[Bug 1246094] [NEW] Setting LXC_DOMAIN causes dnsmasq forwarding loop
Ed Swierk
1246094 at bugs.launchpad.net
Tue Oct 29 21:36:27 UTC 2013
Public bug reported:
Setting LXC_DOMAIN=lxc in /etc/default/lxc-net causes the lxc-net init
script to pass -s lxc to the private LXC dnsmasq instance running on the
lxcbr0 interface (on 10.0.3.1, say).
Then, adding server=/lxc/10.0.3.1 to /etc/dnsmasq.conf causes the normal
dnsmasq to forward queries for the .lxc domain to the LXC dnsmasq.
Unfortunately if the normal dnsmasq requests an MX or AAAA record, or
anything else that the LXC dnsmasq doesn't know how to resolve, the
latter forwards to the address in /etc/resolv.conf, which is 127.0.0.1
on a system running a normal dnsmasq. And since the normal dnsmasq is
listening on 127.0.0.1, and it's configured to forward queries for the
.lxc domain right back to the LXC-dnsmasq. Thus the two dnsmasqs bounce
the request back and forth ad infinitum.
The solution is to configure the LXC dnsmasq never to forward requests
for the .lxc domain by passing the -S /lxc/ command-line argument. This
way, the LXC dnsmasq answers queries that it knows about (A records for
LXC hosts), but NAKs queries for any other .lxc domain queries.
See the attached patch to /debian/lxc.lxc-net.upstart.
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "Patch to /debian/lxc.lxc-net.upstart"
https://bugs.launchpad.net/bugs/1246094/+attachment/3895094/+files/lxc-net-init-1.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1246094
Title:
Setting LXC_DOMAIN causes dnsmasq forwarding loop
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1246094/+subscriptions
More information about the Ubuntu-server-bugs
mailing list