From cf831a26a18118176b3da35e8f3b1d173403e150 Mon Sep 17 00:00:00 2001
From: Maciej Relewicz <mrelewicz@mirantis.com>
Date: Thu, 14 Jan 2016 15:20:01 +0100
Subject: [PATCH] dnsmasq binds only to interfaces it is listening on

To protects against postponing unnecessary error texts in logs.

Change-Id: I22254199bb1c1aba782cde5a615735f15db71623
Closes-Bug: #1533810
---
 deployment/puppet/cobbler/templates/dnsmasq.template.erb | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/deployment/puppet/cobbler/templates/dnsmasq.template.erb b/deployment/puppet/cobbler/templates/dnsmasq.template.erb
index 3a96ac1240..d70f8dea35 100644
--- a/deployment/puppet/cobbler/templates/dnsmasq.template.erb
+++ b/deployment/puppet/cobbler/templates/dnsmasq.template.erb
@@ -19,6 +19,14 @@ server=/<%= @dns_domain %>/<%= dns %>
 resolv-file=/etc/dnsmasq.upstream
 interface=<%= @dhcp_interface %>
 
+# On systems which support it, dnsmasq binds the wildcard address,
+# even when it is listening on only some interfaces. It then discards
+# requests that it shouldn't reply to. This has the advantage of
+# working even when interfaces come and go and change address. If you
+# don't want dnsmasq to really bind only the interfaces it is listening on,
+# comment this option.
+bind-interfaces
+
 cache-size=1024
 
 # This is one of the key options. dnsmasq tries to move out servername