On 14/02/2025 13:38, jean-christophe manciot wrote: > With the following setup: > > port=0 > interface=eth0 > bind-interfaces > dhcp-range=192.168.1.2,192.168.1.254 > > I get: > # /usr/bin/netstat -tunpevaW | grep dnsmasq > udp 0 0 0.0.0.0:67 0.0.0.0:* > 0 19371604 3877093/dnsmasq > > which contradicts your own documentation (please read until the end): > # If you want dnsmasq to listen for DHCP and DNS requests only on > # specified interfaces (and the loopback) give the name of the > # interface (eg eth0) here. > # Repeat the line for more than one interface. > # interface= > > # On systems which support it, dnsmasq binds the wildcard address, > # even when it is listening on only some interfaces. It then discards > # requests that it shouldn't reply to. This has the advantage of > # working even when interfaces come and go and change address. If you > # want dnsmasq to really bind only the interfaces it is listening on, > # uncomment this option. About the only time you may need this is when > # running another nameserver on the same machine. > # bind-interfaces > > So, bind-interfaces is not applied. Why is it a problem? In cases where > there are multiple DHCP servers, this dnsmasq issue prevents the > coexistence with these other servers as it binds to **all** ionterfaces > and prevent other servers from listening on the interfaces they were > setup for. > > A perfect example is libvirtd: this issue prevents libvirtd from > starting its one instance of dnsmasq over virbr0 (for instance). Cf. > https://wiki.libvirt.org/Libvirtd_and_dnsmasq.html. > > FYI, this failed behavior did not exist in Ubuntu noble. >
No release of dnsmasq ever made has bound the DHCP socket to anything other than the wildcard address. Whatever problem you are having, it's not what you think it is. The DHCP socket has to be able to receive packets which are sent to 255.255.255.255 and whose source address is 0.0.0.0 This is simply not reliable with a socket bound to the local address of the interface. In order to allow multiple dnsmasq instances (for instance in the libvirt case) dnsmasq sets REUSEPORT on DHCP sockets, and, if exactly one interface is specified in the configuration, it sets SO_BINDTODEVICE. Neither of these things is visible in netstat. TLDR; 1) The behaviour you are asking for doesn't work. 2) This is not a regression: it has always been done this way. Simon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2098119 Title: dnsmasq opens DHCP server ports on all interfaces instead of just on the interface(s) defined in interface= setting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/2098119/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
