From 9f214ddb7a2bbd6e09b65c69398d0427ec8f733d Mon Sep 17 00:00:00 2001 From: Andy Bavier Date: Mon, 7 Oct 2013 14:30:14 -0400 Subject: [PATCH] Turn off dnsmasq's DNS forwarding on public interfaces --- plugins/planetstack-net.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/plugins/planetstack-net.py b/plugins/planetstack-net.py index 5ef2853..0fc0bf6 100644 --- a/plugins/planetstack-net.py +++ b/plugins/planetstack-net.py @@ -157,7 +157,7 @@ def dnsmasq_sighup(dev): # Enable dnsmasq for this interface. # It's possible that we could get by with a single instance of dnsmasq running on # all devices but I haven't tried it. -def start_dnsmasq(dev, interface): +def start_dnsmasq(dev, interface, forward_dns=True): if not dnsmasq_running(dev): # The '--dhcp-range=,static' argument to dnsmasq ensures that it only # hands out IP addresses to clients listed in the hostsfile @@ -175,6 +175,10 @@ def start_dnsmasq(dev, interface): '--dhcp-no-override', '--dhcp-range=%s,static' % interface['ip']] + # Turn off forwarding DNS queries, only do DHCP + if forward_dns == False: + cmd.append('--port=0') + try: logger.log('%s: starting dnsmasq on device %s' % (plugin, dev)) subprocess.check_call(cmd) @@ -345,5 +349,5 @@ def GetSlivers(data, config=None, plc=None): if 'OVS_BRIDGE' in tags: dev = tags['OVS_BRIDGE'] write_dnsmasq_hostsfile(dev, ports, site_net_id) - start_dnsmasq(dev, interface) + start_dnsmasq(dev, interface, forward_dns=False) -- 2.47.0