came from the host's IP.
There are a few other options that are configurable only for the passt
-backend. For example, the ``<backend>`` attribute ``logFile`` can be
-used to tell the passt process for this interface where to write its
-message log, and the ``<source>`` attribute ``dev`` can tell it a
-particular host interface to use when deriving the routes given to the
-guest for forwarding traffic upstream. Due to the design decisions of
-passt, when using SELinux on the host, it is recommended that the log
-file reside in the runtime directory of the user under which the passt
-process will run, most probably ``/run/user/$UID`` (where ``$UID`` is
-the UID of that user), e.g. ``/run/user/1000``. Be aware that libvirt
-does not create this directory if it does not already exist to avoid
-possible, however unlikely, issues with orphaned directories or
-permissions, etc. The logfile attribute is meant mostly for debugging,
-so it shouldn't be set under normal circumstances.
+backend. For example, the ``<backend>`` subelement's attribute
+``logFile`` can be used to tell the passt process for this interface
+where to write its message log (:since:`since 9.0.0`)[\*], while the
+``hostname`` attribute is used to set the hostname sent to the guest
+in a DHCPv4 response (using option 12) (:since:`since 11.8.0`), and
+``fqdn`` sets the "fully qualified domain name" sent to the guest in
+DHCPv4 response option 81 and DHCPv6 response option 39 (:since:`since
+11.8.0`). Also, the ``<source>`` subelement attribute ``dev`` can
+tell passt a particular host interface to use when deriving the routes
+given to the guest for forwarding traffic upstream.
+
+[\*] *Due to the design decisions of passt, when using SELinux on the
+host, it is recommended that the log file reside in the runtime
+directory of the user under which the passt process will run, most
+probably ``/run/user/$UID`` (where ``$UID`` is the UID of that user),
+e.g. ``/run/user/1000``. Be aware that libvirt does not create this
+directory if it does not already exist to avoid possible, however
+unlikely, issues with orphaned directories or permissions, etc. The
+logfile attribute is meant mostly for debugging, so it shouldn't be
+set under normal circumstances.*
Additionally, when passt is used, multiple ``<portForward>`` elements
can be added to forward incoming network traffic for the host to this
<devices>
...
<interface type='user'>
- <backend type='passt' logFile='/run/user/$UID/passt-domain.log'/>
+ <backend type='passt' hostname='bob' logFile='/run/user/$UID/passt-domain.log'/>
<mac address="00:11:22:33:44:55"/>
<source dev='eth0'/>
<ip family='ipv4' address='172.17.5.4' prefix='24'/>
...
<devices>
<interface type='vhostuser'>
- <backend type='passt'/>
+ <backend type='passt' fqdn='bob.example.com'/>
<mac address='52:54:00:3b:83:1a'/>
<source dev='enp1s0'/>
<ip address='10.30.0.5' prefix='24'/>
g_free(def->backend.tap);
g_free(def->backend.vhost);
g_free(def->backend.logFile);
+ g_free(def->backend.hostname);
+ g_free(def->backend.fqdn);
virDomainNetTeamingInfoFree(def->teaming);
g_free(def->virtPortProfile);
g_free(def->script);
}
def->backend.logFile = virXMLPropString(node, "logFile");
+ def->backend.hostname = virXMLPropString(node, "hostname");
+ def->backend.fqdn = virXMLPropString(node, "fqdn");
if (tap)
def->backend.tap = virFileSanitizePath(tap);
if (src->type != dst->type ||
STRNEQ_NULLABLE(src->tap, dst->tap) ||
STRNEQ_NULLABLE(src->vhost, dst->vhost) ||
- STRNEQ_NULLABLE(src->logFile, dst->logFile)) {
+ STRNEQ_NULLABLE(src->logFile, dst->logFile) ||
+ STRNEQ_NULLABLE(src->hostname, dst->hostname) ||
+ STRNEQ_NULLABLE(src->fqdn, dst->fqdn)) {
return false;
}
return true;
virBufferEscapeString(&attrBuf, " tap='%s'", backend->tap);
virBufferEscapeString(&attrBuf, " vhost='%s'", backend->vhost);
virBufferEscapeString(&attrBuf, " logFile='%s'", backend->logFile);
