Skip to content

Instantly share code, notes, and snippets.

@ThinGuy

ThinGuy/fix-bind-options.sh

Last active June 16, 2019 20:31
Show Gist options
  • Save ThinGuy/12ea2633543720f31d8280739c367c92 to your computer and use it in GitHub Desktop.
Save ThinGuy/12ea2633543720f31d8280739c367c92 to your computer and use it in GitHub Desktop.
Download ZIP
Fix dnsmasq "Address already in use" error when running lxc network create; updated to deal with disabled ipv6 and lxd snap
Raw
fix-bind-options.sh
# This error happens when dnsmasq tries to start on a host that:
# 1) Is running the bind9.service (named)
# 2) Host's /etc/bind/named.conf.options is missing or has "any" set for listen-on[-v6] declarations.
#
# named creates a listener for the virtual ethernet that conflicts with the lisenter created by dnsmasq
#
# Fix is to tell named to only listen to IPs on physical nics
#
# The function below tries to determine phyical and loopback nics and edits /etc/bind/named.conf.options accordingly
fix-bind-listen() {
local -a BINDIPS=($((echo lo && ip 2>/dev/null link|/bin/grep -oP '(?<=^[0-9]: |^[0-9]{2}: )[e|s|w|b][^\:|^\@]+')|xargs -I{} -n1 -P1 ip a show dev {}|grep -oP '(?<=inet |inet6 )[^/]+'|sort -uV))
sudo sed \
-e '/listen-on.*$/d' \
-e '$i listen-on { '$(printf "%s\n" ${BINDIPS[@]}|sed "/:/d"|paste -sd";")'; };\nlisten-on-v6 { '$(printf "%s\n" ${BINDIPS[@]}|sed "/\./d"|paste -sd";")'; };' \
-i /etc/bind/named.conf.options
[[ -n $(grep -oP '(^|\s)\Klisten-on-v6 { ; };(?=\s|$)' /etc/bind/named.conf.options) ]] && sudo sed '/listen-on-v6/d' -i /etc/bind/named.conf.options
sudo systemctl restart bind9.service
}
### MAAS Variation to ensure MAAS VIP is inserted and PSQL VIP is excluded
fix-bind-listen-maas() {
[[ -f /etc/maas/regiond.conf ]] && local MAAS_VIP=$(sudo grep -oP '(?<=//)[^:]+' /etc/maas/regiond.conf) || local MAAS_VIP=
[[ -f /etc/maas/regiond.conf ]] && local PSQL_VIP=$(sudo grep -oP '(?<=database_host: )[^$]+' /etc/maas/regiond.conf) || local PSQL_VIP=
local -a BINDIPS=($((echo lo && ip 2>/dev/null link|/bin/grep -oP '(?<=^[0-9]: |^[0-9]{2}: )[e|s|w|b][^\:|^\@]+')|xargs -I{} -n1 -P1 ip a show dev {}|grep -oP '(?<=inet |inet6 )[^/]+'|sort -uV))
sudo sed \
-e '/listen-on.*$/d' \
-e '$i listen-on { '$([[ -n ${PSQL_VIP} ]] && printf "%s\n" ${MAAS_VIP} ${BINDIPS[@]}|sed -E "/:|${PSQL_VIP}/d"|paste -sd";" || printf "%s\n" ${MAAS_VIP} ${BINDIPS[@]}|sed -E "/:/d"|paste -sd";")'; };\nlisten-on-v6 { '$(printf "%s\n" ${BINDIPS[@]}|sed "/\./d"|paste -sd";")'; };' \
-i /etc/bind/named.conf.options
[[ -n $(grep -oP '(^|\s)\Klisten-on-v6 { ; };(?=\s|$)' /etc/bind/named.conf.options) ]] && sudo sed '/listen-on-v6/d' -i /etc/bind/named.conf.options
sudo systemctl restart bind9.service
}
# For existing LXD containers that did not get an ip address:
# Note: In this case 'systemctl status lxd' may show something like: Jan 16 22:01:34 mgmt01 dnsmasq[18400]: failed to create listening socket for 10.6.220.1: Address already in use
# sudo systemctl restart lxd.service
# lxc restart <container name w/o IP>
### or for snap-based lxd installs ###
# sudo snap restart lxd
# lxc restart <container name w/o IP>
@ThinGuy
Copy link
Author

ThinGuy commented Nov 17, 2018
edited
Loading 

$ lxc network create lxdbr0 ipv4.address=192.168.120.1/24 ipv4.nat=true ipv6.address=none

Error: Failed to run: dnsmasq --strict-order --bind-interfaces
--pid-file=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.pid
--except-interface=lo --interface=lxdbr0 --quiet-dhcp --quiet-dhcp6 --quiet-ra
--listen-address=192.168.120.1 --dhcp-no-override --dhcp-authoritative
--dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.leases
--dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.hosts
--dhcp-range 192.168.120.2,192.168.120.254,1h -s lxd -S /lxd/
--conf-file=/var/snap/lxd/common/lxd/networks/lxdbr0/dnsmasq.raw -u lxd:
dnsmasq: failed to create listening socket for 192.168.120.1: Address already
in use

$ fix-bind-listen
$ lxc network create lxdbr0 ipv4.address=192.168.120.1/24 ipv4.nat=true ipv6.address=none

Network lxdbr0 created

@ThinGuy
Copy link
Author

ThinGuy commented Jan 17, 2019 

~$ cat /etc/bind/named.conf.options
//
// This file is managed by MAAS. Although MAAS attempts to preserve changes
// made here, it is possible to create conflicts that MAAS can not resolve.
//
// DNS settings available in MAAS (for example, forwarders and
// dnssec-validation) should be managed only in MAAS.
//
// The previous configuration file was backed up at:
//     /etc/bind/named.conf.options.2019-01-17T04:35:58.224852
//
options { directory "/var/cache/bind";
auth-nxdomain no;
listen-on-v6 { any; };
include "/etc/bind/maas/named.conf.options.inside.maas"; };

~$ fix-bind-listen

~$ cat /etc/bind/named.conf.options
//
// This file is managed by MAAS. Although MAAS attempts to preserve changes
// made here, it is possible to create conflicts that MAAS can not resolve.
//
// DNS settings available in MAAS (for example, forwarders and
// dnssec-validation) should be managed only in MAAS.
//
// The previous configuration file was backed up at:
//     /etc/bind/named.conf.options.2019-01-17T04:35:58.224852
//
options { directory "/var/cache/bind";
auth-nxdomain no;
listen-on { 10.38.14.51;10.38.14.55;127.0.0.1; };
listen-on-v6 { fe80::3c00:19ff:fe03:73a0;::1; };
include "/etc/bind/maas/named.conf.options.inside.maas"; };

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment