I can see this working with Simple and EVPN zone where the host has an IP because he is acting as a gateway.
But for VLAN / QinQ / VXLAN the way it is currently implemented is confusing imo, since we are 'abusing' the gateway field for what is essentially a bind address for dnsmasq. There is already 'dhcp-dns-server' which configures the DNS server that dnsmasq sends. Maybe we could add 'dhcp-default-gateway' as well, so users can configure a default gateway that dnsmasq should send for those zones if they have a central external firewall in that VLAN. And then maybe make the bind address explicit for VLAN / VXLAN / QinQ by moving it from gateway to 'dhcp-bind-address' and document that this address is then reserved? This would also solve the IPv6 issue, wouldn't it? Another issue is that the host is sending itself as default gateway and DNS server in those zones, which we should probably not do (we turn off forwarding on the interfaces, but it also overwrites resolv.conf, which can be quite confusing I think). That should be easy to change (I have it on my machine already). I have the changes ready on my machine, but I wanted to ask for your opinion as well, I can also just send them tomorrow and you can review them if you like. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
