[libvirt] A Big OOPS!!
A big OOPS!!!
On 10/23/2012 04:55 PM, Gene Czarcinski wrote:
On 10/23/2012 04:10 PM, Laine Stump wrote:
> I wouldn't worry about that quite yet. Let's wait until it's pushed
> upstream. At the point, we'll probably want the first two (for F17 and
> F18, which have dnsmasq-2.63 which according to you causes problems).
Not me, Simon Kelley the dnsmasq developer/maintainer/etc.
Rather than just pasting his comment here, got to look at the message
he wrote:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q4/006415.html
There might be a way to make it work with just the gateway address
(that is what listen-address really is because dnsmasq does not really
need an address just the interface), but that is not how it was done.
After I sent
the message, I just got something in from Simon Kelley
which has some new info:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q4/006445.html
The heart of it is this:
--------------------------------------------------
OK, so this is vaguely embarrassing. Having checked the actual code,
rather than the changelog, I see that dnsmasq >=2.61 _already_ does the
right thing. Setting --bind-interfaces* and a single --listen-address
will cause the code to set SO_BINDTODEVICE on the DHCP socket(s).
So, there is not a problem with the existing libvirt command line.
I disagree. I
believe that the problem still exists.
What Simon says implies that everything is OK and nothing needs to be
done but consider this:
1. What harm does it do to add the interface=<> specification in
addition to everything else?
2. Note that Simon states "Setting --bind-interfaces* and a single
--listen-address ". Well, I can define multiple IPv4 and/or IPv6
listen-addresses to be on a single virtual interface. From what Simon
says, that means all bets are off.
3. I suspect that many/most instances of dnsmasq only has a single
address and that is why the problem has not manifested itself.
4. I do not know if a v4 and v6 address counts as one or two.
Gene