Host DNS configuration should consider NetworkManager on Fedora

[jmontleon]

If you have dns=dnsmasq in the [main] section of /etc/NetworkManager/NetworkManager.conf landrush does not play well.

It should write the config to /etc/NetworkManager/dnsmasq.d rather than /etc/dnsmasq.d and restart (maybe reload?) NetworkManager rather than dnsmasq as NetworkManager already manages a dnsmasq process on 127.0.0.1.

[hferentschik]

@jmontleon, thanks for your feedback. Much appreciated. There were other reports around problems on Fedora, but yours has so far the most concrete solution.

Mind you, the automatic host DNS configuration is really quite new (it only used to for for OS X out of the box) and given the wide variety of operation systems and how they are configured, it is hard to get this part right, especially if oneself is not using say Fedora as main development platform.

That said, you can always set _config.landrush.host_redirectdns = false to false and prevent Landrush to do any sort of host configuration. You can then do the setup yourself.

If your suggested solution works, maybe you would be interested in providing a pull request ;-)?

Last, but not least, what is the Fedora version you are running and do you know whether what you suggest will work for any version?

[hferentschik]

Most likely a duplicate of #260

[JPvRiel]

Hi, just to add a lesson learnt related to this:

• Even after doing a workaround with network manager, landrush causes dnsmasq to be installed if you forget config.landrush.host_redirect_dns = false in the Vagrantfile.
• Watch out for dnsmasq distro package update file default config - it can end up flooding syslog.

For context, a while ago I manually setup the dnsmasq settings landrush needs via NetworkManager's dnsmasq

$ sudo sh -c 'echo "server=/vagrant.test/127.0.0.1#10053" > /etc/NetworkManager/dnsmasq.d/vagrant-landrush'
$ sudo systemctl restart NetworkManager
$ grep '127.0.0.1#10053' /var/log/syslog | tail -n 1
Sep 27 00:05:47 <myhostname> dnsmasq[17285]: using nameserver 127.0.0.1#10053 for domain vagrant.test

But at some point I must have forgotten to put config.landrush.host_redirect_dns = false in one of my Vagrantfiles. The result:

• dnsmasq got installed
• /etc/dnsmasq.d/vagrant-landrush-vagrant.test got created

So both the standard dnsmasq and NetworkManager's dnsmasq processes were pointing landrush at 127.0.0.1:10053.

In addition, to mess things up even more, I tried my luck with vagrant and the docker provider. This ended up causing:

Dec 31 13:05:31 <hostname> dnsmasq[1707]: failed to create listening socket for 172.17.0.1: Permission denied
Dec 31 13:05:31  <hostname>  dnsmasq[1707]: failed to create listening socket for 172.18.0.1: Permission denied

Some other chaos resulted when the dnsmasq package was updated via apt, and dpkg.old and dpkg.new default config files caused dnsmasq to have extra config in /etc/dnsmasq.d/...

Hundreds of thousands of dnsmasq error messages (e.g. 200K in one day!)

$ for f in /var/log/syslog*; do ls -lh $f; zgrep -c dnsmasq $f; echo; done
-rw-r----- 1 syslog adm 851K Dec 31 13:40 /var/log/syslog
6861

-rw-r----- 1 syslog adm 32M Dec 31 13:05 /var/log/syslog.1
270044

-rw-r----- 1 syslog adm 277K Dec 30 10:16 /var/log/syslog.2.gz
3683

-rw-r----- 1 syslog adm 67K Dec 28 10:06 /var/log/syslog.3.gz
46

Note the inclusion of extra config with the default daemon for dnsmaq in Ubuntu (I assume Debian as well)

$ ps -p 1707 -o ppid,user,cmd | more
 PPID USER     CMD
    1 dnsmasq  /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /
var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --l
ocal-service --trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A4185
5200FD2CE1CDDE32F24E8FB5

As per the man page -7

-7, --conf-dir=[,......], Read all the files in the given directory as configuration files.

So I think the issue was the extra dnsmasq process was reading in all the config files for various other VM and container dnsmaq instances like libvirt, lxc and NetworkManager, and those already have their own dnsmasq processes running?

$ ls /etc/dnsmasq.d
libvirt-bin  lxc  network-manager  vagrant-landrush-vagrant.test

To fix and revert to using a custom/manual dnsmasq with NetworkManager, I removed the default daemon

$ sudo apt-get remove --purge dnsmasq
$ sudo rm /etc/dnsmasq.d/vagrant-landrush-vagrant.test

[hferentschik]

Merged via pull request #275