Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?

Fri, 14 Nov 2008 06:30:36 -0800 

Guido Günther wrote:

Hi Simon,
On Thu, Nov 13, 2008 at 11:51:37AM +0000, Simon Kelley wrote:
The /etc/init.d/dnsmasq facility looks good, but the stuff added by libvirt is not. 

If libvirt adds

bind-interfaces
interface=lo


then it will stop the system dnsmasq listening on any interface apart  
from lo, That's likely to be a nasty surprise. If, on the other hand,  
libvirt adds


bind-interfaces
except-interface=<virtual bridge>

The problem here is that libvirt may have an arbitrary number of
interfaces and that we'd have to start dnsmasq for every new interface
added. "interface=lo" was ment as the smallest common denominator. We
could probly make the interface=<interfaces> line configurable via
debconf (in libvirt not in dnsmasq).

It's not likely to be a big problem to restart dnsmasq: it's always 
quick. It's your call, but if it was me I'd just have a single question 
in debconf "Do you want me to automatically mess with your system 
dnsmasq (y/n)" and then add excluded interfaces/restart dnsmasq as 
needed. Explain that if the answer is no, dnsmasq has to be configured 
manually with --bind-interfaces and the set of valid interfaces.







and starts its private dnsmasq with


dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file  
 --conf-file  --listen-address 192.168.122.1 --except-interface lo  
--dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range  
192.168.122.2,192.168.122.254 --interface=<virtual-bridge>

Upstream's code has this comment:

    /*
     * XXX does not actually work, due to some kind of
     * race condition setting up ipv6 addresses on the
     * interface. A sleep(10) makes it work, but that's
     * clearly not practical
     *
     * APPEND_ARG(*argv, i++, "--interface");
     * APPEND_ARG(*argv, i++, network->def->bridge);
     */
    APPEND_ARG(*argv, i++, "--listen-address");
    APPEND_ARG(*argv, i++, network->def->ipAddress);

We'd have to fix this if we really need "--interface".




We don't: I hadn't see the --listen-address option which is a valid 
alternative.






You timing is good: I'm about to release dnsmasq-2.46 so I'll get these 
changes in first. I have a package which removes the broken 
start-stop-daemon (it's not needed anyway) and adds /etc/dnsmasq.d.


I'll send that to you direct.


Cheers,

Simon.





--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]























					Reply via email to