[Dnsmasq-discuss] SUCCESS
Simon Kelley
simon at thekelleys.org.uk
Tue Oct 16 20:51:15 BST 2012
On 16/10/12 14:28, Gene Czarcinski wrote:
> On 10/16/2012 09:00 AM, Simon Kelley wrote:
>> On 15/10/12 22:22, Gene Czarcinski wrote:
>>
>>> The address we have is going to be ff00::1:2 so checking the address
>>> list against it is useless. Scanning daemon->if_names is still needed.
>>> Also daemon->interfaces is lacking some info we need namely AF_INET or
>>> AF_INET6 but it seems to me that it could easily be added.
>>
>>>
>>> We need to go through daemon->interfaces to find the ip6 addresses
>>> associated with the device name we have. Then, that address needs to be
>>> compared with any IPv6 addresses specified in --listen-address.
>>>
>>> We could just do this check for dhcp6 ... would that break things?
>>
>> That looks close to correct. It's interesting to compare it with the
>> DHCPv4 code, which checks the --listen-address parameter against the
>> primary address of the arrival interface and if that fails against all
>> of them.
>>
>> For IPv6, "primary address" is not a very useful concept, so the best
>> solution is to compare the --listen-address parameter against all
>> addresses of the arrival interface.
>>>
>>> Any favorite approaches: just dhcp6 .. or .. extra calling sequence
>>> parameter/flag ... or ... a new, separate function? The last two are
>>> the "safest".
>>
>> New code. the DHCPv4 check_listen_addrs() function is a good prototype.
>>
>> I'll see if I can produce something later today.
>
> I have success!! Actually it is less code rather than more!
>
> I need to clean things up a little but should have something really
> soon! ... like, later today.
>
> It turns out that iface_check() was not needed (mostly) and was causing
> the problem. Testing for the if_names and if_addrs was a red herring and
> a problem.
>
> I replaced iface_check() with two additions to check both device
> exclusion lists plus a few comments to explain some things and that is it!
>
OK. I committed a variation on your code, which makes --listen-address
work with DHCPv6. This was definitely bugged before, and is sensible
now. Thanks.
BUT
I thought about this and checked back through some earlier fixes, and
found this.
https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1013529
which refers to exactly the same situation you're working with, but in
OpenStack.
The important take-home is that to make DHCP work with multiple
instances of dnsmasq, each dealing with a single interface, it's
necessary to set SO_BINDTODEVICE on the DHCP socket to associate it with
a particular interface. The patch which went in around 2.61 - 2.62 does
just that, provided that there is exactly one --interface parameter. It
doesn't work with --listen-address.
So, to make libvirt work correctly in all circumstances, it will need to
use --interface, and NOT --listen-address. This applies to DHCPv4 as
well as DHCPv6.
Gene, I'm hoping you can act as the conduit for this information to the
libvirt community. It's a tough job, etc, etc.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list