Disabling dnsmasq dns via port 0 also disables static lan ips

I have trying to replace dns part of dnsmasq with dnscrypt.
when I set port of dnsmasq to zero so that I can set dnscrypt at 53, the dns part works.
but the issue I get is that the lan IPs I set for my lan devices names like openwrt dont work.

how can I fix that?

By ensuring dnsmasq still listens on the DHCP server port.

1 Like

run dnscrypt on a different port, configure dnsmasq to use dnscrypt.as upstream DNS resolver.

1 Like

I have done that.
I had random "config error REFUSED" answers from dnsmasq, that messed with my internet.
that's why I went direct dnscrypt.

Interesting behavior, could https-dns-proxy be an option?

I dont understand that?
I need dns and dhcp.
if I use dns of dnsmasq I get random errors.
If I disbable the dns port (53) on dnsmasq part in /etc/config/dhcp I lose dchp?

my issue is not finding an alternative dns server, as I already have.
my issue is that disabling via port zero on dnsmasq loses the dchp.
or at least the static lan IPs that I have set.

if disable dnsmasq then upon reboot I lose access to router.

I mean replacing dnscrypt with https-dns-proxy, it's more common than dnscrypt, and I seldom see people complain about the functionality.

my issue is not dnscrypt.
my issue was with dns part of dnsmasq, that I tried to replace succesfully with dnscypt (or whatever else). but that also makes lan devices dont get static IPs.


tried putting the dns on a high port instead of 0?

that would keep lan static IPs ?

I've never used dnscrypt, so I don't know what it is, and isn't capable of.

But if we assume you need dnsmasq's DHCP for the static IPs to work, then it could be a way forward.

Reassign dnsmasq dns to some random port, and have dnscrypt listen on port 53 instead.

I have done so and still I dont get lan IPs.

The proper term here is "DHCP reservations." "Static IPs" are configured in an endpoint device directly and don't involve the router.

Is a dnsmasq process running? You may have misconfigured it in a way that it doesn't start.

When you don't need local DNS, dnsmasq can be replaced with odhcpd, which is a program that only does DHCP. Remove the ipv6only version of odhcpd and install the full version.

dnsmasq is running.
I even see these for my phone in log: I removed some of the mac part.

daemon.info dnsmasq-dhcp[1]: DHCPREQUEST(br-lan) 48:2cMyPhoneMac
daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 48:2c:MyPhoneMac Mi-A2

and I see on my phone that my phone has the correct ip.
but when I ping from my laptop or router(openwrt)

 ping Mi-A2
ping: Mi-A2: Name does not resolve

I think I need to somehow tell dnscrypt to get the lan IPs from dhcp or something, I am not familiar with how that works.
but I think my laptop (or router) asks who is the Mi-A2 and dnscrypt answers that it doesn't know.

that would be a reason for keeping dnsmasq intact, and use dnscrypt or hhtps-dns-proxy as upstream DNS.

as I said two times before: I get dns errors randomly with dnsmasq in new version (dont know which update was that) .

I know the issue is with dnsmasq because I get this log:
dnsmasq[1]: config error is REFUSED

but my I can drill(nslookup) with direct
and because dnsmasq kinda cache for a short while the error it becomes very frustrating.

I'm aware, but the error could be cause by dnscrypt, not dnsmasq, that's why I keep suggesting hhtps-dns-proxy.

Or is the REFUSED related to the dnsmasq start, not query ?

that error was with pure dnsmasq.
that was why I tried to replace the dns part.

Weird though, since dnsmasq is used in all the FWs here, and you're the 1st one posting about this.

Still don't think it's a dnsmasq only issue, or we'd have seen it already.

What openwrt version are you running, post the output of bus call system board.

bus call system board
-ash: bus: not found

and this is the first time I see this error in openwrt but I think it was after 22.03.2/