I had forgotten about this patch during the holidays until John Ferlan
reminded me a few days ago.
On 12/03/2014 07:01 PM, Josh Stone wrote:
> This adds a new "localOnly" attribute on the domain element of the
> network xml. With this set to "yes", DNS requests under that domain
> will only be resolved by libvirt's dnsmasq, never forwarded upstream.
>
> This was how it worked before commit f69a6b987d616, and I found that
> functionality useful. For example, I have my host's NetworkManager
> dnsmasq configured to forward that domain to libvirt's dnsmasq, so I can
> easily resolve guest names from outside. But if libvirt's dnsmasq
> doesn't know a name and forwards it to the host, I'd get an endless
> forwarding loop. Now I can set localOnly="yes" to prevent the loop.
>
> Signed-off-by: Josh Stone <jistone@xxxxxxxxxx>
> Cc: Laine Stump <laine@xxxxxxxxx>
> ---
> docs/formatnetwork.html.in | 12 +++++++-
> docs/schemas/network.rng | 3 ++
> src/conf/network_conf.c | 32 ++++++++++++++++++++--
> src/conf/network_conf.h | 1 +
> src/network/bridge_driver.c | 5 ++++
> .../nat-network-dns-local-domain.conf | 14 ++++++++++
> .../nat-network-dns-local-domain.xml | 9 ++++++
> tests/networkxml2conftest.c | 1 +
> 8 files changed, 74 insertions(+), 3 deletions(-)
> create mode 100644 tests/networkxml2confdata/nat-network-dns-local-domain.conf
> create mode 100644 tests/networkxml2confdata/nat-network-dns-local-domain.xml
>
> diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
> index dc438aee8622..defcdba00930 100644
> --- a/docs/formatnetwork.html.in
> +++ b/docs/formatnetwork.html.in
> @@ -82,7 +82,7 @@
> <pre>
> ...
> <bridge name="virbr0" stp="on" delay="5"/>
> - <domain name="example.com"/>
> + <domain name="example.com" localOnly="no"/>
> <forward mode="nat" dev="eth0"/>
> ...</pre>
>
> @@ -113,6 +113,16 @@
> a <code><forward></code> mode of "nat" or "route" (or an
> isolated network with no <code><forward></code>
> element). <span class="since">Since 0.4.5</span>
> +
> + <p>
> + If the optional <code>localOnly</code> attribute on the
> + <code>domain</code> element is "yes", then DNS requests under
> + this domain will only be resolved by the virtual network's own
> + DNS server - they will not be forwarded to the host's upstream
> + DNS server. If <code>localOnly</code> is "no", and by
> + default, unresolved requests <b>will</b> be forwarded.
> + <span class="since">Since 1.2.11</span>
> + </p>
> </dd>
> <dt><code>forward</code></dt>
> <dd>Inclusion of the <code>forward</code> element indicates that
> diff --git a/docs/schemas/network.rng b/docs/schemas/network.rng
> index 4546f8037580..a1da28092375 100644
> --- a/docs/schemas/network.rng
> +++ b/docs/schemas/network.rng
> @@ -225,6 +225,9 @@
> <optional>
> <element name="domain">
> <attribute name="name"><ref name="dnsName"/></attribute>
> + <optional>
> + <attribute name="localOnly"><ref name="virYesNo"/></attribute>
> + </optional>
> </element>
> </optional>
>
> diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
> index 97719ed536de..31b765ff2c51 100644
> --- a/src/conf/network_conf.c
> +++ b/src/conf/network_conf.c
> @@ -2083,6 +2083,18 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt)
>
> /* Parse network domain information */
> def->domain = virXPathString("string(./domain[1]/@name)", ctxt);
> + tmp = virXPathString("string(./domain[1]/@localOnly)", ctxt);
> + if (tmp) {
> + def->domain_local = virTristateBoolTypeFromString(tmp);
> + if (def->domain_local <= 0) {
> + virReportError(VIR_ERR_XML_ERROR,
> + _("Invalid domain localOnly setting '%s' "
> + "in network '%s'"),
> + tmp, def->name);
> + goto error;
> + }
> + VIR_FREE(tmp);
> + }
>
> if ((bandwidthNode = virXPathNode("./bandwidth", ctxt)) != NULL &&
> (def->bandwidth = virNetDevBandwidthParse(bandwidthNode, -1)) == NULL)
> @@ -2805,8 +2817,24 @@ virNetworkDefFormatBuf(virBufferPtr buf,
> virBufferAsprintf(buf, "<mac address='%s'/>\n", macaddr);
> }
>
> - if (def->domain)
> - virBufferAsprintf(buf, "<domain name='%s'/>\n", def->domain);
> + if (def->domain) {
> + virBufferAsprintf(buf, "<domain name='%s'", def->domain);
> +
> + /* default to "no", but don't format it in the XML */
> + if (def->domain_local) {
> + const char *local = virTristateBoolTypeToString(def->domain_local);
> +
> + if (!local) {
> + virReportError(VIR_ERR_INTERNAL_ERROR,
> + _("Unknown localOnly type %d in network"),
> + def->domain_local);
> + return -1;
> + }
> + virBufferAsprintf(buf, " localOnly='%s'", local);
> + }
> +
> + virBufferAddLit(buf, "/>\n");
> + }
>
> if (virNetworkDNSDefFormat(buf, &def->dns) < 0)
> goto error;
> diff --git a/src/conf/network_conf.h b/src/conf/network_conf.h
> index 660cd2d10cd1..bb9724fddbb8 100644
> --- a/src/conf/network_conf.h
> +++ b/src/conf/network_conf.h
> @@ -232,6 +232,7 @@ struct _virNetworkDef {
>
> char *bridge; /* Name of bridge device */
> char *domain;
> + int domain_local; /* enum virTristateBool: yes disables dns forwarding */
ACK with one small modification - I renamed domain_local to
domainLocalOnly and pushed the result.
Thanks for the contribution!
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list