Hello,
Getting information and confirmation from upstream programmers is always very interesting.
Happy Debian![Smile :)]()
Thanks for reporting back on your further research.[..] I contacted the libvirt and dnsmasq-base developers and got useful answers from Sven Geuer (dnsmasq maintainer) and Lee Garrett (Debian developer).Very good. Please post updates. It is only a work around and not solved. Let's hope the next update works.I will try to get feedback from the maintainers.
I'll be paying attention, but as stated I don't expect to see the issue with my config.
First, the explanation:
The conflict between bind9 and dnsmasq-base for the use of the virbr0 (or whatever other name) interface had always been there. What changed between dnsmasq-base 2.8.x and 2.9.x was the fact that in the latter, this conflict resulted in a failure. This is, I agreed with the developers, a good thing to do to avoid further problems. Perhaps because my VMs don't access intensively to the internet, I don't recall having had any problem, though.
Now, for the possible solutions, I got these suggestions:
1. Drop bind9 and use dnsmasq globally. According to Sven, dnsmasq can also handle local zones
2. Don't use NAT for the VMs but instead give them access to the internet through a bridge interface
3. Tell bind9 not to listen to the interface (virbr0 in my case) that libvirt creates for dnsmasq-base
Since I wanted to act minimally on my, perhaps not very standard, configuration, I went for 3. It took me a while to figure out how to do that, mainly because my knowledge in these subjects is very limited. But in the end, it was as simple as adding in the named.conf.options file these two lines (they will of course be different in other configurations):where „mynet“ is a list of subnets I want to allow queries from, defined in a previous acl clause:Code:
listen-on { 127.0.0.1; }; listen-on { mynet; };I have marked again the question as solved, since I think we have a general solution.Code:
acl mynet { 192.168.134.0/24;};
Cheers
Getting information and confirmation from upstream programmers is always very interesting.
Happy Debian
Statistics: Posted by Aki — 2025-01-17 19:45