Open DNS server on external IP
Background
When you run libvirt / KVM on Ubuntu it seems the framework starts up a second local DNS server beside systemd-resolved. Since only one server can occupy localhost port 53 (systemd-resolved) libvirt-dnsmasq uses HOSTNAME / Port 53. So that will be whatever IP the DHCP server assigns to your PC.
This IP is accessible from all other sources on the network as a matter of fact and running an open DNS server on it is probably not a good idea.
Solution
Check the virtual net status:
# virsh net-list
Name State Autostart Persistent
----------------------------------------------------------
default active yes yes
Check to see if libvirt-dnsmasq is running
# lsof -i TCP:53
Remove the default virtual network for your virtual hosts.
# virsh net-destroy default
Prevent it from autostarting at all
# virsh net-autostart --network default --disable
If you need it again start it with
# virsh net-start default
Result
libvirt-dnsmasq is no longer listening on port 53 / DNS on whatever IP your interface(s) have been given on your network.
# lsof -i TCP:53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 635 systemd-resolve 13u IPv4 25136 0t0 TCP localhost:domain (LISTEN)
# virsh net-list
Name State Autostart Persistent
----------------------------------------
No comments:
Post a Comment