[libvirt] [PATCH 0/2] network: add dnsmasq option 'dhcp-authoritative'

Laine Stump laine at laine.org
Mon Oct 10 19:28:01 UTC 2016


Heh. I finally got around to pushing your patch maybe 5 or 10 minutes 
before you resent, and just now hit send on the reply message, then saw 
this in my inbox :-) Sorry again for seeming so much like a government 
bureaucracy.



On 10/10/2016 03:20 PM, Martin Wilck wrote:
> Lest it be forgotten, here is a rebased version of my "dhcp-authoritative"
> patch (against 77d24de). According to dnsmasq(8), this option "should
> be set when dnsmasq is definitely the only DHCP server on a network",
> whis is the case for libvirt-managed networks.
> In practice, this option has the effect that an expired lease can be
> reacquired by the client using a DHCPREQUEST unless it has been given
> to another client in the meantime. Without "dhcp-authoritative", this
> operation always fails, which can be quite cumbersome.
> There is no protection against rogue clients hijacking other client's
> IP addresses, but that isn't specific to libvirt, and IP addresses don't
> provide security anyway.
> This is ovbiously not aimed at production environments; it's a convenience
> for developers and casual users who'd rather not be bothered with network
> XML host entries or the like.
>
> Original submission:
> https://www.redhat.com/archives/libvir-list/2016-September/msg00739.html
>
> Daniel's post where he said that "unless there's a obvious downside to it,
> it seems reasonable to add that":
> https://www.redhat.com/archives/libvir-list/2016-September/msg01305.html
>
> Regards,
> Martin
>
> Martin Wilck (2):
>    network: add dnsmasq option 'dhcp-authoritative'
>    tests/networkxml2confdata: add dhcp-authoritative option
>
>   src/network/bridge_driver.c                                       | 4 +++-
>   tests/networkxml2confdata/dhcp6-nat-network.conf                  | 1 +
>   tests/networkxml2confdata/dhcp6host-routed-network.conf           | 1 +
>   tests/networkxml2confdata/isolated-network.conf                   | 1 +
>   tests/networkxml2confdata/nat-network-dns-srv-record-minimal.conf | 1 +
>   tests/networkxml2confdata/nat-network-dns-srv-record.conf         | 1 +
>   tests/networkxml2confdata/nat-network-dns-txt-record.conf         | 1 +
>   tests/networkxml2confdata/nat-network-name-with-quotes.conf       | 1 +
>   tests/networkxml2confdata/nat-network.conf                        | 1 +
>   tests/networkxml2confdata/netboot-network.conf                    | 1 +
>   tests/networkxml2confdata/netboot-proxy-network.conf              | 1 +
>   11 files changed, 13 insertions(+), 1 deletion(-)
>




More information about the libvir-list mailing list