[libvirt] [PATCH v2] network: add an option to make dns public

Peter Krempa pkrempa at redhat.com
Mon Jul 20 14:25:44 UTC 2015


On Mon, Jul 20, 2015 at 11:29:15 +0200, Cédric Bosdonnat wrote:
> In some use cases we don't want the virtual network's DNS to only
> listen to the vnet interface. Adding a publiclyAccessible attribute
> to the dns element in the configuration allows the DNS to listen to
> all interfaces.

Would you please elaborate on the use cases where this would be useful?
Libvirt networks shouldn't really be used for configuring dnsmasq for
other purposes than for virtual machines where it's desired that the
instances are separated.

> 
> It simply disables the bind-dynamic option of dnsmasq for the network.
> ---
> 
>  This patch is v2 for this one:
>  https://www.redhat.com/archives/libvir-list/2015-June/msg00018.html
> 
>  Diff to v1:
>    * Use bind-interface if public DNS is requested
>    * Add more tests
>    * Write out the public value in the format function
>    * Fixed the rng
>    * Renamed the attribute to public: shouldn't mislead users
> 
>  I tested this patch with several configurations of running networks.
>  The only thing I noted though is that the user may need to adapt the system
>  dnsmasq to avoid address:port conflicts... but hey, when one uses such a
>  hacky feature of the libvirt network, he needs to take care of the rest ;)
> 

This paragraph emphasises that it doesn't sound like a good thing to do.

NACK unless you will persuade me with a good enough use case.

Peter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150720/bf782b2a/attachment-0001.sig>


More information about the libvir-list mailing list