[PATCH 0/2] network: add dnsmasq option 'dhcp-authoritative'

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Lest it be forgotten, here is a rebased version of my "dhcp-authoritative"
patch (against 77d24de). According to dnsmasq(8), this option "should 
be set when dnsmasq is definitely the only DHCP server on a network",
whis is the case for libvirt-managed networks.
In practice, this option has the effect that an expired lease can be
reacquired by the client using a DHCPREQUEST unless it has been given
to another client in the meantime. Without "dhcp-authoritative", this
operation always fails, which can be quite cumbersome.
There is no protection against rogue clients hijacking other client's
IP addresses, but that isn't specific to libvirt, and IP addresses don't
provide security anyway.
This is ovbiously not aimed at production environments; it's a convenience
for developers and casual users who'd rather not be bothered with network
XML host entries or the like.

Original submission:
https://www.redhat.com/archives/libvir-list/2016-September/msg00739.html

Daniel's post where he said that "unless there's a obvious downside to it,
it seems reasonable to add that":
https://www.redhat.com/archives/libvir-list/2016-September/msg01305.html

Regards,
Martin

Martin Wilck (2):
  network: add dnsmasq option 'dhcp-authoritative'
  tests/networkxml2confdata: add dhcp-authoritative option

 src/network/bridge_driver.c                                       | 4 +++-
 tests/networkxml2confdata/dhcp6-nat-network.conf                  | 1 +
 tests/networkxml2confdata/dhcp6host-routed-network.conf           | 1 +
 tests/networkxml2confdata/isolated-network.conf                   | 1 +
 tests/networkxml2confdata/nat-network-dns-srv-record-minimal.conf | 1 +
 tests/networkxml2confdata/nat-network-dns-srv-record.conf         | 1 +
 tests/networkxml2confdata/nat-network-dns-txt-record.conf         | 1 +
 tests/networkxml2confdata/nat-network-name-with-quotes.conf       | 1 +
 tests/networkxml2confdata/nat-network.conf                        | 1 +
 tests/networkxml2confdata/netboot-network.conf                    | 1 +
 tests/networkxml2confdata/netboot-proxy-network.conf              | 1 +
 11 files changed, 13 insertions(+), 1 deletion(-)

-- 
2.10.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]