all rack addresses in vlan are included in list of nameservers sent to deployed server

Bug #1896684 reported by Dan Streetman
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released
Fix Released

Bug Description

maas forces all rack addresses for all subnets in a single vlan to any system deployed into any of those subnets. If the deployed systems are isolated, with no gateway configured, they may end up with broken DNS due to having nameservers configured which are not reachable.

[test case]

configure maas with a single Fabric 'maas', with a single vlan 'untagged'. In that untagged vlan, create 4 separate subnets,,,, and Configure all the subnets with 'allow_dns' set to False, and each of them should be configured with 10.X.0.1 as their only dns nameserver, and no gateway. Of course, also configure the corresponding 10.X.0.1 addresses on the maas machine.

Configure a machine in maas to set its interface to use Fabric 'maas' and vlan 'untagged', and subnet

Deploy that system, and even though the subnet is configured with "dns_servers": [ "" ] and "allow_dns": False, the deployed system is configured with as well as,, and

When deploying a system using systemd-resolved, this is not necessarily a problem, since systemd-resolved has no limit on the number of upstream nameservers it can handle, so the 'correct' (on-subnet) nameserver will be one of the configured ones, and systemd-resolved will use it for DNS.

However, when deploying a system that does not use systemd-resolved (e.g. Centos), when cloud-init manually edits the /etc/resolv.conf file, there is a hardcoded limit of 3 nameservers that can be listed in the file, so if the list of nameservers is larger, the 'correct' nameserver may not be included. In this example, if the deployed system's resolv.conf file is created with only the,, and nameservers, the system will have no working DNS since it can only reach systems.

Tags: sts

Related branches

Revision history for this message
Dan Streetman (ddstreet) wrote :

This is related to bug 1881133

affects: maas (Ubuntu) → maas
Dan Streetman (ddstreet)
tags: added: sts
Dan Streetman (ddstreet)
description: updated
Changed in maas:
milestone: none → next
status: New → Fix Committed
Revision history for this message
Dan Streetman (ddstreet) wrote :

I opened a MR to backport the patch to 2.8, should be ready for review.

Alberto Donato (ack)
Changed in maas:
milestone: next → 2.9.0b6
status: Fix Committed → Fix Released
Revision history for this message
Christian Grabowski (cgrabowski) wrote :

attaching related dhcpd.conf

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.