I’m running LXD as a VM host for MAAS, and configured lxd to not provide dns / dhcp for lxdbr0, ie.
lxc network set lxdbr0 dns.mode=none
lxc network set lxdbr0 ipv4.dhcp=false
lxc network set lxdbr0 ipv6.dhcp=false
It seems however that LXD still wants to start a dnsmasq for lxdbr0.
Now this works well enough if MAAS is brought up after LXD but if e.g. during a reboot MAAS named comes up first and binds to *:53 , and LXD dnsmasq comes later then this results in LXD unhappiness:
2025-11-07T08:55:15.362721+00:00 dev1 lxd.daemon[1633]: time="2025-11-07T08:55:15Z" level=error msg="Failed initializing network" err="Failed starting: The DNS and DHCP service exited prematurely: exit status 2 (\"dnsmasq: failed to create listening socket for 10.128.169.1: Address already in use\")" network=lxdbr0 project=default
I wonder why LXD still needs to run dnsmasq , natting maybe? Is there a way to tell dnsmasq not to give up because it can’t bind to :53? I guess otherwise I could hardwire the boot order so that LXD always comes first but it does feel a little messay
LXD’s managed DNS service only binds to the relevant network interface, and not all interfaces.
Perhaps MAAS can be configured to do the same so the two can co-exist (like multiple LXD bridge networks can).
dns.mode only changes the behaviour of DNS records generated, but dnsmasq will still be started if none is specified in order to provide DNS resolution.
Currently the only way to prevent dnsmasq from listening on lxdbr0 IP is to prevent it starting, which can be achieved using:
lxc network set lxdbr0 ipv4.address=none ipv6.address=none
However that effectively prevents external connectivity entirely as lxdbr0 bridge can no longer operate as a router.
It would be worth raising this issue with MAAS and seeing if its possible to make it behave more conservatively in terms of listening on all interfaces, and avoid listening on those it doesn’t manage.