On Mon, Jul 20, 2015 at 17:42:05 +0200, Cedric Bosdonnat wrote: > On Mon, 2015-07-20 at 16:25 +0200, Peter Krempa wrote: > > On Mon, Jul 20, 2015 at 11:29:15 +0200, Cédric Bosdonnat wrote: > > > In some use cases we don't want the virtual network's DNS to only > > > listen to the vnet interface. Adding a publiclyAccessible attribute > > > to the dns element in the configuration allows the DNS to listen to > > > all interfaces. > > > > Would you please elaborate on the use cases where this would be useful? > > Libvirt networks shouldn't really be used for configuring dnsmasq for > > other purposes than for virtual machines where it's desired that the > > instances are separated. > > This has been detailed in the previous mail thread, see here: > https://www.redhat.com/archives/libvir-list/2015-June/msg00781.html > and here: > https://www.redhat.com/archives/libvir-list/2015-June/msg00813.html > > The feature has been requested by people using libvirt as a testing > infrastructure for cloud setups with vlans on top of the libvirt-defined > network. Maybe I should describe the use case in the commit log to avoid > the question being raised again and again. I've read the conversation now. In my opinion if users try to circumvent the config of a libvirt network they might as well as provide a full network config themselves rather than trying to abuse libvirt into setting it up partially and then hacking up the rest. As of this patch. The documentation in the XML is misleading since it states that after that "all interfaces" will be handled. With the "bind-interface" option that isn't entirely true, only interfaces that share the subnetwork are handled [1]. In general, the use case you've described seems rather hackish as you even state for yourself and I don't think we should encourage this since for some other desired configurations it might not work and adding more and more workarounds just isn't a good idea. Said this, I'm not going to object if somebody else from the libvirt team thinks that it actually might be worthwhile, so I'm not going to explicitly NACK it. You need to persuade somebody else though. Peter [1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2012q4/006525.html
Attachment:
signature.asc
Description: Digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list