This issue is reproducible on RH-7.x, RH-8.x and RH-9.x
By default dnsmasq allow only a single instance to bind tcp/udp port 53 to single instance but with bind-dynamic it allows more and more.
Note: in RH-9 you have to disable bind-interface in dnsmasq.conf.
Reprocer steps:
*** Without bind-dynamic ***
[root@192 ~]# grep bind /etc/dnsmasq.d/a.conf
#bind-dynamic
[root@192 ~]#
[root@192 ~]# systemctl restart dnsmasq
[root@192 ~]#
[root@192 ~]# ps -ef | grep dnsmasq
dnsmasq 2782 1 0 07:51 ? 00:00:00 /usr/sbin/dnsmasq
root 2784 2515 0 07:51 pts/1 00:00:00 grep --color=auto dnsmasq
[root@192 ~]#
- netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]# dnsmasq -help
dnsmasq: failed to create listening socket for port 53: Address already in use
[root@192 ~]#
*** with bind-dynamic ***
You can have multiple different services binding the same ip and the same port.
This causes disruption for clients. Like in the case of openshift 3.x (rh-7) where some changes (related to openshift internal domain) are pushed via D-BUS. SDN pushes changes via dbus to X service but when traffic comes to Y service, it doesn't understand that and forwards the traffic to the forwarder causing internal dns resolution failure.
[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# ps -ef | grep dnsmasq
dnsmasq 2834 1 0 07:53 ? 00:00:00 /usr/sbin/dnsmasq
dnsmasq 2847 1 0 07:54 ? 00:00:00 dnsmasq -help
root 2849 2515 0 07:54 pts/1 00:00:00 grep --color=auto dnsmasq
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#
[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29925 2855/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#
[root@192 ~]# dnsmasq -help
[root@192 ~]#
[root@192 ~]# netstat -neopa | grep dnsmasq | grep -w udp
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 30000 2861/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29925 2855/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29832 2847/dnsmasq off (0.00/0/0)
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 29667 2834/dnsmasq off (0.00/0/0)
[root@192 ~]#
- links to