Hello,
I have configured multiple interfaces on my router Mikrotik eEX S:
WAN, LAN, DMZ
On LAN and DMZ interface I have setup a DHCP server.
WAN and LAN interface are working w/o major issues.
However, when I connect a client to DMZ interface, the client is not getting an IP.
I can connect the same client to LAN interface and there are no issues.
My understanding is that DHCP configuration of LAN and DMZ interface should be some.
But when I check the configuration in /etc/config/dhcp I can see this:
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option dns_service '0'
config dhcp 'dmz'
option interface 'dmz'
option start '100'
option limit '10'
option leasetime '10m'
list ra_flags 'none'
config domain
option name 'homer'
option ip '172.16.1.100'
config host
option name 'homer'
option dns '1'
option mac '00:40:95:30:3F:96'
option ip '172.16.1.100'
Questions:
- What is causing the differences in config of interface LAN and DMZ? I cannot see a major difference in Luci.
- What is the function of section config domain?
- What is the function of
option dns '1'
in section config host?
In system log I have these entries:
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: Connected to system UBus
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: started, version 2.85 cachesize 150
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: DNS service limited to local subnets
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: UBus support enabled: connected to system bus
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: DNSSEC validation enabled
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: configured with trust anchor for <root> keytag 20326
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq-dhcp[28327]: DHCP, IP range 172.16.9.100 -- 172.16.9.109, lease time 10m
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq-dhcp[28327]: DHCP, IP range 172.16.1.100 -- 172.16.1.249, lease time 12h
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain test
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain onion
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain localhost
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain local
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain invalid
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain bind
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using nameserver 127.0.0.1#5453
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: using only locally-known addresses for domain lan
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: read /etc/hosts - 4 addresses
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: read /tmp/hosts/dhcp.cfg01411c - 4 addresses
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq-dhcp[28327]: read /etc/ethers - 0 addresses
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: read /etc/hosts - 4 addresses
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq[28327]: read /tmp/hosts/dhcp.cfg01411c - 4 addresses
Fri Apr 29 20:11:01 2022 daemon.info dnsmasq-dhcp[28327]: read /etc/ethers - 0 addresses
Fri Apr 29 20:11:07 2022 daemon.info dnsmasq-dhcp[28327]: DHCPDISCOVER(lan4) dc:a6:32:8b:ca:11
Fri Apr 29 20:11:07 2022 daemon.info dnsmasq-dhcp[28327]: DHCPOFFER(lan4) 172.16.9.102 dc:a6:32:8b:ca:11
Fri Apr 29 20:11:07 2022 daemon.warn dnsmasq-dhcp[28327]: Error sending DHCP packet to 172.16.9.102: Operation not permitted
Fri Apr 29 20:11:13 2022 daemon.info dnsmasq-dhcp[28327]: DHCPDISCOVER(lan4) dc:a6:32:8b:ca:11
Fri Apr 29 20:11:13 2022 daemon.info dnsmasq-dhcp[28327]: DHCPOFFER(lan4) 172.16.9.102 dc:a6:32:8b:ca:11
Fri Apr 29 20:11:13 2022 daemon.warn dnsmasq-dhcp[28327]: Error sending DHCP packet to 172.16.9.102: Operation not permitted
Fri Apr 29 20:11:13 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:11:28 2022 daemon.info dnsmasq-dhcp[28327]: DHCPDISCOVER(lan4) dc:a6:32:8b:ca:11
Fri Apr 29 20:11:28 2022 daemon.info dnsmasq-dhcp[28327]: DHCPOFFER(lan4) 172.16.9.102 dc:a6:32:8b:ca:11
Fri Apr 29 20:11:28 2022 daemon.warn dnsmasq-dhcp[28327]: Error sending DHCP packet to 172.16.9.102: Operation not permitted
Fri Apr 29 20:11:29 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:11:29 2022 kern.warn kernel: [37293.691212] REJECT wan in: IN=wan OUT= MAC=ff:ff:ff:ff:ff:ff:c8:0e:14:de:97:70:08:00 SRC=192.168.1.1 DST=192.168.1.255 LEN=240 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=220 MARK=0x3f00
Fri Apr 29 20:11:45 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:12:01 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:12:03 2022 daemon.info dnsmasq-dhcp[28327]: DHCPDISCOVER(lan4) dc:a6:32:8b:ca:11
Fri Apr 29 20:12:03 2022 daemon.info dnsmasq-dhcp[28327]: DHCPOFFER(lan4) 172.16.9.102 dc:a6:32:8b:ca:11
Fri Apr 29 20:12:03 2022 daemon.warn dnsmasq-dhcp[28327]: Error sending DHCP packet to 172.16.9.102: Operation not permitted
Fri Apr 29 20:12:13 2022 kern.warn kernel: [37337.037391] REJECT wan in: IN=wan OUT= MAC=ff:ff:ff:ff:ff:ff:66:d5:ee:d4:d2:ad:08:00 SRC=192.168.1.74 DST=192.168.1.255 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=32501 DF PROTO=UDP SPT=57621 DPT=57621 LEN=48 MARK=0x3f00
Fri Apr 29 20:12:17 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:12:29 2022 kern.warn kernel: [37353.791202] REJECT wan in: IN=wan OUT= MAC=ff:ff:ff:ff:ff:ff:c8:0e:14:de:97:70:08:00 SRC=192.168.1.1 DST=192.168.1.255 LEN=240 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=220 MARK=0x3f00
Fri Apr 29 20:12:33 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:12:49 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
Fri Apr 29 20:13:05 2022 daemon.err odhcpd[1993]: Failed to send to ff02::1%lan@lan3 (Permission denied)
THX