[Dnsmasq-discuss] many tap devices, provide dhcp and ipv6 slaac
Neil Jerram
neil at tigera.io
Wed Jun 1 13:21:37 BST 2016
Hmm, one correction here - I just discovered that it is not true that
"Linux does not allow overlapping CIDRs to be defined on multiple
interfaces (in the same namespace)".
So perhaps --interface=tap* on its own could work after all...
Neil
On Mon, May 30, 2016 at 7:48 PM Neil Jerram <neil at tigera.io> wrote:
> Hi Vasiliy,
>
> My understanding is that Dnsmasq requires each IP allocation to be
> associated with a Linux interface, and that the allocated IP must be
> contained within one of the CIDRs on that Linux interface (e.g. as shown by
> ifconfig <interface>). In Dnsmasq terminology, a 'DHCP context' is defined
> on the interface, and the IP allocation comes from the DHCP context. I
> believe this is true even when all the allocations are static, i.e. defined
> explicitly in the host file, as well as when allocations are from a dynamic
> range.
>
> Therefore --interface=tap* does not work on its own - because Linux does
> not allow overlapping CIDRs to be defined on multiple interfaces (in the
> same namespace).
>
> (I would also be interested to hear the outcome of your libvirt
> discussions about unbridged Ethernet interfaces. I believe libvirt
> currently regards that scenario as deprecated and possibly insecure, but it
> is the scenario that networking-calico uses too.)
>
> Regards,
> Neil
>
>
> Original Message
> From: Vasiliy Tolstov
> Sent: Friday, 27 May 2016 22:50
> To: Neil Jerram
> Cc: dnsmasq-discuss
> Subject: Re: [Dnsmasq-discuss] many tap devices, provide dhcp and ipv6
> slaac
>
> 2016-05-27 17:56 GMT+03:00 Neil Jerram <neil at tigera.io>:
> > Hi Vasiliy,
> >
> > I assume your TAP devices are _not_ bridged on the host?
> >
> > If so, you can use the same approach as we use for Calico networking in
> > OpenStack -
> >
> http://docs.openstack.org/developer/networking-calico/implementation-notes.html#dhcp
> >
> > You'll need:
> >
> > a dummy interface, with an address in the 85.143.220/24 CIDR
> > to populate the dnsmasq hosts file with the IP/MAC mappings for your VMs
> > to tell dnsmasq to listen on the dummy interface and all the TAPs, and
> treat
> > the TAPs as aliases of the dummy interface (using --bridge-interfaces).
> >
> > Hope that helps - happy to provide more detail if you need.
> >
> > Neil
> >
> >
>
>
> Thanks! Does i need on dummy interface address with corresponding
> netmask or i can use /32 address that acts like gateway for vm?
> I have some discussion on libvirt mailing list about plain ethernet
> devices and my next plans add ability to configure dnsmasq via libvirt
> for this networks.
> So in case of libvirt i have running dnsmasq on virtbr0 for example
> and on each vm start i need to reconfigure dnsmasq to add needed tap
> device to it? Why i can't use --interface=tap* ? DOes dnsmasq monitors
> network intnerfaces via netlink and automatic listen it when it added
> to the host?
>
> --
> Vasiliy Tolstov,
> e-mail: v.tolstov at yoctocloud.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20160601/05b8092b/attachment.html>
More information about the Dnsmasq-discuss
mailing list