DHCP stops working randomly

I have OpenWrt setup on my old computer and I got it to work as a normal router and then after a while of just using it, I noticed that the dns is not working correctly.

I set the dns to 1.1.1.1 in the lan interface but still doesn't work, I had to set the dns in my machine to be able to access the internet, so I concluded that firewall forwarding is working correctly.

I have no idea how to further debug this issue, so I just restarted the whole OpenWrt computer and now I don't even get an local IP from the DHCP, it seems like it only was routing my traffic because of some static lease (I guess).

My setup is as follows (sorry for the very long code snippets):

  • /etc/config/network
config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd98:1856:eb9f::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config interface 'lan'
	option proto 'static'
	option device 'eth0'
	option ipaddr '10.10.10.1'
	option netmask '255.255.255.0'
	list dns '127.0.0.1'
	list dns '1.1.1.1'

config interface 'wan'
	option proto 'dhcp'
	option device 'eth1
  • /etc/config/firewall
config defaults
	option syn_flood	1
	option input		REJECT
	option output		ACCEPT
	option forward		REJECT
# Uncomment this line to disable ipv6 rules
#	option disable_ipv6	1

config zone
	option name		lan
	list   network		'lan'
	option input		ACCEPT
	option output		ACCEPT
	option forward		ACCEPT

config zone
	option name		wan
	list   network		'wan'
	list   network		'wan6'
	option input		ACCEPT
	option output		ACCEPT
	option forward		REJECT
	option masq		1
	option mtu_fix		1

config forwarding
	option src		lan
	option dest		wan
[I guess other rules don't matter and I didn't touch them ]
  • /etc/config/dhcp
config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'hybrid'
	option ra 'hybrid'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

Those are the only ones that I know might be related to the problem.
I've also sat the DNS in /etc/resolv.conf to 1.1.1.1, while I was trying to get it to work. But I guess it doesn't matter since it gets overridden by some other services.

Remove these from the lan interface.

The /etc/resolv.conf is used for the OpenWrt itself only.
On your lan host you can check the DHCP lease, ipconfig in windows or /var/lib/dhcp/dhclient.eth0.leases in linux (or wherever it is storing the leases, you can check in ps -ef | grep dhc
You can also check the wan interface dhcp client with ifstatus wan along with the advertised DNS servers.

1 Like

removing the DNS addresses didn't solve the problem, also isn't the default is 127.0.0.1 anyways? or maybe it's the gateway of the wan interface?

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; \
uci export dhcp; uci export firewall; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; \
ping -c 3 1.1.1.1; nslookup openwrt.org; ifstatus wan

I assume I should run those commands in the OpenWrt machine?
Also I wanna add that my OpenWrt resolves names without an issue.

1 Like

Here is the result of running the sequence of commands on my OpenWrt machine:

Command Sequence

ubus call system board; \
uci export network; \
uci export dhcp; uci export firewall; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; \
ping -c 3 1.1.1.1; nslookup openwrt.org; ifstatus wan

Output

{
	"kernel": "5.15.150",
	"hostname": "OpenWrt",
	"system": "Intel(R) Core(TM)2 Duo CPU     E7500  @ 2.93GHz",
	"model": "Hewlett-Packard HP Compaq dc7900 Convertible Minitower",
	"board_name": "hewlett-packard-hp-compaq-dc7900-convertible-minitower",
	"rootfs_type": "ext4",
	"release": {
		"distribution": "OpenWrt",
		"version": "23.05.3",
		"revision": "r23809-234f1a2efa",
		"target": "x86/64",
		"description": "OpenWrt 23.05.3 r23809-234f1a2efa"
	}
}
package network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd98:1856:eb9f::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config interface 'lan'
	option proto 'static'
	option device 'eth0'
	option ipaddr '10.10.10.1'
	option netmask '255.255.255.0'

config interface 'wan'
	option proto 'dhcp'
	option device 'eth1'

package dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'hybrid'
	option ra 'hybrid'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

