On Mon, 2015-07-20 at 16:25 +0200, Peter Krempa wrote:
On Mon, Jul 20, 2015 at 11:29:15 +0200, Cédric Bosdonnat wrote:
> In some use cases we don't want the virtual network's DNS to only
> listen to the vnet interface. Adding a publiclyAccessible attribute
> to the dns element in the configuration allows the DNS to listen to
> all interfaces.
Would you please elaborate on the use cases where this would be useful?
Libvirt networks shouldn't really be used for configuring dnsmasq for
other purposes than for virtual machines where it's desired that the
instances are separated.
This has been detailed in the previous mail thread, see here:
https://www.redhat.com/archives/libvir-list/2015-June/msg00781.html
and here:
https://www.redhat.com/archives/libvir-list/2015-June/msg00813.html
The feature has been requested by people using libvirt as a testing
infrastructure for cloud setups with vlans on top of the libvirt-defined
network. Maybe I should describe the use case in the commit log to avoid
the question being raised again and again.
--
Cedric
>
> It simply disables the bind-dynamic option of dnsmasq for the network.
> ---
>
> This patch is v2 for this one:
>
https://www.redhat.com/archives/libvir-list/2015-June/msg00018.html
>
> Diff to v1:
> * Use bind-interface if public DNS is requested
> * Add more tests
> * Write out the public value in the format function
> * Fixed the rng
> * Renamed the attribute to public: shouldn't mislead users
>
> I tested this patch with several configurations of running networks.
> The only thing I noted though is that the user may need to adapt the system
> dnsmasq to avoid address:port conflicts... but hey, when one uses such a
> hacky feature of the libvirt network, he needs to take care of the rest ;)
>
This paragraph emphasises that it doesn't sound like a good thing to do.
NACK unless you will persuade me with a good enough use case.
Peter