+ virBufferEscapeString(&attrBuf, " hostname='%s'", backend->hostname);
+ virBufferEscapeString(&attrBuf, " fqdn='%s'", backend->fqdn);
virXMLFormatElement(buf, "backend", &attrBuf, NULL);
}
char *vhost;
/* The following are currently only valid/used when backend type='passt' */
char *logFile; /* path to logfile used by passt process */
+ char *hostname; /* hostname of the passt process */
+ char *fqdn; /* fully qualified domain name of the passt process */
};
struct _virDomainNetPortForwardRange {
}
}
- if (net->sourceDev && net->backend.type != VIR_DOMAIN_NET_BACKEND_PASST) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("The 'dev' attribute of the <source> element can only be used with <interface> type='user' or type='vhostuser' if the <backend> type='passt'"));
- return -1;
+ if (net->backend.type != VIR_DOMAIN_NET_BACKEND_PASST) {
+ if (net->sourceDev) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("The 'dev' attribute of the <source> element can only be used with <interface> type='user' or type='vhostuser' if the <backend> type='passt'"));
+ return -1;
+ }
+ if (net->backend.fqdn) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("The 'fqdn' attribute of the <backend> element can only be used with the <backend> type='passt'"));
+ return -1;
+ }
+ if (net->backend.hostname) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("The 'fqdn' attribute of the <backend> element can only be used with the <backend> type='passt'"));
+ return -1;
+ }
}
if (net->nPortForwards > 0) {
<ref name="absFilePath"/>
</attribute>
</optional>
+ <optional>
+ <attribute name="hostname">
+ <ref name="dnsName"/>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="fqdn">
+ <ref name="dnsName"/>
+ </attribute>
+ </optional>
</element>
</optional>
<optional>
if (net->backend.logFile)
virCommandAddArgList(cmd, "--log-file", net->backend.logFile, NULL);
+ if (net->backend.hostname)
+ virCommandAddArgList(cmd, "--hostname", net->backend.hostname, NULL);
+
+ if (net->backend.fqdn)
+ virCommandAddArgList(cmd, "--fqdn", net->backend.fqdn, NULL);
+
/* Add IP address info */
for (i = 0; i < net->guestIP.nips; i++) {
const virNetDevIPAddr *ip = net->guestIP.ips[i];
<range start='443' to='344'/>
</portForward>
<model type='rtl8139'/>
- <backend type='passt' logFile='/var/log/loglaw.blog'/>
+ <backend type='passt' logFile='/var/log/loglaw.blog' hostname='hostname1' fqdn='hostname1.test.local'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</interface>
<input type='mouse' bus='ps2'/>
<range start='443' to='344'/>
</portForward>
<model type='rtl8139'/>
- <backend type='passt' logFile='/var/log/loglaw.blog'/>
+ <backend type='passt' logFile='/var/log/loglaw.blog' hostname='hostname1' fqdn='hostname1.test.local'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</interface>
<input type='mouse' bus='ps2'/>
<range start='443' to='344'/>
</portForward>
<model type='rtl8139'/>
- <backend type='passt' logFile='/var/log/loglaw.blog'/>
+ <backend type='passt' logFile='/var/log/loglaw.blog' hostname='hostname1' fqdn='hostname1.test.local'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</interface>
<input type='mouse' bus='ps2'/>
<range start='443' to='344'/>
</portForward>
<model type='virtio'/>
- <backend type='passt' logFile='/var/log/loglaw.blog'/>
+ <backend type='passt' logFile='/var/log/loglaw.blog' hostname='hostname1' fqdn='hostname1.test.local'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</interface>
<interface type='vhostuser'>
<range start='443' to='344'/>
</portForward>
<model type='virtio'/>
- <backend type='passt' logFile='/var/log/loglaw.blog'/>
+ <backend type='passt' logFile='/var/log/loglaw.blog' hostname='hostname1' fqdn='hostname1.test.local'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</interface>
<interface type='vhostuser'>
projects / thirdparty / libvirt.git / commitdiff
