On 14/02/2025 13:38, jean-christophe manciot wrote: > With the following setup: > > port=0 > interface=eth0 > bind-interfaces > dhcp-range=192.168.1.2,192.168.1.254 > > I get: > # /usr/bin/netstat -tunpevaW | grep dnsmasq > udp 0 0 0.0.0.0:67 0.0.0.0:* > 0 19371604 3877093/dnsmasq > > which contradicts your own documentation (please read until the end): > # If you want dnsmasq to listen for DHCP and DNS requests only on > # specified interfaces (and the loopback) give the name of the > # interface (eg eth0) here. > # Repeat the line for more than one interface. > # interface= > > # On systems which support it, dnsmasq binds the wildcard address, > # even when it is listening on only some interfaces. It then discards > # requests that it shouldn't reply to. This has the advantage of > # working even when interfaces come and go and change address. If you > # want dnsmasq to really bind only the interfaces it is listening on, > # uncomment this option. About the only time you may need this is when > # running another nameserver on the same machine. > # bind-interfaces > > So, bind-interfaces is not applied. Why is it a problem? In cases where > there are multiple DHCP servers, this dnsmasq issue prevents the > coexistence with these other servers as it binds to **all** ionterfaces > and prevent other servers from listening on the interfaces they were > setup for. > > A perfect example is libvirtd: this issue prevents libvirtd from > starting its one instance of dnsmasq over virbr0 (for instance). Cf. > https://wiki.libvirt.org/Libvirtd_and_dnsmasq.html. > > FYI, this failed behavior did not exist in Ubuntu noble. >
No release of dnsmasq ever made has bound the DHCP socket to anything other than the wildcard address. Whatever problem you are having, it's not what you think it is. The DHCP socket has to be able to receive packets which are sent to 255.255.255.255 and whose source address is 0.0.0.0 This is simply not reliable with a socket bound to the local address of the interface. In order to allow multiple dnsmasq instances (for instance in the libvirt case) dnsmasq sets REUSEPORT on DHCP sockets, and, if exactly one interface is specified in the configuration, it sets SO_BINDTODEVICE. Neither of these things is visible in netstat. TLDR; 1) The behaviour you are asking for doesn't work. 2) This is not a regression: it has always been done this way. Simon. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/2098119 Title: dnsmasq opens DHCP server ports on all interfaces instead of just on the interface(s) defined in interface= setting Status in dnsmasq package in Ubuntu: New Bug description: ubuntu oracular linux 6.12.0-15-generic dnsmasq 2.90-4 With the following specific configuration in /etc/dnsmasq.conf (due to interference with another DNS server): port=0 The systemd service starts: # echo 'q' | sudo systemctl --no-pager --full status dnsmasq ● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; preset: enabled) Active: active (running) since Wed 2025-02-12 17:31:55 CET; 1min 24s ago Invocation: 3aa94eb3e49c40e8b7cc53f316cc90eb Main PID: 1550822 (dnsmasq) Tasks: 1 (limit: 36889) Memory: 844K (peak: 2.4M) CPU: 28ms CGroup: /system.slice/dnsmasq.service └─1550822 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Feb 12 17:31:55 samsung9-ubuntux systemd[1]: Starting dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server... Feb 12 17:31:55 samsung9-ubuntux dnsmasq[1550822]: started, version 2.90 DNS disabled Feb 12 17:31:55 samsung9-ubuntux dnsmasq[1550822]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile Feb 12 17:31:55 samsung9-ubuntux systemd[1]: Started dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server. but there is no DHCP server port open: # /usr/bin/netstat -tunpevaW | grep dnsmasq # /usr/bin/netstat -tunpevaW | grep :67 # It does not change anything if I specify 'interface=eth0' or 'listen-address=127.0.0.1' for instance. It does not change anything either if I specify a specific DNS port other than 53 with 'port=663' for instance: still no DHCP server port open by dnsmasq. Everything works fine with TFTP though with: listen-address=127.0.0.1 bind-interfaces enable-tftp # /usr/bin/netstat -tunpevaW | grep dnsmasq udp 0 0 127.0.0.1:69 0.0.0.0:* 0 5781084 2183724/dnsmasq To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/2098119/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
