RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2026765 - Can't define a TFTP server without a DHCP server in network configuration
Summary: Can't define a TFTP server without a DHCP server in network configuration
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: libvirt
Version: 9.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Michal Privoznik
QA Contact: yalzhang@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-11-25 18:27 UTC by Jiri Kortus
Modified: 2022-11-15 10:38 UTC (History)
7 users (show)

Fixed In Version: libvirt-8.5.0-1.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-11-15 10:03:03 UTC
Type: Bug
Target Upstream Version: 8.5.0
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker LIBVIRTAT-13256 0 None None None 2022-07-28 01:59:21 UTC
Red Hat Issue Tracker RHELPLAN-103992 0 None None None 2021-11-25 18:27:52 UTC
Red Hat Product Errata RHSA-2022:8003 0 None None None 2022-11-15 10:03:48 UTC

Description Jiri Kortus 2021-11-25 18:27:21 UTC 
Description of problem:
I hit the following issue with libvirt related to TFTP server setup: I needed to reconfigure an existing libvirt network to provide PXE boot. Initially, I had an existing DHCP configuration in place, based on dhcpd. I also had the isolated libvirt network setup without DHCP configuration (provided by dhcpd). Then a need came for TFTP server and as tftp-server is not available on RHEL-9, I thought I will just use the existing setup and let dnsmasq perform the TFTP server function via libvirt network configuration.

Adding only <tftp root='/var/lib/tftpboot'/> into the network definition didn't make any change to the real configuration, virsh net-edit <network> didn't show the change, as well as dnsmasq configuration file for the particular network. However, after also adding DHCP server configuration for the network, the TFTP configuration was put in place as well.

I can imagine my intended setup (DNS + TFTP via libvirt/dnsmasq and DHCP via dhcpd) can be quite unusual, although I think it should be possible to configure all of the services potentially covered by dnsmasq separately, without any unnecessary dependece among them.

Also there's another related issue - after running virsh net-create net.xml, the network is created despite parts of the XML (TFTP server configuration in my case) were ignored and no feedback (error message) was displayed.

Version-Release number of selected component (if applicable):
RHEL-9.0.0-20211122.0 / libvirt-7.9.0-1.el9.x86_64 (dnsmasq-2.85-2.el9.x86_64)

How reproducible:
100%

Steps to Reproduce:
1. Install libvirt and start libvirtd service.
2. Either create or edit an existing network, so that it defines a TFTP server, but not a DHCP server.
3. Create / restart the network with the new definition.

Actual results:
Check the network configuration - via virsh net-edit and in the running dnsmasq network configuration.

Expected results:
The network definition and running dnsmasq configuration doesn't contain TFTP server setup.

Additional info:
The network definition and running dnsmasq configuration contains TFTP server setup even without DHCP server configured in the network definition.
Comment 1 Peter Krempa 2021-11-26 07:40:09 UTC 
Generally we don't try to support every possible configuration but only those which make sense together with the usecase of running VMs. Thus any more complex setup as in the case of running a different DHCP server are not something we've designed this for, as it's not a general purpose dnsmasq config tool. That said I'm not against the idea altogheter, I just don't think this is justified for a downstream RFE.
Comment 4 Michal Privoznik 2021-12-09 15:57:14 UTC 
@jikortus is there need for this bug to be private? We like to have bugs open by default (until they contain customer sensitive data) and include links in commits. Can you please make it public?
Comment 5 Michal Privoznik 2021-12-09 16:18:33 UTC 
v1:

https://listman.redhat.com/archives/libvir-list/2021-December/msg00357.html
Comment 6 Jiri Kortus 2021-12-10 10:20:02 UTC 
Michal: Sure, I'll make it public. Thank you for fixing this bug!
Comment 7 Michal Privoznik 2022-06-01 07:46:16 UTC 
Merged upstream as:

12be42ee7e network: Generate TFTP config regardless of DHCP
bab462db6e network: Separate DHCP config generator into a function
314dac422d network: Initialize variables in networkDnsmasqConfContents()

v8.4.0-5-g12be42ee7e
Comment 8 yalzhang@redhat.com 2022-06-02 06:22:01 UTC 
Reproduce the bug on libvirt-8.3.0-1.el9.x86_64
1. define and start a network with tftp setting, but no dhcp enabled:
# virsh net-dumpxml net_boot
<network>
  <name>net_boot</name>
  <uuid>bdaf91ff-5f91-4edb-ab9f-6ac6253cae31</uuid>
  <forward mode='nat'>
    <nat>
      <port start='1024' end='65535'/>
    </nat>
  </forward>
  <bridge name='virbr1' stp='on' delay='0'/>
  <mac address='52:54:00:10:0b:a1'/>
  <ip address='192.168.120.1' netmask='255.255.255.0'>
    <tftp root='/var/lib/tftpboot'/>
  </ip>
</network>

# cat /var/lib/libvirt/dnsmasq/net_boot.conf
##WARNING:  THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST.  Changes to this configuration should be made using:
##    virsh net-edit net_boot
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
pid-file=/run/libvirt/network/net_boot.pid
except-interface=lo
bind-dynamic
interface=virbr1
addn-hosts=/var/lib/libvirt/dnsmasq/net_boot.addnhosts

there is no tftp related settings in the conf file.

Test on  v8.4.0-83-g215b2466cd:
When there is no tftp folder prepared, the network will fail to start:
# virsh net-start net_boot
error: Failed to start network net_boot
error: internal error: Child process (VIR_BRIDGE_NAME=virbr1 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/net_boot.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper) unexpected exit status 3: 
dnsmasq: TFTP directory /var/lib/tftpboot inaccessible: No such file or directory

When the tftp folder prepared, start the network:
# virsh net-start net_boot
Network net_boot started
# cat net_boot.conf
##WARNING:  THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST.  Changes to this configuration should be made using:
##    virsh net-edit net_boot
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
pid-file=/run/libvirt/network/net_boot.pid
except-interface=lo
bind-dynamic
interface=virbr1
enable-tftp
tftp-root=/var/lib/tftpboot
addn-hosts=/var/lib/libvirt/dnsmasq/net_boot.addnhosts

# netstat -anu  | grep ":69 "
udp        0      0 192.168.120.1:69        0.0.0.0:*    

try to get a file on the host:
# tftp  192.168.120.1 -c get pxelinux.0
# ll pxelinux.0 
-rw-r--r--. 1 root root 42681 Jun  2 06:06 pxelinux.0

Start a vm which connected to this network, configure a static ip like 192.168.120.20/24, and try to get a file:
# tftp  192.168.120.1 -c get pxelinux.0
# ll pxelinux.0
-rw-r--r--. 1 root root 42681 Jun  2 14:18 pxelinux.0
Comment 11 yalzhang@redhat.com 2022-07-08 01:07:05 UTC 
Test on libvirt-8.5.0-1.el9.x86_64 with the same steps in comment 8, the result is as expected.
Comment 13 errata-xmlrpc 2022-11-15 10:03:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: libvirt security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:8003
Note You need to log in before you can comment on or make changes to this bug.