[libvirt] Making DHCP leases available to local DNS server through dnsmasq

Martin Kletzander mkletzan at redhat.com
Sun Jun 18 18:16:41 UTC 2017

On Fri, Jun 16, 2017 at 02:38:21PM +0200, jean-christophe manciot wrote:
>> libvirt-nss is not for translating DNS names, rather than libvirt guest
>> names
>I meant hostname/guest name. There is no static DNS in /etc/hosts for the
>VMs and no specific records in DNS server.
>Can you see the guest in: /var/lib/libvirt/dnsmasq/virbr0.{macs,status}
> # cat /var/lib/libvirt/dnsmasq/virbr0.{macs,status}
>  {
>    "domain": "KVM-Ubuntu-GNS3-Server-17.04",
>    "macs": [
>      "52:54:00:03:9f:9f"
>    ]
>  }
>  {
>    "ip-address": "",
>    "mac-address": "52:54:00:03:9f:9f",
>    "hostname": "KVM-Ubuntu-GNS3-Server-17",
>    "expiry-time": 1497617966
>  }
>You need to restart the network after you've set up the NSS module.
>I've rebooted the system.
>I am using something along the lines of:
>>  $ cat /etc/dnsmasq.d/libvirt.conf
> server=/virt/
> server=/213.168.192.in-addr.arpa/
>I have no /etc/dnsmasq.d/libvirt.conf, but in */etc/dnsmasq.conf*:
>*local=/actionmystique.net/ <http://actionmystique.net/>*

That doesn't matter, i created libvirt.conf myself and my
/etc/dnsmasq.conf includes everything from /etc/dnsmasq.d/ that ends
with .conf.

the line you are using means it will not forward those hostnames
anywhere.  But the problem is that you have 2 different dnsmasq daemons
running at the same time and one doesn't know about the other.  The one
ran by libvirt will not be accessed anyhow unless you tell it to your
system-wide one.  So similarly to what I was suggesting, you'd need:


instead of the local= line.

>I thought this would add that domain name to the answers from whatever is
>found in DHCP leases.

But the leases are offered by different dnsmasq than which one the ping
is asking.

>The comment says:
># Add local-only domains here, queries in these domains are answered
># from /etc/hosts or DHCP only.

But there is nothing in /etc/hosts and nothing will ever be added there
automatically.  The only one who knows the hostname <-> IP address
mapping is libvirt and its dnsmasq.

>Since the first libvirt-nss module ("libvirt" plugin) looks into DHCP
>server leases, the above setting should work, shouldn't it?
>Actually, I've just realized that there is a discrepancy between the
>libvirt VM guest name and the Ubuntu hostname, where the trailing ".04" has
>been automatically removed.
>So, the* hostname (not guest name) is accessible*:
># ping KVM-Ubuntu-GNS3-Server-17
>PING KVM-Ubuntu-GNS3-Server-17 ( 56(84) bytes of data.
>64 bytes from KVM-Ubuntu-GNS3-Server-17 ( icmp_seq=1
>ttl=64 time=0.191 ms
>64 bytes from KVM-Ubuntu-GNS3-Server-17 ( icmp_seq=2
>ttl=64 time=0.302 ms
>*but not he FQDN*:
># ping KVM-Ubuntu-GNS3-Server-17.actionmystique.net
>ping: KVM-Ubuntu-GNS3-Server-17.actionmystique.net: Name or service not

It all comes down to what is your usage, what are your use cases,
basically what are you trying to achieve here.  Unless we know that,
there is no one clear answer.

P.S.: About the .04, that is yet another level of domain that, I think,
      might get stripped, or just used differently when nsswitch is
      actually asking for it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170618/dd88c42d/attachment-0001.sig>

More information about the libvir-list mailing list