The remote address in a fragment sub-request is always set to 127.0.0.1 and the original remote address is pushed into the X-FORWARDED_FOR header. This is the expected behavior implemented by @fabpot in 2f3b33a and explained for the HttpCache component here.

But when retrieving the client IP via Request::getClientIp(), one will now always get 127.0.0.1 when it's not added as a trusted proxy. This seems strange, as it will most likely be incorrect and might confuse users which now have to mangle with configuring a trusted proxy, even though they don't actually have a real proxy in place.

Also in the commit message of 2f3b33a it says:

also making getClientIp smarter by removing possible local IP addresses from being considered as the client IP address

But no according change is part of that commit, getClientIp does actually consider 127.0.0.1 as the client IP.