Re: Improved handling of changing DNS resolvers

On Mon, 23 Jan 2023 17:20:13 +1100 David Gibson wrote:

On Sat, Jan 21, 2023 at 10:47:03AM +0100, Stefano Brivio wrote:

...

Hi Noah,

Sorry for the delay, I didn't check pending mailing list posts for a couple of days. Comments below:

On Tue, 17 Jan 2023 11:50:50 -0800 Noah Gold wrote:

...

Hi folks,

libslirp and Passt have different approaches to sharing DNS resolvers with the guest system, each with their own benefits & drawbacks. On the libslirp project, we're discussing [1] how to support DNS failover. Passt already has support for this, but there is a drawback to its solution which prevents us from taking a similar approach: the resolvers are read exactly once, so if the host changes networks at runtime, the guest will not receive the updated resolvers and thus its connectivity will break.

So, passt/pasta kinda-sorta binds itself to a particular host interface, so DNS won't be the only issue if the host changes network. For one thing, at least by default the guest gets the same IP as the host, so if the host IP changes the guest will get out of sync. We'll mostly cope with that ok, but there will be some edge cases which will break (most obviously if after the network change the guest wants to talk to something at the host's old address / its current address).

Noah, by the way, if your usage for DNS failover is related to a virtual machine being migrated to another host with different addressing, mind that you could simply tell qemu to connect to a new instance of passt. That's something you can't do with libslirp. Would that solve your problem, or your issue is specifically related to DNS failover without any VM migration playing a role? -- Stefano