diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2024-08-21 14:20:06 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2024-08-21 12:00:08 +0200 |
| commit | 0b25cac94eca77f2df44fe56a52a88b934e0b955 (patch) | |
| tree | bba3ea394a2500fec81ed246ae6fca0c014410b7 /passt.1 | |
| parent | a6066f4e27b4d731c8903b091866bf2051586bf7 (diff) | |
| download | passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar.gz passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar.bz2 passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar.lz passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar.xz passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.tar.zst passt-0b25cac94eca77f2df44fe56a52a88b934e0b955.zip | |
conf: Treat --dns addresses as guest visible addresses
Although it's not 100% explicit in the man page, addresses given to
the --dns option are intended to be addresses as seen by the guest.
This differs from addresses taken from the host's /etc/resolv.conf,
which must be translated to guest accessible versions in some cases.
Our implementation is currently inconsistent on this: when using
--dns-forward, you must usually also give --dns with the matching address,
which is meaningful only in the guest's address view. However if you give
--dns with a loopback addres, it will be translated like a host view
address.
Move the remapping logic for DNS addresses out of add_dns4() and add_dns6()
into add_dns_resolv() so that it is only applied for host nameserver
addresses, not for nameservers given explicitly with --dns.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'passt.1')
| -rw-r--r-- | passt.1 | 14 |
1 files changed, 9 insertions, 5 deletions
@@ -236,11 +236,15 @@ interface will be chosen instead. .TP .BR \-D ", " \-\-dns " " \fIaddr -Use \fIaddr\fR (IPv4 or IPv6) for DHCP, DHCPv6, NDP or DNS forwarding, as -configured (see options \fB--no-dhcp-dns\fR, \fB--dhcp-dns\fR, -\fB--dns-forward\fR) instead of reading addresses from \fI/etc/resolv.conf\fR. -This option can be specified multiple times. Specifying \fB-D none\fR disables -usage of DNS addresses altogether. +Instruct the guest (via DHCP, DHVPv6 or NDP) to use \fIaddr\fR (IPv4 +or IPv6) as a nameserver, as configured (see options +\fB--no-dhcp-dns\fR, \fB--dhcp-dns\fR) instead of reading addresses +from \fI/etc/resolv.conf\fR. This option can be specified multiple +times. Specifying \fB-D none\fR disables usage of DNS addresses +altogether. Unlike addresses from \fI/etc/resolv.conf\fR, \fIaddr\fR +is given to the guest without remapping. For example \fB--dns +127.0.0.1\fR will instruct the guest to use itself as nameserver, not +the host. .TP .BR \-\-dns-forward " " \fIaddr |