Hello,
I cant put my modem on bridge mode otherwise i do lose ipv6, its an ISP thing that wont change on near future,what i would like to do is to have openwrt on my router but with dhcp off, but force a custom dns to my computers and also wifi instead of the one we have from the isp, is it possible? How do i do it via Luci?
Or what is the best thing to do in this case?
Thanks in advance
If you turn off dhcp you'll configure the settings manually, so you can configure whatever DNS you want on your lan hosts.
Unless I didn't understand something in your proposed topology.
Yeah but i want the router to assign the dns but not the dhcp as i do have the router from the isp that wont come to bridge.
The main question is, how do i do that ? Should it be on the sabe subnet right?
Still it is not clear. How will the router assign the dns without dhcp?
Exactly that is my question.
I do want to to set custom DNS and forward then dhcp from the isp modem.
First forget about forwarding/relaying the dhcp to the isp modem.
In your case you can do the poor man's bridge.
For the ipv6 you can delegate a prefix or relay the RA/DHCPv6/NDP.
There is no way to set DMZ at this isp modem =X
Any other solution>? Maybe if i just disable the firewall there?
It doesn't have to be named DMZ. You can just port forward every tcp and udp port to the OpenWrt wan IP.
If i disable the firewal at the isp modem then all packages will be forwarded anyways so sounds easier, correct
?
I cannot answer that. I don't know which one is the modem of your ISP, nor how it behaves if you turn off its firewall.
That wont work i cant change the firewall on the modem either, so maybe adding it to the lan port would help?
Maybe post which ISP / modem model you have..
I appreciate but the final conclusion is that if i set it to bridge i have no ipv6.
On normal mode i cant select DMZ or change DHCP settings there.
What i want is to use my router as an smart switch with hability to set up custom dns + connect via wifi to the same network, but i dont seem to find a solution, since i always have double nat then.
In terms of OPENWRT what can i do without messing with the isp modem?
There's pretty much nothing to do, if you can't change those settings you're stuck with double nat with no port forwarding capabilities.
Are you sure you can't even change DHCP settings? What ISP are you using and what's the model name of your modem?
Yes its pretty bad.
Ziggo, Connectbox.
That's possible. I have a full dualstock connection from Ziggo with a Connectbox. Not using bridge mode due to loosing IPv6 connectivity.
In your connectbox, turn of the following features: IPv6 firewall and WiFi (both 2.4 and 5 ghz). IPv6 firewall must be disabled, it won't route traffic to OpenWRT when OpenWRT request its own prefix via IPv6 prefix delegation. OpenWRT should also be the only client on the Connectbox. With the IPv6 firewall disabled, IPv6 clients are directly exposed to the internet (the Connectbox configuration page won't be exposed). Create DHCP reservation for static OpenWRT address optionally. Put your OpenWRT router Don't turn of DHCP, otherwise DMZ won't work. Last, configure your OpenWRT router in the DMZ settings of the Connectbox. Now IPv4 and IPv6 traffic is routed to your OpenWRT router.
Make sure your OpenWRT router create its own network to serve wireless and wired clients, and connect the WAN port to your Connectbox.
Use scripts / DDNS to update IP addresses if you expose services to the web. Ziggo has long IPv4 lease times, I won't change for years. However, the IPv6 lease time is very short, so your prefixes could change after a router reboot.
I dont have the DMZ option available, i spoke with the ISP they changed everything to ipv4 and now i can see DMZ, now i can use it and set but then no ipv6.
Just to provide an alternative angle.
Using PREROUTING firewall rules, you can redirect all DNS requests (typically port 53) to a local DNS server instance like dnsmasq. Unless your devices use DNS over HTTPS or within their own tunnel, all requests will go to that instance.
There are threads with examples like here:
It might not be the best solution but is probably the easiest: You could double-NAT. Connect the modem to the router's WAN port and let the router have its own subnet.
That's weird. Which Ziggo region are you in? It should be the other way around: putting the modem in bridge mode disables IPv6 and disables all router functionality (including DMZ).