dnsmasq: Listen only on loopback and disable DHCP

Dnsmasq functions as DHCP and DNS servers by default and listens on all
interfaces. This conflicts with other DHCP or DNS servers already on
the network and corrupts DNS configuration on Windows systems.

We noticed that after installing docker, the Linux system became a
magnet for DNS requests coming from Windows systems. Dnsmasq is a
dependency for lxc which is recommended for docker.

Windows periodically broadcasts DHCPInform and DHCP servers reply with
DHCPAck. If the DHCPAck from the Linux target reaches the Windows
system first, Windows changes its DNS server IP to the Linux system
running dnsmasq. Dnsmasq ends up forwarding the DNS requests to the
official DNS server and replies back the answer to the original
requestor. The Linux system transparently becomes a DNS proxy on the
subnet.

Signed-off-by: Ovidiu Vancea <ovidiu.vancea@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>

1 files changed, 2 insertions, 2 deletions

diff --git a/meta-networking/recipes-support/dnsmasq/files/dnsmasq.conf b/meta-networking/recipes-support/dnsmasq/files/dnsmasq.conf
index 1a198a3791..bd0ee001a2 100755
--- a/meta-networking/recipes-support/dnsmasq/files/dnsmasq.conf
+++ b/meta-networking/recipes-support/dnsmasq/files/dnsmasq.conf
@@ -77,7 +77,7 @@ bogus-priv
 #except-interface=
 # Or which to listen on by address (remember to include 127.0.0.1 if
 # you use this.)
-#listen-address=
+listen-address=127.0.0.1
 
 # On systems which support it, dnsmasq binds the wildcard address,
 # even when it is listening on only some interfaces. It then discards
@@ -114,7 +114,7 @@ bogus-priv
 # repeat this for each network on which you want to supply DHCP
 # service.
 #dhcp-range=192.168.0.50,192.168.0.150,12h
-dhcp-range=10.0.0.10,10.0.0.200,2h
+#dhcp-range=10.0.0.10,10.0.0.200,2h
 
 # This is an example of a DHCP range where the netmask is given. This
 # is needed for networks we reach the dnsmasq DHCP server via a relay