[Dnsmasq-discuss] New smart --bind-dynamic is greedy (binds also to interface aliases)

Mogens Melander mogens at fumlersoft.dk
Mon May 13 03:37:47 BST 2013


Maybe it's the --bind-dynamic option.

http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

Dnsmasq binds the address of individual interfaces,
allowing multiple dnsmasq instances, but if new interfaces
or addresses appear, it automatically listens on those (subject to any
access-control configuration).


On Mon, May 13, 2013 02:00, Andrew Bartlett wrote:
> I've looked over the source code multiple times, and I can't see how it
> happens, but I've just filed
> https://bugzilla.redhat.com/show_bug.cgi?id=962246 with Fedora, and
> figured I would also work here to see how this can be fixed.
>
> I do agree that interface detection is some of the most crazy,
> OS-specific code ever.  Oddly Samba has much the same challenge, but
> seems to use a different set of APIs.
>
> In any case what happens is this:
>
> dnsmasq is being run by libvirt like this:
> /sbin/dnsmasq --strict-order --local=// --domain-needed
> --pid-file=/var/run/libvirt/network/default.pid --conf-file=
> --except-interface lo --bind-dynamic --interface virbr0 --dhcp-range
> 192.168.122.2,192.168.122.254
> --dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases
> --dhcp-lease-max=253 --dhcp-no-override
>
> I then run:
> ifconfig virbr0:0 192.168.122.2
>
> And then I find dnsmasq has also chosen to bind to 192.168.122.2!
>
> eg this in netstat
>
> tcp        0      0 192.168.122.2:53        0.0.0.0:*
> LISTEN      1039/dnsmasq
> tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN
>      1039/dnsmasq
> udp        0      0 192.168.122.2:53        0.0.0.0:*
>      1039/dnsmasq
> udp        0      0 192.168.122.1:53        0.0.0.0:*
>      1039/dnsmasq
> udp        0      0 0.0.0.0:67              0.0.0.0:*
>      1039/dnsmasq
> unix  2      [ ]         DGRAM                    21571    1039/dnsmasq
>
> I'm presuming somewhere we are comparing on a name without the alias (:0)
> bit, or doing a length-limited comparison, but I've looked and just can't
> find it!
>
> Andrew Bartlett
>
> --
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


-- 
Mogens Melander
+66 8701 33224

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the Dnsmasq-discuss mailing list