@paelzer gave me the hint that solved it. TL;DR: bind9 conflicts with dnsmasq that is setup to listen on :53 on the newly created libvirt bridge.
So when you query the new IP, it's dnsmasq who is getting the request, and not bind. Right after bringing up the new interface, both dnsmasq and named are listening on it: udp 0 0 192.168.122.1:53 0.0.0.0:* 23748/dnsmasq udp 0 0 192.168.122.1:53 0.0.0.0:* 620/named I don't know how the above is supposed to work, but I straced named and it didn't get any query in this situation. When bind9 is then restarted, the listening changes to: udp 0 0 192.168.122.1:53 0.0.0.0:* 24831/named udp 0 0 192.168.122.1:53 0.0.0.0:* 23748/dnsmasq I wonder if the order is relevant, i.e., this time named is listed first, and it picked up the query. It seems to be undefined behavior. I suggest to define the maas network, from https://discourse.maas.io/t/setting-up-a-flexible-virtual-maas-test-environment/142, with this patch: --- maas.xml.orig 2018-10-15 15:47:31.113119334 +0000 +++ maas.xml 2018-10-15 15:48:38.600887479 +0000 @@ -5,6 +5,7 @@ <port start='1024' end='65535'/> </nat> </forward> + <dns enable='no'/> <bridge name='virbr1' stp='off' delay='0'/> <domain name='testnet'/> <ip address='172.16.99.1' netmask='255.255.255.0'> This will prevent dnsmasq from listening on 172.16.99.1:53, and we don't really want that anyway. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to bind9 in Ubuntu. https://bugs.launchpad.net/bugs/1796164 Title: After interface/IP changes, bind9 can fail to respond to queries on the new interface To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1796164/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
