[libvirt] [PATCH] network: Add support for configuring dhcp lease time

Martin Wilck mwilck at suse.de
Fri Sep 23 18:43:17 UTC 2016 

On Fri, 2016-09-23 at 11:56 -0400, Laine Stump wrote:

> Martin's patch tries to solve the problem with "dhcp-authoritative" 
> which, as far as I understand, tells dnsmasq "you are the keeper of 
> *all* lease information on this network, so if you think the address
> is 
> unused, it really is unused"; dnsmasq uses this information to
> freely 
> grant a guest any address it asks for, as long as there is no
> current 
> lease for it. This sounds troublesome to me - If client A's lease
> has 
> expired (because it's turned off for a bit), is it okay for client B
> to 
> come barging in and insist on grabbing the address that client A has 
> just lost even though there are many other addresses still
> available? 
> Sure, technically it's legal, but it seems unnecessarily disruptive.

I am not sure what you mean. What scenario would be "disrupted" by this
approach?

Without dhcp_authoritative, client A will not get its lease back,
whether or not B applied for it in the meantime, and B wouldn't get the
lease, either. The user wouldn't be able to ping either one. If
dhcp_authoritative is used, at least one of them will get what it needs
(and serving both is impossible - it's hard to tell what's the Right
Thing in the situation you describe!).

Anyway, unless the virtual network is really crowded (in which case it
might make sense for the admin to use a class B network instead) the
probability of such clashes should be rather minimal in the real world.
It's much more likely that A itself tries to reacquire the lease, and
that situation is fixed by dhcp_authoritative.

> I think the *real* solution is to fix the lease handling so that
> dnsmasq 
> remembers leases after they've expired (assuming that can be done
> once 
> leasefile-ro is set). They would be marked as "expired", and
> probably 
> not even reported externally, but all their info would still be
> there 
> internally for dnsmasq's use when considering what to do with
> incoming 
> requests for specific IP addresses.

Is that possible at all with the current leasehelper setup? I have to
admit that, being new to this discussion, I haven't understood the
purpose of the leasehelper yet. What benefit does it have for the
operation of the virtual network, compared to dnsmasq alone? Why is the
"custom leases file" needed at all? I tried to find a rationale on the
web, but I didn't.

Regards,
Martin

More information about the libvir-list mailing list