Just a few notes on configuring the built in DNS name-resolver for KVM (libvirtd).
Not really secrets, because everything below is documented on the libvirt wiki under Network XML Format.
If you want to pass a search domain to virtual hosts that get their network config automatically with DHCP, you can add a domain tag to each virtual network config, like the "default" network.
Use virsh net-edit to modify the existing config:
$ virsh net-edit default
The tag will look like this:
<domain name='example.com'/>
Here's what it would look like in the context of a complete config:
<network>
<name>default</name>
<uuid>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='xx:xx:xx:xx:xx:xx'/>
<domain name='example.com' localOnly='no'/>
<ip address='192.168.127.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.127.2' end='192.168.127.254'/>
</dhcp>
</ip>
</network>
To effect the change, destroy and then start the libvirt network:
$ virsh net-destroy default
$ virsh net-start default
Confirm with virsh net-dumpxml default.
Use virsh net-edit to add lines in the section of a network config. Here's what that would look like:
<network>
<name>default</name>
<uuid>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='xx:xx:xx:xx:xx:xx'/>
<domain name='example.com' localOnly='no'/>
<ip address='192.168.127.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.127.2' end='192.168.127.254'/>
<host mac='xx:xx:xx:xx:xx:xx' name='serv01' ip='192.168.127.3'
<host mac='xx:xx:xx:xx:xx:xx' name='serv02' ip='192.168.127.4'
</dhcp>
</ip>
</network>
To effect the change, destroy (stop) and then start the libvirt network:
$ virsh net-destroy default
$ virsh net-start default
Confirm with virsh net-dumpxml default.
Many of us have our own private DNS service of some kind to resolve internal host names. In my case, an EdgeRouter 4 running its own copy of dnsmasq.
This configuration is done on a per-virtual network basis, like the "default" network.
Edit the network config using virsh:
$ virsh net-edit default
Inside the config, add a tag that looks something like this (where 10.0.1.1 is the internal address of the DNS service):
<dns>
<forwarder-addr='10.0.1.1'/>
</dns>
To see what that looks like in context, here's the entire network config around it:
<network>
<name>default</name>
<uuid>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='xx:xx:xx:xx:xx:xx'/>
<domain name='example.com' localOnly='no'/>
<dns>
<forwarder addr='10.0.1.1'/>
</dns>
<ip address='192.168.127.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.127.2' end='192.168.127.254'/>
</dhcp>
</ip>
</network>
To effect the change, destroy and then start the libvirt network:
$ virsh net-destroy default
$ virsh net-start default
Confirm with virsh net-dumpxml default.
NOTE: The system may throw an error when you go to restart like:
error: Failed to start network default
error: internal error: Check the host setup: enabling IPv6 forwarding with RA routes
without accept_ra set to 2 is likely to cause routes loss. Interfaces to look at: br0
To fix this you'll need to tune the system kernel with the command:
$ sudo sysctl -w net.ipv6.conf.br0.accept_ra=2
Make it permanent by adding this to the end of /etc/sysctl.conf:
net.ipv6.conf.br0.accept_ra=2