On 12/06/12 20:31, Thomas Hood wrote: > (Executive summary of the following: I think we should fix this by > making nm-dnsmasq listen at ::1.) > > Thanks for your much-needed help, Simon. > > It is good to know that the "except-interface" avenue is available. We > want, however, to be able to enjoy the advantages of non-bind-interfaces > mode ("unbound mode"??) in standalone dnsmasq insofar as we can. > Certainly standalone dnsmasq should continue to run in unbound mode when > n-m is not installed or when nm-dnsmasq is not in use; so ideally we > would ensure that /etc/NetworkManager/NetworkManager.conf contains > dns=dnsmasq if and only if /etc/dnsmasq.d/nm-dnsmasq contains "bind- > interfaces except-interface=lo". I don't see a very easy way to ensure > this. > > In any case it would be better if we never had to force dnsmasq into > bind-interfaces mode. > > So instead of switching the nm-dnsmasq listen address from 127.0.0.1 to > 127.0.1.1 it seems better to switch that address to ::1: no more > difficult, yet in the latter case standalone dnsmasq can continue to run > in unbound mode as it has traditionally done (unless forced into bind- > interfaces mode by something like libvirt-bin, of course).
I don't think that's true. In unbound mode, the standalone dnsmasq will bind the IPv6 wildcard address, which will stop the nm-dnsmasq from binding ::1 There's no escape in IPv6 land. Indeed the situation is worse, because as far a I know, you can't use any address in the defined subnet for loopback, it has to be ::1, so except-interface=lo is required. I think the 127.0.1.1 (or whatever) answer is the best. Unfortunately there's no way round having to set --bind-interfaces on the standalone dnsmasq, but except-interface=lo is not required as long as the 127.0.0.0/8 address in use by nm-dnsmasq doesn't appear on the lo interface. Simon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/959037 Title: NM-controlled dnsmasq prevents other DNS servers from running, yet network-manager doesn't Conflict with their packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/djbdns/+bug/959037/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs