[Dnsmasq-discuss] many tap devices, provide dhcp and ipv6 slaac

Neil Jerram neil at tigera.io
Mon May 30 19:48:06 BST 2016 

Hi Vasiliy, 

My understanding is that Dnsmasq requires each IP allocation to be associated with a Linux interface, and that the allocated IP must be contained within one of the CIDRs on that Linux interface (e.g. as shown by ifconfig <interface>). In Dnsmasq terminology, a 'DHCP context' is defined on the interface, and the IP allocation comes from the DHCP context. I believe this is true even when all the allocations are static, i.e. defined explicitly in the host file, as well as when allocations are from a dynamic range. 

Therefore --interface=tap* does not work on its own - because Linux does not allow overlapping CIDRs to be defined on multiple interfaces (in the same namespace).
‎
(I would also be interested to hear the outcome of your libvirt discussions about unbridged Ethernet interfaces. I believe libvirt currently regards that scenario as deprecated and possibly insecure, but it is the scenario that networking-calico uses too.)
‎
Regards, 
    Neil 


  Original Message  
From: Vasiliy Tolstov
Sent: Friday, 27 May 2016 22:50
To: Neil Jerram
Cc: dnsmasq-discuss
Subject: Re: [Dnsmasq-discuss] many tap devices, provide dhcp and ipv6 slaac

2016-05-27 17:56 GMT+03:00 Neil Jerram <neil at tigera.io>:
> Hi Vasiliy,
>
> I assume your TAP devices are _not_ bridged on the host?
>
> If so, you can use the same approach as we use for Calico networking in
> OpenStack -
> http://docs.openstack.org/developer/networking-calico/implementation-notes.html#dhcp
>
> You'll need:
>
> a dummy interface, with an address in the 85.143.220/24 CIDR
> to populate the dnsmasq hosts file with the IP/MAC mappings for your VMs
> to tell dnsmasq to listen on the dummy interface and all the TAPs, and treat
> the TAPs as aliases of the dummy interface (using --bridge-interfaces).
>
> Hope that helps - happy to provide more detail if you need.
>
> Neil
>
>


Thanks! Does i need on dummy interface address with corresponding
netmask or i can use /32 address that acts like gateway for vm?
I have some discussion on libvirt mailing list about plain ethernet
devices and my next plans add ability to configure dnsmasq via libvirt
for this networks.
So in case of libvirt i have running dnsmasq on virtbr0 for example
and on each vm start i need to reconfigure dnsmasq to add needed tap
device to it? Why i can't use --interface=tap* ? DOes dnsmasq monitors
network intnerfaces via netlink and automatic listen it when it added
to the host?

-- 
Vasiliy Tolstov,
e-mail: v.tolstov at yoctocloud.net

More information about the Dnsmasq-discuss mailing list