Red Hat Bugzilla – Bug 854137
dnsmasq option filterwin2k prevents domain-integrated VMs from reaching the domain-controller
Last modified: 2012-09-08 23:59:04 EDT
Description of problem:
libvirt runs the dnsmasq process for virtual networks with the option "filterwin2k" which should prevent windows machines to trigger dial-on-demand lines by filtering domain-traffic. But this also prevents windows machines to reach a domain-controller if they're part of the domain. As workaround you can configure the domain-controller as dns-server manually, but that's actually not what you want in an dhcp-enabled network.
Please add a way to disable the "filterwin2k" flag, so it's possible to have domain-integrated VMs work without manual configuration of the network settings.
Version-Release number of selected component (if applicable):
Install Win2k/XP/7 as VM in an dhcp-enabled virtual network and add it to a domain. Domain-Controller won't be reached for domain-login, automatic share mapping etc until you configure the domain-controller as dns-server manually
Steps to Reproduce:
1. Install Win2k/XP77 as VM in an dhcp-enabled virtual network
2. Join a Domain
3. Try to login with domain-account
4. Configure network card to use the domain-controller as dns-server
5. Try to login with domain-account
In step 3, login should fail. In step 5, it'll work.
Login should work in step 3
This extra option was inadvertantly/incorrectly added in a patch just prior to 0.10.1. It has subsequently been removed with the following patch, so it will be fixed in the next upstream release:
Author: Gene Czarcinski <firstname.lastname@example.org>
Date: Thu Sep 6 12:08:22 2012 -0400
remove dnsmasq command line parameter "--filterwin2k"
This patch removed the "--filterwin2k" dnsmasq command line
parameter which was unnecessary for domain specification,
possibly blocked some usage, and was command line clutter.