OK testing with a second device, updated fw to:
config zone
option name 'guest'
option output 'ACCEPT'
list network 'guest'
option input 'REJECT'
option forward 'REJECT'
config forwarding
option src 'guest'
option dest 'wan'
config rule
option name 'DNS and DHCP guest'
option src 'guest'
option target 'ACCEPT'
option dest_port '53 67'
list proto 'udp'
Same issue,tried with laptop and a restart of router, get the same 169. ip on my laptop as well...
It should work this way, but (as a last suggestion) try using the empty bridge as a device to see if it makes a difference.
config device
option type 'bridge'
option name 'br-guest'
option bridge_empty '1'
config interface 'guest'
option proto 'static'
option ipaddr '10.20.30.40'
option netmask '255.255.255.0'
option device 'br-guest'
Same issue, sorry.. Thanks for helping out tho.! 
Since I've spent a couple of hours and maybe a day on this and not figuring out what is wrong, I don't know what to do but hope for some more input.
Might be something a fresh install could solve but I don't want to go there just yet....
Did you delete this just to make sure that the existence of a device and interface sharing the same name is not causing the problem?
Yes I removed it. Tested without any config device as well.
Hi guys,
any good hints on what to do here? I tested with a new device (iphone) and it's still a 169.254. address that it gets from the guest wifi.
Thanks
a bit hard to follow what you tried so far but in general you have three things to sort out:
i suggest to start by resetting your owrt router to default and start over.
the wiki article you linked should work though. but looks you did not follow through:
169.254 is a fallback self assigned ip address, for sure not coming from guest wifi but the oppposite actually. your iphone as has not received any ip address set this fallback address.
you did not mention what this server is. is it working, is it a valid upstream server?
FWIW from the OP
127.0.0.53 != localhost (=127.0.0.1):53
so it even possible that dnsmasq which is DNS+DHCP server cannot start because port 53 is already bind to dnscrypt hence no dhcp leases are provided.
let's focus on basics first: create the guest network, use dnsmasq only as dns and dhcp server and see if it works. then add dnscrypt if your guest clients receiving ip address and can go to internet.
Thanks guys. I can't reset my router at this moment, work and others using the network so that would be a night thing..
I did this
/etc/init.d/dnscrypt-proxy stop
uci set dhcp.@dnsmasq[0].noresolv="0"
uci commit dhcp
/etc/init.d/dnsmasq restart
Connected to guest wifi (no physical interface/this is not on port 1-4, yet). Later on I will use vlan on port 1 to my dumb ap and share guest wifi from that ap as well.
I might need a restart of the router but laptop is connected to my home network and is working fine without dnscrypt-proxy now.
I will paste network config as it is now.
fw
config zone
option name 'GuestZone'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'intguest'
config forwarding
option src 'GuestZone'
option dest 'wan'
config rule
option name 'DHCP DNS guest'
list proto 'udp'
option src 'GuestZone'
option dest_port '53 67'
option target 'ACCEPT'
network
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config globals 'globals'
config interface 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option delegate '0'
option device 'br-lan'
config interface 'wan'
option proto 'dhcp'
option device 'wan'
config device 'wan_wan_dev'
option name 'wan'
option macaddr '62:38:e0:da:5a:be'
config interface 'wan6'
option proto 'dhcpv6'
option device 'wan'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'intguest'
option proto 'static'
option ipaddr '10.10.10.1'
option netmask '255.255.255.0'
option device 'br-gjest'
config device
option type 'bridge'
option name 'br-gjest'
dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
option localservice '1'
list server '127.0.0.53'
option noresolv '0'
config dhcp 'lan'
option interface 'lan'
option limit '150'
option dhcpv4 'server'
option start '2'
option leasetime '6h'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '3'
config dhcp 'intguest'
option interface 'intguest'
option start '100'
option limit '150'
option leasetime '12h'
Hi guys. Re-installed my router and setup guest zone, dns/dhcp traffic rule, interface 'interfaceguest' and wifi interface. Still the same IP; 169.254..
Now I'm really getting worried I will not make this work Anyways, if you want me to post the latest config I'm happy to do so. If not, thanks for your help so far, and sorry for spamming.
Next I had to fix/undo a "network hardening" customization specifically in the Divested build configuration by commenting the interface=br-lan line in /etc/dnsmasq.conf (aka add a # before the line of code). Then I rebooted my network (MUST reboot to take effect).
edit: I first put this post as solution but I'm not done with the vlan part. So I will probably use this thread for help as I go..
And after a little fiddling with the VLAN it's now working!
Thanks for all your help.
I'm running divested build and had to comment the line mentioned in my reply before this one.
Marking thread as solved!
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.