network: add netmask to dhcp range of dnsmasq conf file for IPv4

dnsmasq documentation says that the *IPv4* prefix/network
address/broadcast address sent to dhcp clients will be automatically
determined by dnsmasq by looking at the interface it's listening on,
so the original libvirt code did not add a netmask to the dnsmasq
commandline (or later, the dnsmasq conf file).

For *IPv6* however, dnsmasq apparently cannot automatically determine
the prefix (functionally the same as a netmask), and it must be
explicitly provided in the conf file (as a part of the dhcp-range
option). So many years after IPv4 DHCP support had been added, when
IPv6 dhcp support was added the prefix was included at the end of the
dhcp-range setting, but only for IPv6.

A user had reported a bug on a host where one of the interfaces was a
superset of the libvirt network where dhcp is needed (e.g., the host's
ethernet is 10.0.0.20/8, and the libvirt network is 10.10.0.1/24). For
some reason dnsmasq was supplying the netmask for the /8 network to
clients requesting an address on the /24 interface.

This seems like a bug in dnsmasq, but even if/when it gets fixed
there, it looks like there is no harm in just always adding the
netmask to all IPv4 dhcp-range options similar to how prefix is added
to all IPv6 dhcp-range options.

Signed-off-by: Laine Stump <laine@laine.org>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Laine Stump 2019-02-18 16:34:50 -05:00
parent abb293a56f
commit 82fe58ff26
12 changed files with 32 additions and 16 deletions

View File

@ -1320,11 +1320,27 @@ networkDnsmasqConfContents(virNetworkObjPtr obj,
!(eaddr = virSocketAddrFormat(&ipdef->ranges[r].end)))
goto cleanup;
virBufferAsprintf(&configbuf, "dhcp-range=%s,%s",
saddr, eaddr);
if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET6))
virBufferAsprintf(&configbuf, ",%d", prefix);
virBufferAddLit(&configbuf, "\n");
if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET6)) {
virBufferAsprintf(&configbuf, "dhcp-range=%s,%s,%d\n",
saddr, eaddr, prefix);
} else {
/* IPv4 - dnsmasq requires a netmask rather than prefix */
virSocketAddr netmask;
VIR_AUTOFREE(char *) netmaskStr = NULL;
if (virSocketAddrPrefixToNetmask(prefix, &netmask, AF_INET) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to translate bridge '%s' "
"prefix %d to netmask"),
def->bridge, prefix);
goto cleanup;
}
if (!(netmaskStr = virSocketAddrFormat(&netmask)))
goto cleanup;
virBufferAsprintf(&configbuf, "dhcp-range=%s,%s,%s\n",
saddr, eaddr, netmaskStr);
}
VIR_FREE(saddr);
VIR_FREE(eaddr);

View File

@ -8,7 +8,7 @@ strict-order
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-range=2001:db8:ac10:fd01::1:10,2001:db8:ac10:fd01::1:ff,64

View File

@ -10,7 +10,7 @@ bind-interfaces
listen-address=192.168.152.1
dhcp-option=3
no-resolv
dhcp-range=192.168.152.2,192.168.152.254
dhcp-range=192.168.152.2,192.168.152.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -13,7 +13,7 @@ listen-address=fc00:db8:ac10:fe01::1
listen-address=fc00:db8:ac10:fd01::1
listen-address=10.24.10.1
srv-host=_name._tcp
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -15,7 +15,7 @@ srv-host=_name4._tcp.test4.com,test4.example.com,4444
srv-host=_name5._udp,test5.example.com,1,55,555
srv-host=_name6._tcp.test6.com,test6.example.com,6666,0,666
srv-host=_name7._tcp.test7.com,test7.example.com,1,0,777
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -9,7 +9,7 @@ except-interface=lo
bind-dynamic
interface=virbr0
txt-record=example,example value
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -8,7 +8,7 @@ strict-order
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -13,7 +13,7 @@ listen-address=fc00:db8:ac10:fe01::1
listen-address=fc00:db8:ac10:fd01::1
listen-address=10.24.10.1
srv-host=_name._tcp
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -8,7 +8,7 @@ strict-order
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253

View File

@ -10,7 +10,7 @@ expand-hosts
except-interface=lo
bind-interfaces
listen-address=192.168.122.1
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
enable-tftp

View File

@ -10,7 +10,7 @@ expand-hosts
except-interface=lo
bind-interfaces
listen-address=192.168.122.1
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-boot=pxeboot.img,,10.20.30.40

View File

@ -10,7 +10,7 @@ local=/1.0.e.f.0.1.c.a.8.b.d.0.1.0.0.2.ip6.arpa/
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253