A big OOPS!!! On 10/23/2012 04:55 PM, Gene Czarcinski wrote:
On 10/23/2012 04:10 PM, Laine Stump wrote:
I wouldn't worry about that quite yet. Let's wait until it's pushed upstream. At the point, we'll probably want the first two (for F17 and F18, which have dnsmasq-2.63 which according to you causes problems). Not me, Simon Kelley the dnsmasq developer/maintainer/etc.
Rather than just pasting his comment here, got to look at the message he wrote:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q4/006415.html
There might be a way to make it work with just the gateway address (that is what listen-address really is because dnsmasq does not really need an address just the interface), but that is not how it was done. After I sent the message, I just got something in from Simon Kelley which has some new info: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q4/006445.html
The heart of it is this: --------------------------------------------------
OK, so this is vaguely embarrassing. Having checked the actual code, rather than the changelog, I see that dnsmasq >=2.61 _already_ does the right thing. Setting --bind-interfaces* and a single --listen-address will cause the code to set SO_BINDTODEVICE on the DHCP socket(s).
So, there is not a problem with the existing libvirt command line. I disagree. I believe that the problem still exists.
What Simon says implies that everything is OK and nothing needs to be done but consider this: 1. What harm does it do to add the interface=<> specification in addition to everything else? 2. Note that Simon states "Setting --bind-interfaces* and a single --listen-address ". Well, I can define multiple IPv4 and/or IPv6 listen-addresses to be on a single virtual interface. From what Simon says, that means all bets are off. 3. I suspect that many/most instances of dnsmasq only has a single address and that is why the problem has not manifested itself. 4. I do not know if a v4 and v6 address counts as one or two. Gene