package firewall

config defaults
	option syn_flood '1'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN qlen 1000
    inet 10.10.10.1/24 brd 10.10.10.255 scope global eth0
       valid_lft forever preferred_lft forever
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    inet 192.168.1.13/24 brd 192.168.1.255 scope global eth1
       valid_lft forever preferred_lft forever
default via 192.168.1.254 dev eth1  src 192.168.1.13
10.10.10.0/24 dev eth0 scope link  src 10.10.10.1
192.168.1.0/24 dev eth1 scope link  src 192.168.1.13
local 10.10.10.1 dev eth0 table local scope host  src 10.10.10.1
broadcast 10.10.10.255 dev eth0 table local scope link  src 10.10.10.1
local 127.0.0.0/8 dev lo table local scope host  src 127.0.0.1
local 127.0.0.1 dev lo table local scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link  src 127.0.0.1
local 192.168.1.13 dev eth1 table local scope host  src 192.168.1.13
broadcast 192.168.1.255 dev eth1 table local scope link  src 192.168.1.13
0:	from all lookup local
32766:	from all lookup main
32767:	from all lookup default
lrwxrwxrwx    1 root     root            16 Mar 22 22:09 /etc/resolv.conf -> /tmp/resolv.conf
lrwxrwxrwx    1 root     root            35 May 28 12:32 /tmp/resolv.conf -> /tmp/resolv.conf.d/resolv.conf.auto
-rw-r--r--    1 root     root            41 May 28 14:31 /tmp/resolv.conf.d/resolv.conf.auto

/tmp/resolv.conf.d:
-rw-r--r--    1 root     root            41 May 28 14:31 resolv.conf.auto
==> /etc/resolv.conf <==
# Interface wan
nameserver 192.168.1.254

==> /tmp/resolv.conf <==
# Interface wan
nameserver 192.168.1.254

==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error

==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface wan
nameserver 192.168.1.254
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=56 time=18.441 ms
64 bytes from 1.1.1.1: seq=1 ttl=56 time=20.403 ms
64 bytes from 1.1.1.1: seq=2 ttl=56 time=19.320 ms

--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 18.441/19.388/20.403 ms
Server:		192.168.1.254
Address:	192.168.1.254:53

Non-authoritative answer:
Name:	openwrt.org
Address: 64.226.122.113

Non-authoritative answer:
Name:	openwrt.org
Address: 2a03:b0c0:3:d0::1a51:c001

{
	"up": true,
	"pending": false,
	"available": true,
	"autostart": true,
	"dynamic": false,
	"uptime": 5813,
	"l3_device": "eth1",
	"proto": "dhcp",
	"device": "eth1",
	"updated": [
		"addresses",
		"routes",
		"data"
	],
	"metric": 0,
	"dns_metric": 0,
	"delegation": true,
	"ipv4-address": [
		{
			"address": "192.168.1.13",
			"mask": 24
		}
	],
	"ipv6-address": [
		
	],
	"ipv6-prefix": [
		
	],
	"ipv6-prefix-assignment": [
		
	],
	"route": [
		{
			"target": "0.0.0.0",
			"mask": 0,
			"nexthop": "192.168.1.254",
			"source": "192.168.1.13/32"
		}
	],
	"dns-server": [
		"192.168.1.254"
	],
	"dns-search": [
		
	],
	"neighbors": [
		
	],
	"inactive": {
		"ipv4-address": [
			
		],
		"ipv6-address": [
			
		],
		"route": [
			
		],
		"dns-server": [
			
		],
		"dns-search": [
			
		],
		"neighbors": [
			
		]
	},
	"data": {
		"dhcpserver": "192.168.1.254",
		"leasetime": 86400
	}
}

DHCP requests from a client machine

Internet Systems Consortium DHCP Client 4.4.3-P1
Copyright 2004-2022 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eno1/70:5a:0f:4a:99:4e
Sending on   LPF/eno1/70:5a:0f:4a:99:4e
Sending on   Socket/fallback
DHCPDISCOVER on eno1 to 255.255.255.255 port 67 interval 8
DHCPDISCOVER on eno1 to 255.255.255.255 port 67 interval 13
DHCPDISCOVER on eno1 to 255.255.255.255 port 67 interval 11
DHCPDISCOVER on eno1 to 255.255.255.255 port 67 interval 19
DHCPDISCOVER on eno1 to 255.255.255.255 port 67 interval 8
No DHCPOFFERS received.

