[Dnsmasq-discuss] dnsmasq opens DHCP server ports on all interfaces instead of just on the interface(s) defined in interface= setting

Thu, 06 Mar 2025 12:43:38 -0800 

ubuntu oracular
linux 6.12.0-15-generic
dnsmasq 2.90-4 or 2.90-7

With the following specific configuration in /etc/dnsmasq.conf:
port=0
interface=eth0
bind-interfaces
dhcp-range=192.168.1.2,192.168.1.254

I get:
# /usr/bin/netstat -tunpevaW | grep dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 0 19371604 3877093/dnsmasq

which contradicts your own documentation (please read until the end):
# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
# interface=

# On systems which support it, dnsmasq binds the wildcard address,
# even when it is listening on only some interfaces. It then discards
# requests that it shouldn't reply to. This has the advantage of
# working even when interfaces come and go and change address. If you
# want dnsmasq to really bind only the interfaces it is listening on,
# uncomment this option. About the only time you may need this is when
# running another nameserver on the same machine.
# bind-interfaces

So, bind-interfaces is not applied as it takes over all interfaces.

This dnsmasq issue prevents the coexistence with other DHCP server(s)
such as kea as it binds to **all** interfaces and prevent other
servers from listening on the interface(s) they are setup for.

For instance, using libvirtd alongside kea-dhcp4-server is impossible:
libvirtd starts dnsmasq explicitely on one interface only (virbr0),
but the latter binds to all interfaces:
/usr/bin/netstat -tunpevaW | grep :67
udp        0      0 0.0.0.0:67              0.0.0.0:*
         0          16914197   3675533/dnsmasq

Then kea-dhcp4-server refuses to start on any other interface with the message:
DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: Failed to open socket
on interface virbr1, reason: failed to bind fallback socket to address
192.168.2.1, port 67, reason: Address already in use - is another DHCP
server running?

-- 
Jean-Christophe

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Reply via email to