After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dnsmasq (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
phenomenon:
After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM.
Cause:
This is because the following dnsmasq update operation performed by apt's automatic update causes an error. It worked properly with dnsmasq 2.80, but does not work properly with 2.90.
$ cat /var/log/
(snip)
Start-Date: 2024-02-27 06:17:31
Commandline: /usr/bin/
Upgrade: dnsmasq-base:amd64 (2.80-1.1ubuntu1.7, 2.90-0ubuntu0.
End-Date: 2024-02-27 06:17:44
(snip)
$
Cause details:
As a premise, bind-dynamic is set in the dnsmasq config file for KVM. Below is an example.
$ cat default.conf
##WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST. Changes to this configuration should be made using:
## virsh net-edit default
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
user=libvirt-
pid-file=
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253
dhcp-hostsfile=
addn-hosts=
$
When starting the network with KVM (virsh net-start), dnsmasq started from KVM executes the make_sock function twice as shown below.
$ cat network.c
(snip)
1087 static struct listener *create_
1087 tftp, int dienow)
1088 {
1089 struct listener *l = NULL;
1090 int fd = -1, tcpfd = -1, tftpfd = -1;
1091
1092 (void)do_tftp;
1093
1094 if (daemon->port != 0)
1095 {
1096 fd = make_sock(addr, SOCK_DGRAM, dienow);
1097 tcpfd = make_sock(addr, SOCK_STREAM, dienow);
1098 }
(snip)
The following code causes an issue with the update made in dnsmasq 2.90.
$ cat network.c
(snip)
895 static int make_sock(union mysockaddr *addr, int type, int dienow)
896 {
(snip)
934 if (!option_
935 {
936 if (dienow)
937 die(s, daemon->addrbuff, EC_BADNET);
938 else
939 my_syslog(
940 }
(snip)
function "make_sock" in network.c:1096 binds the socket to 192.168.122.1/24, and then make_sock in network.c:1097 tries to bind to the same address. However, in network.c:934, when errno==98 occurs, network.c:937 is executed, so dnsmasq does not cause a startup error. As a result, virsh net-start fails.
As a temporary workaround, it will work if you try not to die.
$ diff -u network_c_back network.c
--- network_c_back 2024-02-29 15:36:05.156467935 +0000
+++ network.c 2024-02-29 15:36:38.733324350 +0000
@@ -934,7 +934,8 @@
if (!option_
{
if (dienow)
- die(s, daemon->addrbuff, EC_BADNET);
+ my_syslog(
+ //die(s, daemon->addrbuff, EC_BADNET);
else
my_
}
$
If bind-dynamic is set, it should be modified so that it works even if errno==98.
For reference, in the case of dnsmasq 2.80, the code is as follows, so no error occurs.
network.c
699 static int make_sock(union mysockaddr *addr, int type, int dienow)
700 {
701 int family = addr->sa.sa_family;
702 int fd, rc, opt = 1;
(snip)
715 err:
716 errsave = errno;
717 port = prettyprint_
718 if (!option_
719 sprintf(
720 s = _("failed to create listening socket for %s: %s");
721
722 if (fd != -1)
723 close (fd);
724
725 errno = errsave;
726
727 if (dienow)
728 {
729 /* failure to bind addresses given by --listen-address at this
729 point
730 is OK if we're doing bind-dynamic */
731 if (!option_
732 die(s, daemon->addrbuff, EC_BADNET);
733 }
734 else
735 my_syslog(
736
737 return -1;
738 }
If bind-dynamic is set (option_
information type: | Public → Public Security |
tags: | added: server-triage-discuss |
Changed in dnsmasq (Ubuntu): | |
assignee: | nobody → Sergio Durigan Junior (sergiodj) |
tags: |
added: server-todo removed: server-triage-discuss |
tags: | added: regression-update |
tags: | removed: server-todo |
tags: | removed: regression-update |
my environment is as follows.
$ cat /etc/issue
Ubuntu 20.04.5 LTS \n \l
$ virsh --version
6.0.0
$ /usr/sbin/dnsmasq --version
Dnsmasq version 2.90 Copyright (c) 2000-2024 Simon Kelley
Compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset auth no-cryptohash no-DNSSEC loop-detect inotify dumpfile
This software comes with ABSOLUTELY NO WARRANTY.
Dnsmasq is free software, and you are welcome to redistribute it
under the terms of the GNU General Public License, version 2 or 3.
$