Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?
Guido Günther wrote: Package: dnsmasq Version: 2.45-1 Severity: wishlist Hi, libvirtd uses dnsmasq to provide DNS and DHCP to virtual machines on nated interfaces. It therefore calls dnsmasq for each virtual bridge with something like like: dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file --conf-file --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254 In Debian's standard installation this fails with: dnsmasq: failed to bind listening socket for 192.168.122.1: Address already in use since dnsmasq binds the wildcard address. A possible solution is to pass the options interface=lo bind-interfaces to the default dnsmasq process started via /etc/init.d/dnsmasq [1]. This could be fixed by passing --conf-dif=/etc/dnsmasq.d/ per default to dnsmasq. Libvirft could then put the necessary interface,bind-interface options there (maybe prompting via debconf if this should be done). Possibly other packages could make use of this too. Does this sound reasonable? -- Guido [1] See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504605 The /etc/init.d/dnsmasq facility looks good, but the stuff added by libvirt is not. If libvirt adds bind-interfaces interface=lo then it will stop the system dnsmasq listening on any interface apart from lo, That's likely to be a nasty surprise. If, on the other hand, libvirt adds bind-interfaces except-interface=virtual bridge and starts its private dnsmasq with dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file --conf-file --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254 --interface=virtual-bridge (adding the --interface part) then all should still work, but the disruption to a system dnsmasq would be much less. If libvirt can manage more than one virtual interface, then step would need to be taken to add all of them, maybe by having a file for each interface in /etc/dnsmasq.d called libvirt-interface name for each one. Does that make sense? Simon. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?
Hi Simon, On Thu, Nov 13, 2008 at 11:51:37AM +, Simon Kelley wrote: The /etc/init.d/dnsmasq facility looks good, but the stuff added by libvirt is not. If libvirt adds bind-interfaces interface=lo then it will stop the system dnsmasq listening on any interface apart from lo, That's likely to be a nasty surprise. If, on the other hand, libvirt adds bind-interfaces except-interface=virtual bridge The problem here is that libvirt may have an arbitrary number of interfaces and that we'd have to start dnsmasq for every new interface added. interface=lo was ment as the smallest common denominator. We could probly make the interface=interfaces line configurable via debconf (in libvirt not in dnsmasq). and starts its private dnsmasq with dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file --conf-file --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254 --interface=virtual-bridge Upstream's code has this comment: /* * XXX does not actually work, due to some kind of * race condition setting up ipv6 addresses on the * interface. A sleep(10) makes it work, but that's * clearly not practical * * APPEND_ARG(*argv, i++, --interface); * APPEND_ARG(*argv, i++, network-def-bridge); */ APPEND_ARG(*argv, i++, --listen-address); APPEND_ARG(*argv, i++, network-def-ipAddress); We'd have to fix this if we really need --interface. (adding the --interface part) then all should still work, but the disruption to a system dnsmasq would be much less. If libvirt can manage more than one virtual interface, then step would need to be taken to add all of them, maybe by having a file for each interface in /etc/dnsmasq.d called libvirt-interface name for each one. This would mean restarting libvirt quiet often if a new interface comes up. Is this a problem? -- Guido -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?
Guido Günther wrote: Hi Simon, On Thu, Nov 13, 2008 at 11:51:37AM +, Simon Kelley wrote: The /etc/init.d/dnsmasq facility looks good, but the stuff added by libvirt is not. If libvirt adds bind-interfaces interface=lo then it will stop the system dnsmasq listening on any interface apart from lo, That's likely to be a nasty surprise. If, on the other hand, libvirt adds bind-interfaces except-interface=virtual bridge The problem here is that libvirt may have an arbitrary number of interfaces and that we'd have to start dnsmasq for every new interface added. interface=lo was ment as the smallest common denominator. We could probly make the interface=interfaces line configurable via debconf (in libvirt not in dnsmasq). It's not likely to be a big problem to restart dnsmasq: it's always quick. It's your call, but if it was me I'd just have a single question in debconf Do you want me to automatically mess with your system dnsmasq (y/n) and then add excluded interfaces/restart dnsmasq as needed. Explain that if the answer is no, dnsmasq has to be configured manually with --bind-interfaces and the set of valid interfaces. and starts its private dnsmasq with dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file --conf-file --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254 --interface=virtual-bridge Upstream's code has this comment: /* * XXX does not actually work, due to some kind of * race condition setting up ipv6 addresses on the * interface. A sleep(10) makes it work, but that's * clearly not practical * * APPEND_ARG(*argv, i++, --interface); * APPEND_ARG(*argv, i++, network-def-bridge); */ APPEND_ARG(*argv, i++, --listen-address); APPEND_ARG(*argv, i++, network-def-ipAddress); We'd have to fix this if we really need --interface. We don't: I hadn't see the --listen-address option which is a valid alternative. You timing is good: I'm about to release dnsmasq-2.46 so I'll get these changes in first. I have a package which removes the broken start-stop-daemon (it's not needed anyway) and adds /etc/dnsmasq.d. I'll send that to you direct. Cheers, Simon. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?
On Fri, Nov 14, 2008 at 02:23:46PM +, Simon Kelley wrote: [..snip..] Upstream's code has this comment: /* * XXX does not actually work, due to some kind of * race condition setting up ipv6 addresses on the * interface. A sleep(10) makes it work, but that's * clearly not practical * * APPEND_ARG(*argv, i++, --interface); * APPEND_ARG(*argv, i++, network-def-bridge); */ APPEND_ARG(*argv, i++, --listen-address); APPEND_ARG(*argv, i++, network-def-ipAddress); We'd have to fix this if we really need --interface. We don't: I hadn't see the --listen-address option which is a valid alternative. Great! I was wondering why we'd need --interface if we have --listen-address and thought that it might be related to the except-interface option you proposed but now all makes sense. You timing is good: I'm about to release dnsmasq-2.46 so I'll get these changes in first. I have a package which removes the broken start-stop-daemon (it's not needed anyway) and adds /etc/dnsmasq.d. I'll send that to you direct. Cool, thanks! As soon as we have this in the archive I'll at least update libvirtd's README.Debian with a shell snippet so until we have debconf support people have an easy way to get things going. Thanks a lot for your quick response and help! -- Guido -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#505522: improve integration with libvirtd - maybe via --conf-dir=/etc/dnsmasq.d?
Package: dnsmasq Version: 2.45-1 Severity: wishlist Hi, libvirtd uses dnsmasq to provide DNS and DHCP to virtual machines on nated interfaces. It therefore calls dnsmasq for each virtual bridge with something like like: dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file --conf-file --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254 In Debian's standard installation this fails with: dnsmasq: failed to bind listening socket for 192.168.122.1: Address already in use since dnsmasq binds the wildcard address. A possible solution is to pass the options interface=lo bind-interfaces to the default dnsmasq process started via /etc/init.d/dnsmasq [1]. This could be fixed by passing --conf-dif=/etc/dnsmasq.d/ per default to dnsmasq. Libvirft could then put the necessary interface,bind-interface options there (maybe prompting via debconf if this should be done). Possibly other packages could make use of this too. Does this sound reasonable? -- Guido [1] See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504605 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]