 
"Class C" is wrong, "Class B" is correct.
[6 Feb 2017 10:24] MySQL Verification Team 
Thank you for the report and feedback.
[9 Jun 2017 14:44] David Moss 
Posted by developer:
 
Thank you for your feedback, this has been fixed in upcoming versions and the following was added to the 5.7.19 / 8.0.2 change logs:
When using group_replication_ip_whitelist=AUTOMATIC, IPs in the private network are permitted automatically, but some class C IP addresses were not being permitted correctly.