From nobody Fri Oct 18 04:31:26 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain of lists.libvirt.org) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 170682213758323.600431685871854; Thu, 1 Feb 2024 13:15:37 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 7471FAD3; Thu, 1 Feb 2024 16:15:36 -0500 (EST) Received: from lists.libvirt.org.85.43.8.in-addr.arpa (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 90A7E1DB7; Thu, 1 Feb 2024 16:04:41 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 58ADC1D0C; Thu, 1 Feb 2024 16:04:20 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id A07D61D2F for ; Thu, 1 Feb 2024 16:03:26 -0500 (EST) Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-440-RaE_9xKlN-izWQqliXBPYg-1; Thu, 01 Feb 2024 16:03:25 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C27921C54021 for ; Thu, 1 Feb 2024 21:03:24 +0000 (UTC) Received: from orkuz (unknown [10.45.226.109]) by smtp.corp.redhat.com (Postfix) with ESMTP id 859AE1C060AF for ; Thu, 1 Feb 2024 21:03:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.4 X-MC-Unique: RaE_9xKlN-izWQqliXBPYg-1 From: Jiri Denemark To: devel@lists.libvirt.org Subject: [libvirt PATCH 6/7] network: Make virtual domains resolvable from the host Date: Thu, 1 Feb 2024 22:02:48 +0100 Message-ID: <7041571b31781ad1d4623d5c3fd4f8c16a2c6798.1706821238.git.jdenemar@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Message-ID-Hash: SVZ4N7ZNEFIZCG47MDEJXCGXALVLFGYG X-Message-ID-Hash: SVZ4N7ZNEFIZCG47MDEJXCGXALVLFGYG X-MailFrom: jdenemar@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1706822138228100001 This patch adds a new attribute "register" to the element. If set to "yes", the DNS server created for the virtual network is registered with systemd-resolved as a name server for the associated domain. The names known to the dnsmasq process serving DNS and DHCP requests for the virtual network will then be resolvable from the host by appending the domain name to them. Signed-off-by: Jiri Denemark --- docs/formatnetwork.rst | 9 ++++++++- src/conf/network_conf.c | 18 ++++++++++++++++++ src/conf/network_conf.h | 1 + src/conf/schemas/network.rng | 3 +++ src/network/bridge_driver.c | 32 +++++++++++++++++++++++++++++++- 5 files changed, 61 insertions(+), 2 deletions(-) diff --git a/docs/formatnetwork.rst b/docs/formatnetwork.rst index 16e81246fa..dcdaf1e5a5 100644 --- a/docs/formatnetwork.rst +++ b/docs/formatnetwork.rst @@ -88,7 +88,7 @@ to the physical LAN (if at all). ... - + ... =20 @@ -162,6 +162,13 @@ to the physical LAN (if at all). DNS server. If ``localOnly`` is "no", and by default, unresolved reques= ts **will** be forwarded. :since:`Since 1.2.12` =20 + :since:`Since 10.1.0` the optional ``register`` attribute can be used to + request registering the DNS server for resolving this domain with the h= ost's + DNS resolver. When set to "yes", the host resolver will forward all req= uests + for domain names from this domain to the DNS server created for this vi= rtual + network. To avoid DNS loops ``localOnly`` has to be set to "yes" as wel= l. + This feature requires ``systemd-resolved`` to be running on the host. + ``forward`` Inclusion of the ``forward`` element indicates that the virtual network= is to be connected to the physical LAN. :since:`Since 0.3.0.` The ``mode`` diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c index ef3415cd89..cc92ed0b03 100644 --- a/src/conf/network_conf.c +++ b/src/conf/network_conf.c @@ -1582,6 +1582,19 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt, &def->domainLocalOnly) < 0) return NULL; =20 + if (virXMLPropTristateBool(domain_node, "register", + VIR_XML_PROP_NONE, + &def->domainRegister) < 0) + return NULL; + + if (def->domainRegister =3D=3D VIR_TRISTATE_BOOL_YES && + def->domainLocalOnly !=3D VIR_TRISTATE_BOOL_YES) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("attribute 'register=3Dyes' in element r= equires 'localOnly=3Dyes' in network %1$s"), + def->name); + return NULL; + } + if ((bandwidthNode =3D virXPathNode("./bandwidth", ctxt)) && virNetDevBandwidthParse(&def->bandwidth, NULL, bandwidthNode, fals= e) < 0) return NULL; @@ -2405,6 +2418,11 @@ virNetworkDefFormatBuf(virBuffer *buf, virBufferAsprintf(buf, " localOnly=3D'%s'", local); } =20 + if (def->domainRegister) { + virBufferAsprintf(buf, " register=3D'%s'", + virTristateBoolTypeToString(def->domainRegis= ter)); + } + virBufferAddLit(buf, "/>\n"); } =20 diff --git a/src/conf/network_conf.h b/src/conf/network_conf.h index 1d7fd3ab6a..c2a4198abc 100644 --- a/src/conf/network_conf.h +++ b/src/conf/network_conf.h @@ -245,6 +245,7 @@ struct _virNetworkDef { int macTableManager; /* enum virNetworkBridgeMACTableManager */ char *domain; virTristateBool domainLocalOnly; /* yes disables dns forwarding */ + virTristateBool domainRegister; unsigned long delay; /* Bridge forward delay (ms) */ bool stp; /* Spanning tree protocol */ unsigned int mtu; /* MTU for bridge, 0 means "default" i.e. unset in c= onfig */ diff --git a/src/conf/schemas/network.rng b/src/conf/schemas/network.rng index e56e07d130..b7c8551fad 100644 --- a/src/conf/schemas/network.rng +++ b/src/conf/schemas/network.rng @@ -258,6 +258,9 @@ + + + =20 diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 9921c7cd14..d89700c6ee 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -63,7 +63,7 @@ #include "virjson.h" #include "virnetworkportdef.h" #include "virutil.h" - +#include "virsystemd.h" #include "netdev_bandwidth_conf.h" =20 #define VIR_FROM_THIS VIR_FROM_NETWORK @@ -1902,6 +1902,7 @@ networkStartNetworkVirtual(virNetworkDriverState *dri= ver, bool dnsmasqStarted =3D false; bool devOnline =3D false; bool firewalRulesAdded =3D false; + virSocketAddr *dnsServer =3D NULL; =20 /* Check to see if any network IP collides with an existing route */ if (networkCheckRouteCollision(def) < 0) @@ -1958,6 +1959,9 @@ networkStartNetworkVirtual(virNetworkDriverState *dri= ver, if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET6)) v6present =3D true; =20 + if (!dnsServer) + dnsServer =3D &ipdef->address; + /* Add the IP address/netmask to the bridge */ if (networkAddAddrToBridge(obj, ipdef) < 0) goto error; @@ -2011,6 +2015,32 @@ networkStartNetworkVirtual(virNetworkDriverState *dr= iver, goto error; =20 dnsmasqStarted =3D true; + + if (def->domain && def->domainRegister && dnsServer) { + unsigned int link; + int rc; + + if ((link =3D if_nametoindex(def->bridge)) =3D=3D 0) { + virReportSystemError(ENODEV, + _("unable to get interface index for = %1$s"), + def->bridge); + goto error; + } + + rc =3D virSystemdResolvedRegisterNameServer(link, def->domain, + dnsServer); + if (rc =3D=3D -2) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("failed to register name server: systemd-= resolved is not available")); + goto error; + } + + if (rc < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("failed to register name server")); + goto error; + } + } } =20 if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0) --=20 2.43.0 _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-leave@lists.libvirt.org