[libvirt] [PATCH] additional parameter needed for dnsmasq

Gene Czarcinski gene at czarc.net
Wed Aug 22 14:23:44 UTC 2012 

On 08/22/2012 06:51 AM, Gene Czarcinski wrote:
> On 08/21/2012 11:04 AM, Daniel P. Berrange wrote:
>> On Tue, Aug 21, 2012 at 10:43:44AM -0400, Gene Czarcinski wrote:
>>> RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=849787
>>>
>>> As currently configured, dnsmasq for a virtual network will pass
>>> some queries upstream toward the Internet.  This includes AAAA and
>>> MX queries as well a A queries when dnsmasq cannot answer for that
>>> name.  This is occurring whether a domain name is specified or not.
>>> The problem is that dnsmasq will, by default, forward all queries
>>> unless "local=" is specified.  I cannot envision a situation where
>>> such queries should be forwarded.
>>>
>>> See the bugzilla report for more info.  While I did a lot of testing
>>> to figure out the problem and what needed to be done to fix it, I am
>>> unable to actually rebuild the libvirt rpm in my environment.
>>>
>>> The solution is the following patch:
>>>
>>> diff -uNr libvirt-0.9.11.4.orig/src/network/bridge_driver.c
>>> libvirt-0.9.11.4/src/network/bridge_driver.c
>>> --- libvirt-0.9.11.4.orig/src/network/bridge_driver.c 2012-06-15
>>> 14:23:21.000000000 -0400
>>> +++ libvirt-0.9.11.4/src/network/bridge_driver.c    2012-08-21
>>> 09:03:17.387602485 -0400
>>> @@ -491,7 +491,13 @@
>>>       virCommandAddArgList(cmd, "--strict-order",
>>> "--bind-interfaces", NULL);
>>>
>>>       if (network->def->domain)
>>> -        virCommandAddArgList(cmd, "--domain", network->def->domain, 
>>> NULL);
>>> +//        virCommandAddArgList(cmd, "--domain",
>>> network->def->domain, NULL);
>>> +    virCommandAddArgFormat(cmd,
>>> +                "--domain %s --local=/%s/",
>>> +                network->def->domain,
>>> +                network->def->domain);
>>> +    else
>>> +        virCommandAddArg(cmd, "--local=");
>>>
>>>       if (pidfile)
>>>           virCommandAddArgPair(cmd, "--pid-file", pidfile);
>>
>> Since this changes the code that generates dnsmasq args, you'll
>> also need to update the tests/networkxml2argvdata/ data files
>> to take account of your new additions.
>>
>>
> And here I thought it was just a tiny patch.  When I get thinks 
> finalized, there will be an update to the tests also.
>
> But, the patch itself is not good.  For example, for no domain 
> specified, instead of "--local=", it should be "--local-//".  And then 
> with the domain specified, this just does not work for some reason 
> dnsmasq has errors starting.
>
> I must say that I believe that whoever chose to use dnsmasq definitely 
> made the right choice.  However, I wich it was easier to change and 
> test new parameter seetings for dnsmasq rather than having it in the 
> code.
>
> So that I do not have to go through a lot of code changes, I am 
> testing with two virtual guests.  The first has two NICs one connected 
> to the default network and a second to a private network with dnsmasq 
> (dns and dhcp) for the private network.  The second guest is on the 
> private network and tests the various setups for dnsmasq.
>
> My initial simplified test used the /etc/dnsmasq.conf and supplied 
> some additional parameters that I had not realized.  My testing is not 
> attempting to create a situation similar to that for libvirtd which 
> has everything specified on the command-line.
>
> Any comments, suggestions will be appreciated.
>
OK, I am going to need a little help here.

First, is there any documentation on things that need to be done in test 
when changes are made?  Right now there is a lot of stuff there and I am 
not sure what needs to be added where.

Second, I have since the rpm will compile with my patch and goes through 
enough of -bi --short-circuit to create 
BUILDROOT/libvirt.../usr/sbin/libvirtd I am copying this over to a real 
system and installing it replacing the original /usr/sbin/libvirtd

With my patch installed, when libvirtd attempts to start a network, it 
errors out with something like the follow:
====================
internal error Child process (/sbin/dnsmasq --strict-order 
--bind-interfaces --domain virt123 --local=/virt123/ --domain-needed 
--filterwin2k --pid-file=/var/run/libvirt/network/net123.pid 
--conf-file= --except-interface lo --listen-address 192.168.123.1 
--dhcp-range 192.168.123.128,192.168.123.254 
--dhcp-leasefile=/var/lib/libvirt/dnsmasq/net123.leases 
--dhcp-lease-max=127 --dhcp-no-override --expand-hosts) status 
unexpected: exit status 1
====================

About the only version that does not have a problem is replacing 
"--domain virt123 --local=/virt123/ --domain-needed --filterwin2k" with 
"--local="

OK, something is wrong.

However, is I "kill -9 <the running instance or dnsmasq>" and then, as 
root, manually start dnsmasq with all of the above parameters, it runs 
and works find on the virtual network!

Obviously, I am missing something!  Can someone point me in the right 
direction?

Gene

More information about the libvir-list mailing list