
Libvirt hook for systemd-resolved integration to resolve libvirt network domains

Primary LanguagePythonMIT LicenseMIT


Libvirt hooks for setting up DNS with systemd resolved.


  • Requires Python3
  • This obviously requires that you use systemd-resolved and not other dns resolvers locally. This is mostly the case with Ubuntu 20.04, Fedora 34+ and Debian 10.
  • You will need libvirt up and running.
  • <domain name="$DOMAIN_NAME"/> MUST be defined. Example xml for default network, with domain default.kvm is shown below.
      <forward mode='nat'>
          <port start='1024' end='65535'/>
      <bridge name='virbr0' stp='on' delay='0'/>
      <mac address='52:54:00:74:d1:bf'/>
      <domain name='default.kvm'/>
      <ip address='' netmask=''>
          <range start='' end=''/>
          <host mac='52:54:00:DA:4A:4B' name='ansible' ip=''/>

Please note that changes in network configuration requires network to be destroyed and redefined.


Installing is simple as placing hook in /etc/libvirt/hooks/network.d and ensure that it is executable.

sudo make install


resolvectl should show you per link domains

resolvectl --no-pager domain

Disallowing Public Suffixes

  • Known public suffixes are disallowed from being configured as routing domains
  • This is achieved via public suffix list at /usr/share/publicsuffix/public_suffix_list.dat This is already installed on most Desktop and server systems.


  • If using Debian, Ubuntu, Linux Mint, Pop!_OS, Raspbian or other debian derivatives,
    apt-get install publicsuffix
  • If using Fedora, CentOS, RHEL, Amazon Linux 2022
    dnf install publicsuffix-list
  • If using ArchLinux, Manjaro or other Arch derivatives,
    pacman -S publicsuffix-list
  • If using OpenSUSE,
    zypper install publicsuffix