[libvirt] [PATCH] network: permit upstream forwarding of unqualified DNS names

Martin Kletzander mkletzan at redhat.com
Wed Aug 14 06:29:12 UTC 2013 

On 08/14/2013 01:08 AM, Laine Stump wrote:
> This resolves the issue that prompted the filing of
> 
>   https://bugzilla.redhat.com/show_bug.cgi?id=928638
> 
> (although the request there is for something much larger and more
> general than this patch).
> 
> commit f3868259ca0517212e439a65c9060868f673b6c9 disabled the
> forwarding to upstream DNS servers of unresolved DNS requests for
> names that had no domain, but were just simple host names (no "."
> character anywhere in the name). While this behavior is frowned upon
> by DNS root servers (that's why it was changed in libvirt), it is
> convenient in some cases, and since dnsmasq can be configured to allow
> it, it must not be strictly forbidden.
> 
> This patch restores the old behavior, but since it is usually
> undesirable, restoring it requires specification of a new option in
> the network config. Adding the attribute "forwardPlainNames='yes'" to
> the <dns> elemnt does the trick - when that attribute is added to a
> network config, any simple hostnames that can't be resolved by the
> network's dnsmasq instance will be forwarded to the DNS servers listed
> in the host's /etc/resolv.conf for an attempt at resolution (just as
> any FQDN would be forwarded).
> 
> When that attribute *isn't* specified, unresolved simple names will
> *not* be forwarded to the upstream DNS server - this is the default
> behavior.
> ---

It may seem pointless now, but would you consider having one test with
"forwardPlainNames='no'" in networkxml2xmlin (just to check that the
behavior doesn't change in the future)?  E.g. squashing the following
diff in.  ACK either way.

diff --git a/tests/networkxml2xmlin/nat-network-dns-hosts.xml
b/tests/networkxml2xmlin/nat-network-dns-hosts.xml
index 9a83fed..954c9db 100644
--- a/tests/networkxml2xmlin/nat-network-dns-hosts.xml
+++ b/tests/networkxml2xmlin/nat-network-dns-hosts.xml
@@ -3,7 +3,7 @@
   <uuid>81ff0d90-c91e-6742-64da-4a736edb9a9c</uuid>
   <forward dev='eth0' mode='nat'/>
   <bridge name='virbr0' stp='on' delay='0' />
-  <dns>
+  <dns forwardPlainNames='no'>
     <host ip='192.168.122.1'>
       <hostname>host</hostname>
       <hostname>gateway</hostname>
--

Martin

More information about the libvir-list mailing list