[libvirt] [PATCH] add --interface to dnsmasq command line so bind-interfaces works

The problem is that, without SO_BINDTODEVICE, there is no guarantee that the kernel will route DHCP (v4 or v6) packets to the correct instance of dnsmasq, when there is more than one. --- src/network/bridge_driver.c | 20 ++++++++++++++------ tests/networkxml2argvdata/isolated-network.argv | 1 + tests/networkxml2argvdata/nat-network-dns-hosts.argv | 3 ++- .../nat-network-dns-srv-record-minimal.argv | 1 + .../nat-network-dns-srv-record.argv | 1 + .../nat-network-dns-txt-record.argv | 1 + tests/networkxml2argvdata/nat-network.argv | 3 ++- tests/networkxml2argvdata/netboot-network.argv | 3 ++- tests/networkxml2argvdata/netboot-proxy-network.argv | 3 ++- tests/networkxml2argvdata/routed-network.argv | 3 ++- 10 files changed, 28 insertions(+), 11 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 5578373..821b955 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -682,14 +682,22 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network, } } - /* - * --interface does not actually work with dnsmasq < 2.47, - * due to DAD for ipv6 addresses on the interface. - * - * virCommandAddArgList(cmd, "--interface", ipdef->bridge, NULL); + /* It may have been important not to use --interface at one time, + * but with with dnsmasq => 2.61 there is a problem if + * --interface is not specified because --bind-interfaces + * will have no effect. Here is what Simon Kelly (dnsmasq + * developer) has to say on the subject: + * "The problem is that, without SO_BINDTODEVICE, there is + * no guarantee that the kernel will route DHCP (v4 or v6) + * packets to the correct instance of dnsmasq, + * when there is more than one." * - * So listen on all defined IPv[46] addresses + * --interface is added but the --listen-address parameters + * are left in. */ + + virCommandAddArgList(cmd, "--interface", network->def->bridge, NULL); + for (ii = 0; (tmpipdef = virNetworkDefGetIpByIndex(network->def, AF_UNSPEC, ii)); ii++) { diff --git a/tests/networkxml2argvdata/isolated-network.argv b/tests/networkxml2argvdata/isolated-network.argv index 048c72b..c27f793 100644 --- a/tests/networkxml2argvdata/isolated-network.argv +++ b/tests/networkxml2argvdata/isolated-network.argv @@ -1,6 +1,7 @@ @DNSMASQ@ --strict-order --bind-interfaces \ --local=// --domain-needed --conf-file= \ --except-interface lo --dhcp-option=3 --no-resolv \ +--interface virbr2 \ --listen-address 192.168.152.1 \ --dhcp-range 192.168.152.2,192.168.152.254 \ --dhcp-leasefile=/var/lib/libvirt/dnsmasq/private.leases --dhcp-lease-max=253 \ diff --git a/tests/networkxml2argvdata/nat-network-dns-hosts.argv b/tests/networkxml2argvdata/nat-network-dns-hosts.argv index 03a0676..0b72bcd 100644 --- a/tests/networkxml2argvdata/nat-network-dns-hosts.argv +++ b/tests/networkxml2argvdata/nat-network-dns-hosts.argv @@ -1,4 +1,5 @@ @DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \ --local=/example.com/ --domain-needed \ ---conf-file= --except-interface lo --listen-address 192.168.122.1 \ +--conf-file= --except-interface lo \ +--interface virbr0 --listen-address 192.168.122.1 \ --expand-hosts --addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts\ diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv index a1e4200..f1273de 100644 --- a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv +++ b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv @@ -4,6 +4,7 @@ --local=// --domain-needed --conf-file= \ --except-interface lo \ --srv-host=name.tcp.,,,, \ +--interface virbr0 \ --listen-address 192.168.122.1 \ --listen-address 192.168.123.1 \ --listen-address 2001:db8:ac10:fe01::1 \ diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv index 8af38c4..6aac056 100644 --- a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv +++ b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv @@ -4,6 +4,7 @@ --local=// --domain-needed --conf-file= \ --except-interface lo \ --srv-host=name.tcp.test-domain-name,.,1024,10,10 \ +--interface virbr0 \ --listen-address 192.168.122.1 \ --listen-address 192.168.123.1 \ --listen-address 2001:db8:ac10:fe01::1 \ diff --git a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv index 404b56a..a65e9a8 100644 --- a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv +++ b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv @@ -1,6 +1,7 @@ @DNSMASQ@ --strict-order --bind-interfaces \ --local=// --domain-needed --conf-file= \ --except-interface lo '--txt-record=example,example value' \ +--interface virbr0 \ --listen-address 192.168.122.1 --listen-address 192.168.123.1 \ --listen-address 2001:db8:ac10:fe01::1 \ --listen-address 2001:db8:ac10:fd01::1 --listen-address 10.24.10.1 \ diff --git a/tests/networkxml2argvdata/nat-network.argv b/tests/networkxml2argvdata/nat-network.argv index 1dc8f73..f25979d 100644 --- a/tests/networkxml2argvdata/nat-network.argv +++ b/tests/networkxml2argvdata/nat-network.argv @@ -1,6 +1,7 @@ @DNSMASQ@ --strict-order --bind-interfaces \ --local=// --domain-needed --conf-file= \ ---except-interface lo --listen-address 192.168.122.1 \ +--except-interface lo --interface virbr0 \ +--listen-address 192.168.122.1 \ --listen-address 192.168.123.1 --listen-address 2001:db8:ac10:fe01::1 \ --listen-address 2001:db8:ac10:fd01::1 --listen-address 10.24.10.1 \ --dhcp-range 192.168.122.2,192.168.122.254 \ diff --git a/tests/networkxml2argvdata/netboot-network.argv b/tests/networkxml2argvdata/netboot-network.argv index 5a85ec2..59a0266 100644 --- a/tests/networkxml2argvdata/netboot-network.argv +++ b/tests/networkxml2argvdata/netboot-network.argv @@ -1,6 +1,7 @@ @DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \ --local=/example.com/ --domain-needed --conf-file= \ ---except-interface lo --listen-address 192.168.122.1 \ +--except-interface lo --interface virbr1 \ +--listen-address 192.168.122.1 \ --dhcp-range 192.168.122.2,192.168.122.254 \ --dhcp-leasefile=/var/lib/libvirt/dnsmasq/netboot.leases \ --dhcp-lease-max=253 --dhcp-no-override --expand-hosts --enable-tftp \ diff --git a/tests/networkxml2argvdata/netboot-proxy-network.argv b/tests/networkxml2argvdata/netboot-proxy-network.argv index 36836b0..e3fe668 100644 --- a/tests/networkxml2argvdata/netboot-proxy-network.argv +++ b/tests/networkxml2argvdata/netboot-proxy-network.argv @@ -1,6 +1,7 @@ @DNSMASQ@ --strict-order --bind-interfaces --domain=example.com \ --local=/example.com/ --domain-needed --conf-file= \ ---except-interface lo --listen-address 192.168.122.1 \ +--except-interface lo --interface virbr1 \ +--listen-address 192.168.122.1 \ --dhcp-range 192.168.122.2,192.168.122.254 \ --dhcp-leasefile=/var/lib/libvirt/dnsmasq/netboot.leases \ --dhcp-lease-max=253 --dhcp-no-override --expand-hosts \ diff --git a/tests/networkxml2argvdata/routed-network.argv b/tests/networkxml2argvdata/routed-network.argv index 77e802f..093c0ee 100644 --- a/tests/networkxml2argvdata/routed-network.argv +++ b/tests/networkxml2argvdata/routed-network.argv @@ -1,3 +1,4 @@ @DNSMASQ@ --strict-order --bind-interfaces \ --local=// --domain-needed --conf-file= \ ---except-interface lo --listen-address 192.168.122.1\ +--except-interface lo --interface virbr1 \ +--listen-address 192.168.122.1\ -- 1.7.11.7