[libvirt] [PATCH 2/2] IPv6 tell dnsmasq not to forward PTR queries

gene at czarc.net gene at czarc.net
Wed Sep 12 15:16:49 UTC 2012


From: Gene Czarcinski <gene at czarc.net>

For IPv6 networks that dnsmasq listens to, do not forward any
dns PTR queries for that network.  A character string compare
is performed by dnsmasq where each character is a 4-bit
hexidecimal number.  Dots ('.') are used to separate characters.

Note that if a network is "listened to", then the assumption is
that the network is "owned" by dnsmasq for purposes of dns query
forwarding.
---
 src/network/bridge_driver.c                               | 15 +++++++++++++++
 .../nat-network-dns-srv-record-minimal.argv               |  2 ++
 tests/networkxml2argvdata/nat-network-dns-srv-record.argv |  2 ++
 tests/networkxml2argvdata/nat-network-dns-txt-record.argv |  2 ++
 tests/networkxml2argvdata/nat-network.argv                |  6 ++++++
 tests/networkxml2argvdata/nat-network.xml                 |  4 ++++
 6 files changed, 31 insertions(+)

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 7ad6fe2..e9de25a 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -650,6 +650,21 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
 	    val = val >> 8;
 	    p += sprintf(p, "%d.in-addr.arpa", val & 0xff);
 	    virCommandAddArgFormat(cmd, "--local=/%s/", &str[0]);
+	} 
+	else if ((VIR_SOCKET_ADDR_IS_FAMILY(&tmpipdef->address, AF_INET6)) &&
+		(psize>0) && (psize<128) && ((psize & 3)==0))
+	{
+	    /* note its a "nibble" at a time like the ipv4 8/16/24 */
+	    char *p, str[73];   /* 73 is strlen("32*<n.>ip6.arpa")+1 */
+	    int ii = psize - 1;
+	    p = &str[0];
+	    while (ii >= 0) {
+		int val = tmpipdef->address.data.inet6.sin6_addr.s6_addr[ii>>3];
+		p += sprintf(p, "%.1x.", (ii>>2) & 1 ? val & 0x0f : val >> 4);
+		ii -= 4;
+	    }
+	    p += sprintf(p, "ip6.arpa");
+	    virCommandAddArgFormat(cmd, "--local=/%s/", &str[0]);
 	}
         VIR_FREE(ipaddr);
     }
diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
index e0ea334..6e666cd 100644
--- a/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-srv-record-minimal.argv
@@ -9,7 +9,9 @@
 --listen-address 192.168.123.1 \
 --local=/123.168.192.in-addr.arpa/ \
 --listen-address 2001:db8:ac10:fe01::1 \
+--local=/1.0.e.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 2001:db8:ac10:fd01::1 \
+--local=/1.0.d.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 10.24.10.1 \
 --local=/10.in-addr.arpa/ \
 --dhcp-range 192.168.122.2,192.168.122.254 \
diff --git a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
index 0a5cd6b..6021ca0 100644
--- a/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-srv-record.argv
@@ -9,7 +9,9 @@
 --listen-address 192.168.123.1 \
 --local=/123.168.192.in-addr.arpa/ \
 --listen-address 2001:db8:ac10:fe01::1 \
+--local=/1.0.e.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 2001:db8:ac10:fd01::1 \
+--local=/1.0.d.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 10.24.10.1 \
 --local=/10.in-addr.arpa/ \
 --dhcp-range 192.168.122.2,192.168.122.254 \
diff --git a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
index 6e1d054..28c808d 100644
--- a/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
+++ b/tests/networkxml2argvdata/nat-network-dns-txt-record.argv
@@ -6,7 +6,9 @@
 --listen-address 192.168.123.1 \
 --local=/123.168.192.in-addr.arpa/ \
 --listen-address 2001:db8:ac10:fe01::1 \
+--local=/1.0.e.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 2001:db8:ac10:fd01::1 \
+--local=/1.0.d.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 10.24.10.1 \
 --local=/10.in-addr.arpa/ \
 --dhcp-range 192.168.122.2,192.168.122.254 \
diff --git a/tests/networkxml2argvdata/nat-network.argv b/tests/networkxml2argvdata/nat-network.argv
index 55f31e2..b516706 100644
--- a/tests/networkxml2argvdata/nat-network.argv
+++ b/tests/networkxml2argvdata/nat-network.argv
@@ -6,7 +6,13 @@
 --listen-address 192.168.123.1 \
 --local=/123.168.192.in-addr.arpa/ \
 --listen-address 2001:db8:ac10:fe01::1 \
+--local=/1.0.e.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
 --listen-address 2001:db8:ac10:fd01::1 \
+--local=/1.0.d.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/ \
+--listen-address fe00:2001:dead:beef:fd01::1 \
+--local=/e.e.b.d.a.e.d.1.0.0.2.0.0.e.f.ip6.arpa/ \
+--listen-address fe00:dead:beef:1234:fd01::1 \
+--local=/0.0.0.0.0.0.0.0.0.0.1.0.d.f.4.3.2.1.f.e.e.b.d.a.e.d.0.0.e.f.ip6.arpa/ \
 --listen-address 10.24.10.1 \
 --local=/10.in-addr.arpa/ \
 --dhcp-range 192.168.122.2,192.168.122.254 \
diff --git a/tests/networkxml2argvdata/nat-network.xml b/tests/networkxml2argvdata/nat-network.xml
index eb71d9e..98dcca2 100644
--- a/tests/networkxml2argvdata/nat-network.xml
+++ b/tests/networkxml2argvdata/nat-network.xml
@@ -16,6 +16,10 @@
   </ip>
   <ip family='ipv6' address='2001:db8:ac10:fd01::1' prefix='64'>
   </ip>
+  <ip family='ipv6' address='fe00:2001:dead:beef:fd01::1' prefix='60'>
+  </ip>
+  <ip family='ipv6' address='fe00:dead:beef:1234:fd01::1' prefix='120'>
+  </ip>
   <ip family='ipv4' address='10.24.10.1'>
   </ip>
 </network>
-- 
1.7.11.4




More information about the libvir-list mailing list