Check the cable

There are also a few problems with your config... not sure why you changed these things:

Change the device in the lan interface stanza back to br-lan:

Change the wan zone input rule to REJECT:

1 Like

Sorry, I ran that while the lan cable was removed:

root@OpenWrt:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    link/ether 18:a9:05:eb:a6:58 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.1/24 brd 10.10.10.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::1aa9:5ff:feeb:a658/64 scope link
       valid_lft forever preferred_lft forever
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    link/ether 00:e0:4c:36:5f:3a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.13/24 brd 192.168.1.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::2e0:4cff:fe36:5f3a/64 scope link
       valid_lft forever preferred_lft forever

What's the output of:

netstat -lnp | grep 67; logread -e dnsmasq
root@OpenWrt:~# netstat -lnp | grep 67; logread -e dnsmasq
root@OpenWrt:~# netstat -lnp | grep 67;
root@OpenWrt:~# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:19999           0.0.0.0:*               LISTEN      1991/netdata
tcp        0      0 127.0.0.1:8125          0.0.0.0:*               LISTEN      1991/netdata
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1532/uhttpd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1184/dropbear
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1532/uhttpd
tcp        0      0 ::1:8125                :::*                    LISTEN      1991/netdata
tcp        0      0 :::19999                :::*                    LISTEN      1991/netdata
tcp        0      0 :::3030                 :::*                    LISTEN      1814/AdGuardHome
tcp        0      0 :::80                   :::*                    LISTEN      1532/uhttpd
tcp        0      0 :::22                   :::*                    LISTEN      1184/dropbear
tcp        0      0 :::53                   :::*                    LISTEN      1814/AdGuardHome
tcp        0      0 :::443                  :::*                    LISTEN      1532/uhttpd
udp        0      0 127.0.0.1:8125          0.0.0.0:*                           1991/netdata
udp        0      0 ::1:8125                :::*                                1991/netdata
udp        0      0 :::53                   :::*                                1814/AdGuardHome
udp        0      0 :::547                  :::*                                1419/odhcpd
raw        0      0 ::%4044222448:58        :::*                    58          1419/odhcpd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING        228 709/ubusd           /var/run/ubus/ubus.sock
unix  2      [ ACC ]     STREAM     LISTENING       1884 1991/netdata        /tmp/netdata-ipc

DHCP server not working?

Did you stop dnsmasq for any reason?

/etc/init.d/dnsmasq enable
/etc/init.d/dnsmasq restart
logread -e dnsmasq
1 Like

Yes, I did, so that I can use AdGuard, I should've told you this, sorry.

root@OpenWrt:~# logread -e dnsmasq
root@OpenWrt:~# /etc/init.d/dnsmasq enable
root@OpenWrt:~# /etc/init.d/dnsmasq restart
Command failed: Not found
udhcpc: started, v1.36.1
udhcpc: broadcasting discover
udhcpc: no lease, failing
root@OpenWrt:~# logread -e dnsmasq
Tue May 28 16:09:08 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:08 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:13 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:13 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:18 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:18 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:23 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:23 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:28 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:28 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:33 2024 daemon.crit dnsmasq[1]: failed to create listening socket for 192.168.1.13: Address in use
Tue May 28 16:09:33 2024 daemon.crit dnsmasq[1]: FAILED to start up
Tue May 28 16:09:33 2024 daemon.info procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash
root@OpenWrt:~#

Let me reboot, maybe it'll have a different effect. Or should I stop AdGuard?

Yeah, that's quite relevant.

You should probably start from scratch -- I suspect that you have many broken things.

Now I have DHCP back, but IDK what to do with DNS.

╭─ venego@i5:~
╰─> -_- % ping google.com
ping: google.com: Temporary failure in name resolution
╭─ venego@i5:~
╰─> -_- % ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=55 time=17.3 ms
^C
--- 1.1.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 17.250/17.250/17.250/0.000 ms

You probably have a bunch of issues caused by your adguard installation... like I said:

I need such a solution tho, AdGuard never caused a problem in the previous versions. Maybe Pihole would be more compatible? after I redo the whole thing, ofc.

It's not necessarily AdGuard as the problem... it's that you did a bunch of other things that broke stuff... for example, turning off dnsmasq affected your DHCP server.

Start fresh and follow appropriate guides to ensure you don't break things.
https://openwrt.org/docs/guide-user/services/dns/adguard-home

I didn't know OpenWrt registry has a pckage for it!! thank you.
I followed some random article that says: "disable dnsmaq after installing AdGuard"

Oh! I YOLOed it and installed AdGuard the proper way, and it worked.
BraveBrowser seems to be working, while ping doesn't :rofl:
I'll just re-install as you said.

1 Like