yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #78371
[Bug 1828473] [NEW] Dnsmasq spawned by neutron-dhcp-agent should use bind-dynamic option instead of bind-interfaces
Public bug reported:
According to warning log from dnsmasq:
May 09 23:08:59 devstack-ubuntu-ovs dnsmasq[27287]: LOUD WARNING: use
--bind-dynamic rather than --bind-interfaces to avoid DNS amplification
attacks via these interface(s)
Option bind-interfaces is available since dnsmasq 2.63
(https://github.com/liquidm/dnsmasq/blob/master/FAQ#L239) and we are
already requiring 2.67 at least so we should change this option in
calling dnsmasq process.
** Affects: neutron
Importance: Low
Assignee: Slawek Kaplonski (slaweq)
Status: Confirmed
** Tags: l3-ipam-dhcp
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1828473
Title:
Dnsmasq spawned by neutron-dhcp-agent should use bind-dynamic option
instead of bind-interfaces
Status in neutron:
Confirmed
Bug description:
According to warning log from dnsmasq:
May 09 23:08:59 devstack-ubuntu-ovs dnsmasq[27287]: LOUD WARNING: use
--bind-dynamic rather than --bind-interfaces to avoid DNS
amplification attacks via these interface(s)
Option bind-interfaces is available since dnsmasq 2.63
(https://github.com/liquidm/dnsmasq/blob/master/FAQ#L239) and we are
already requiring 2.67 at least so we should change this option in
calling dnsmasq process.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1828473/+subscriptions
Follow ups