DNS forwarding service listens-on inexistent interfaces
Open, HighPublic

Description

Sequence of commands to the error:
set service dns forwarding listen-on bond027 (a non existent bonding interface)
commit
ERROR!
[ service dns forwarding listen-on bond027 ]
interface bond027 does not exist on system

but if you try "discard" nothing happens and if you "save" you obtain this line in the configuration file
"listen-on bond027" under dns section, which should not exist...

Details

Difficulty level
Easy (less than an hour)
syncer triaged this task as High priority.Aug 14 2016, 1:30 PM
syncer added subscribers: VyOS 1.1.x, VyOS 1.1.x (1.1.8).
dmbaturin closed this task as Wontfix.Aug 24 2016, 5:38 PM
dmbaturin claimed this task.
dmbaturin added subscribers: UnicronNL, dmbaturin.

As @UnicronNL says, lines about nonexistent interfaces have no effect on dnsmasq functionality.

But what's worse, is that making it a commit fail will break the configs of those people who carelessly left a nonexistent interface in their DNS forwarding config, it will fail to load at boot time after upgrade.

As much as I hate generating configs that make no sense, leaving those people with potentially inaccessible systems after they upgrade (DNS loads before SSH AFAIR) is not an acceptable cost of somewhat tidier generated configs.

oliveriandrea reopened this task as Open.Aug 25 2016, 8:45 AM

As @UnicronNL says, lines about nonexistent interfaces have no effect on dnsmasq functionality.

But what's worse, is that making it a commit fail will break the configs of those people who carelessly left a nonexistent interface in their DNS forwarding config, it will fail to load at boot time after upgrade.

As much as I hate generating configs that make no sense, leaving those people with potentially inaccessible systems after they upgrade (DNS loads before SSH AFAIR) is not an acceptable cost of somewhat tidier generated configs.

Sorry but I don't understand.
If this problem in configuration script could break the boot config why do you set the state "Wontfix" at the ticket? Ok, dnsmasq is able to work also with non existent interface but I think it is important to block the configurator script to insert in the configuration file a wrong line, right?

As it is now it can not break the config, that is why "wontfix".
If we block it then configs that have non existent interfaces in them (due to breakage or removed and forgot to remove from dns forwarding) will fail at boot.

As it is now it can not break the config, that is why "wontfix".
If we block it then configs that have non existent interfaces in them (due to breakage or removed and forgot to remove from dns forwarding) will fail at boot.

Ok, but why don't deny the possibility to the user to insert an inexistent interface with "set service dns...." ?
I think that, if in future dnsmasq checks for inexistent interfaces and we permit to the user to insert it in the configuration, we will have some problems.

syncer edited subscribers, added: VyOS 1.2.x; removed: VyOS 1.1.x (1.1.8), VyOS 1.1.x.