[Dnsmasq-discuss] SUCCESS

Simon Kelley simon at thekelleys.org.uk
Tue Oct 16 20:51:15 BST 2012


On 16/10/12 14:28, Gene Czarcinski wrote:
> On 10/16/2012 09:00 AM, Simon Kelley wrote:
>> On 15/10/12 22:22, Gene Czarcinski wrote:
>>
>>> The address we have is going to be ff00::1:2 so checking the address
>>> list against it is useless. Scanning daemon->if_names is still needed.
>>> Also daemon->interfaces is lacking some info we need namely AF_INET or
>>> AF_INET6 but it seems to me that it could easily be added.
>>
>>>
>>> We need to go through daemon->interfaces to find the ip6 addresses
>>> associated with the device name we have. Then, that address needs to be
>>> compared with any IPv6 addresses specified in --listen-address.
>>>
>>> We could just do this check for dhcp6 ... would that break things?
>>
>> That looks close to correct. It's interesting to compare it with the
>> DHCPv4 code, which checks the --listen-address parameter against the
>> primary address of the arrival interface and if that fails against all
>> of them.
>>
>> For IPv6, "primary address" is not a very useful concept, so the best
>> solution is to compare the --listen-address parameter against all
>> addresses of the arrival interface.
>>>
>>> Any favorite approaches: just dhcp6 .. or .. extra calling sequence
>>> parameter/flag ... or ... a new, separate function? The last two are
>>> the "safest".
>>
>> New code. the DHCPv4 check_listen_addrs() function is a good prototype.
>>
>> I'll see if I can produce something later today.
>
> I have success!! Actually it is less code rather than more!
>
> I need to clean things up a little but should have something really
> soon! ... like, later today.
>
> It turns out that iface_check() was not needed (mostly) and was causing
> the problem. Testing for the if_names and if_addrs was a red herring and
> a problem.
>
> I replaced iface_check() with two additions to check both device
> exclusion lists plus a few comments to explain some things and that is it!
>


OK. I committed a variation on your code, which makes --listen-address 
work with DHCPv6. This was definitely bugged before, and is sensible 
now. Thanks.


BUT

I thought about this and checked back through some earlier fixes, and 
found this.

https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1013529

which refers to exactly the same situation you're working with, but in 
OpenStack.

The important take-home is that to make DHCP work with multiple 
instances of dnsmasq, each dealing with a single interface, it's 
necessary to set SO_BINDTODEVICE on the DHCP socket to associate it with 
a particular interface. The patch which went in around 2.61 - 2.62 does 
just that, provided that there is exactly one --interface parameter. It 
doesn't work with --listen-address.

So, to make libvirt work correctly in all circumstances, it will need to 
use --interface, and NOT --listen-address. This applies to DHCPv4 as 
well as DHCPv6.

Gene, I'm hoping you can act as the conduit for this information to the 
libvirt community. It's a tough job, etc, etc.

Cheers,

Simon.








More information about the Dnsmasq-discuss mailing list