Re: [PATCH v2] network: add an option to make dns public

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jul 20, 2015 at 11:29:15 +0200, Cédric Bosdonnat wrote:
> In some use cases we don't want the virtual network's DNS to only
> listen to the vnet interface. Adding a publiclyAccessible attribute
> to the dns element in the configuration allows the DNS to listen to
> all interfaces.

Would you please elaborate on the use cases where this would be useful?
Libvirt networks shouldn't really be used for configuring dnsmasq for
other purposes than for virtual machines where it's desired that the
instances are separated.

> 
> It simply disables the bind-dynamic option of dnsmasq for the network.
> ---
> 
>  This patch is v2 for this one:
>  https://www.redhat.com/archives/libvir-list/2015-June/msg00018.html
> 
>  Diff to v1:
>    * Use bind-interface if public DNS is requested
>    * Add more tests
>    * Write out the public value in the format function
>    * Fixed the rng
>    * Renamed the attribute to public: shouldn't mislead users
> 
>  I tested this patch with several configurations of running networks.
>  The only thing I noted though is that the user may need to adapt the system
>  dnsmasq to avoid address:port conflicts... but hey, when one uses such a
>  hacky feature of the libvirt network, he needs to take care of the rest ;)
> 

This paragraph emphasises that it doesn't sound like a good thing to do.

NACK unless you will persuade me with a good enough use case.

Peter

Attachment: signature.asc
Description: Digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]