On Mon, Jan 03, 2011 at 04:57:52PM +0100, PaweÅ KrzeÅniak wrote: > handle DNS over IPv6 > > Firstly: Add ip6tables rules to allow DNS over IPv6 in network. > > Secondly: start dnsmasq with --interface option instead of > --listen-address. > > Dnsmasq currently uses "--listen-address IPv4_address" option, which > restricts DNS service to one IPv4 address only. We could append > --listen-address for every IPv[46] address defined on interface, but > it's cleaner to use "--interface brname". While it is shorter to just use '--interface brname' this comes at the price of loosing compatibility with older dnsmasq which we still wish to support. If we used '--listen-address $IPV4ADDR --listen-address $IPV6ADDR' then people with dnsmasq < 2.48 can still use the virtual network capability in a IPv4 only context without problems. Only those people who actually needed IPv6 DNS would have to upgrade to newer dnsmasq. > There were some problems in the past with --interface option. Dnsmasq > version 2.46 and earlier exited with error when tired to bind() to IPv6 > addresses on just brought up interfaces, because DAD (Duplicate > Address Detection) takes some time to finish and bind() returns > EADDRNOTAVAIL which caused dnsmasq to exit. > Dnsmasq version 2.47 (released on 05-Feb-2009) fixed this issue by > retrying bind() after getting EADDRNOTAVAIL error (as described in > http://www.thekelleys.org.uk/dnsmasq/CHANGELOG; > loop itself is defined in dnsmasq-2.47/src/network.c:404) > > * Using --interface option causes longer network startup: > $ time virsh -c qemu:///system net-start isolated1 > Network isolated1 started > > real 0m0.112s > user 0m0.013s > sys 0m0.009s > > $ time virsh -c qemu:///system net-start isolated1 > Network isolated1 started > > real 0m2.101s > user 0m0.011s > sys 0m0.011s Do you have any idea what causes the delay ? In particular is the delay caused by the use of --listen-interface, or caused by the addition of IPv6 addrs ? Based on your descriptions here it sounds like going for multiple --listen-address parameters offers the same level of overall functionality, but with better compatibility for people on older dnsmasq. So I'm not seeing a compelling reason to switch over to using --listen-interface Regards, Daniel -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list