Re: libvirt, dnsmasq, and resolvconf
Laine Stump provided this useful info on the libvirt-users list:
This commit (which was included in libvirt 1.2.12) may help you to a
solution:
commit 298fa4858ced29e2c42681635a5a8dcd6da0b231
Author: Josh Stone <jistone@redhat.com>
Date: Wed Dec 3 16:01:33 2014 -0800
network: Let domains be restricted to local DNS
This adds a new "localOnly" attribute on the domain element of the
network xml. With this set to "yes", DNS requests under that domain
will only be resolved by libvirt's dnsmasq, never forwarded upstream.
This was how it worked before commit f69a6b987d616, and I found that
functionality useful. For example, I have my host's NetworkManager
dnsmasq configured to forward that domain to libvirt's dnsmasq, so I can
easily resolve guest names from outside. But if libvirt's dnsmasq
doesn't know a name and forwards it to the host, I'd get an endless
forwarding loop. Now I can set localOnly="yes" to prevent the loop.
So it sounds like the proper thing to do is to set the localOnly
attribute and put the libvirt network in a subdomain, then point the
dnsmasq on the host to the libvirt dns for that subdomain.
[Comment by Ross: It seems this addresses my concern about a loop
between different copies of dnsmasq, at least if used with judicious
domain assignment.
Unfortunately, libvirt >= 1.2.12 is only available in stretch/testing,
which is currently at 1.2.16.]
Ross
Reply to: