[Dnsmasq-discuss] Dynamic address config?

Feng Shao sevenever at gmail.com
Sat Nov 26 13:14:09 UTC 2022 

Thanks for the reply Petr.
Let me explain more about the motivation: I am a developer and our testers
test the code on various environments, including VMs on cloud and k8s
worker nodes from cloud providers. These machines and IPs are not
provisioned/allocated by dnsmasq. For cost reason, these environments only
lives for a short period of time, like one week or so, and testers
provision these IPs directly without awareness of network administrators,
that’s also why we don’t configure hostname for these machines in DNS
system. Also I can not know in advance the list of possible IPs.

Whenever tester find some issue or need help, they give me the IP of the
environments and I need to ssh to that environment. Because I will probably
login to that same machine several times since the testers are testing my
code on that machine recently, I want to setup passwordless login. So I
 normally ssh-copy-id -i <~/.ssh/id_rsa.work> <IP>first, then ssh to that
machine. In order to instruct ssh to use my ssh key when connecting to that
IP, I have below lines in my .ssh/config:

Host *.mylab
  User root
  IdentityFile ~/.ssh/id_rsa.wor <http://id_rsa.work/>k

And lines like below in /etc/hosts:
address=/123.123.123.123.mylab/123.123.123.123
address=/123.123.123.12 <http://123.123.123.123>4.mylab/123.123.123.12
<http://123.123.123.123/>4

So that I can now “ssh 123.123.123.123.mylab”

As you can see, the problem here is, whenever a new IP comes, I need to add
a new entry in /etc/hosts. So what I want is any <IP>.mylab is resolved to
<IP>.

A key pair can be specified when creating VM on cloud, but I can not ask
every tester add my ssh key pair when creating VM.


Petr Menšík <pemensik at redhat.com>于2022年11月25日 周五19:52写道:

> Did you know that dnsmasq registers all hosts by their name, if they send
> their own hostname when requesting DHCP from dnsmasq? Just use domain=mylab
> and have that host send hostname. It would make using names possible
> without any additional configuration.
>
> I do not get what is the advantage of having IP suffixed by some domain.
> It looks like IP address, but it is even longer. Names of machines should
> be easy to remember or use, I doubt that would be the case here.
>
> I think we have new feature conf-script, which can generate dnsmasq
> configuration on the output. But I doubt we have a possible code for what
> you describe. Could you please describe more about intended usage? Why
> isn't using just hostname for each host enough? Using dhcp-host seems
> enough for similar uses.
>
> I think DLZ plugins for BIND9 are able to do similar things to your
> request, but that would be very heavy-weight solution. I think more
> motivation for your current design should be shared, because I do not
> understand advantage of your solution.
>
> Cheers,
> Petr
> On 11/23/22 06:47, Feng Shao wrote:
>
> There are a bunch of machines in our lab, and we normally don't have DNS
> records configured for them, only accessing by IP. In order to ssh to them
> with key auth, I have a config in my .ssh/config like
>
> Host *.mylab
>   User root
>   IdentityFile ~/.ssh/id_rsa.work
>
> and I have some "address=/123.123.123.123.mylab/123.123.123.123" line in
> dnsmasq.conf. The problem here is I need to add an entry whenever a new IP
> comes.
>
> Can this configuration be dynamically? For example,
> "address=/*.mylab/somecmd %1", where "somecmd" is a external command and %1
> will be replaced by the name in A/AAAA request. So that for any DNS request
> to *.mylab, dnsmasq invoke this external command and pass the name as
> argument, the output of external command, which will be interpreted as
> IPv4/IPv6 addr then responsed to client?
>
> _______________________________________________
> Dnsmasq-discuss mailing listDnsmasq-discuss at lists.thekelleys.org.ukhttps://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
> --
> Petr Menšík
> Software Engineer, RHEL
> Red Hat, https://www.redhat.com/
> PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20221126/db5faf74/attachment.htm>

More information about the Dnsmasq-discuss mailing list