DNS via DHCP wont work (DHCP Option 6)

dimagoltsman · April 2, 2020, 11:58am

No matter what i did, my clients get the router ip address as dns.
added this option, but nothing helps.
what am i doing wrong?


config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	option noresolv '1'
	list server '192.168.1.169'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	list dhcp_option '6,192.168.1.169'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'
...
...
...

fantom-x · April 2, 2020, 12:05pm

In my experience not all devices respect this flag.

dimagoltsman · April 2, 2020, 12:10pm

i have a friend with exactly the same router, also with exactly the same Mac, it works for him...

trendy · April 2, 2020, 12:18pm

Do you mean Androids that keep using GoogleDNS?

@dimagoltsman restart the server manually and check the log for errors.
service dnsmasq restart ; logread -e dnsmasq

dimagoltsman · April 2, 2020, 12:31pm

root@OpenWrt:~# service dnsmasq restart ; logread -e dnsmasq
udhcpc: started, v1.30.1
udhcpc: sending discover
udhcpc: sending select for 192.168.1.54
udhcpc: lease of 192.168.1.54 obtained, lease time 86400
Thu Apr  2 15:27:21 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:24 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:26 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:27 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:27 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:30 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:32 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:32 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:33 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:33 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:36 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:37 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:37 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:39 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:39 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:42 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:44 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:45 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:45 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:47 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:47 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:51 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:51 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:54 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:56 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:27:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:00 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:02 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:03 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:03 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:06 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:08 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:08 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:09 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:10 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:12 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:14 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:15 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:15 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:18 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:18 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:20 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:21 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:21 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:24 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:26 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:27 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:27 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:30 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:32 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:33 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:34 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:36 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:37 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:37 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:39 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:40 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:42 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:43 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:45 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:45 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:48 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:48 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:51 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:52 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:54 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:56 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:28:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:41 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:43 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:45 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:46 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:48 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:48 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:50 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:51 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:51 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:54 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:56 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:29:57 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:30:00 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:30:02 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:30:03 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:30:04 2020 daemon.warn dnsmasq[17495]: possible DNS-rebind attack detected: internal-internal-balancers-1701858577.us-east-1.elb.amazonaws.com
Thu Apr  2 15:30:05 2020 daemon.info dnsmasq[17495]: exiting on receipt of SIGTERM
Thu Apr  2 15:30:05 2020 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!
Thu Apr  2 15:30:05 2020 user.notice dnsmasq: Allowing 127.0.0.0/8 responses
Thu Apr  2 15:30:06 2020 user.notice dnsmasq: found already running DHCP-server on interface 'br-lan' refusing to start, use 'option force 1' to override
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: started, version 2.80 cachesize 150
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: DNS service limited to local subnets
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify dumpfile
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain test
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain onion
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain localhost
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain local
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain invalid
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain bind
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using nameserver 9.9.9.9#53
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using nameserver 9.9.9.10#53
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: using local addresses only for domain lan
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: read /etc/hosts - 4 addresses
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: read /tmp/hosts/odhcpd - 5 addresses
Thu Apr  2 15:30:06 2020 daemon.info dnsmasq[19367]: read /tmp/hosts/dhcp.cfg01411c - 14 addresses

dimagoltsman · April 2, 2020, 12:34pm

ok you really helped! Thanx!
saw the error and ticked the force thing, works now

trendy · April 2, 2020, 1:01pm

The rebind attack is caused because of option rebind_protection '1', however public services are not supposed to respond with private IPs.
The other thing is that dnsmasq has detected another dhcp server in your lan. Instead of using the force option, you need to find which one is it and disable it (some Pihole, some other router?)

dimagoltsman · April 2, 2020, 3:13pm

pihole not set to dhcp. i have tenda mesh network that is set to bridge, but no idea what dhcp server i have here...
i have rpi with home assistant, rpi with octoprint, rpi with minidlna.... lot of stuff....

trendy · April 2, 2020, 3:56pm

Having 2 DHCP servers will cause random issues, because hosts will use the server that will reply to them faster and they will be using random gateways, dns and you might even have IP conflicts.
Disable the DHCP server on OpenWrt.
Then use a host to ask for IP from DHCP and see which DHCP server will reply.

dimagoltsman · April 2, 2020, 4:15pm

nope... nothing responded...
maybe one of my ESP8266 sensors is in some strange mode....

dimagoltsman · April 8, 2020, 12:49pm

ok i had this thing again and i investigated.

the problem: random devices get a reserved ip address that should only go to specific device.

opened wireshark with 'bootp' filter, restarted the router and looked for all dhcp requests and responses.

i found out that my Tenda Nova MW3 mesh devices are responding to it (evan its configured as bridge)

what i did is just turn it off, restarted the router and after everything got their reserved ips, turn it back on...

trendy · April 8, 2020, 12:55pm

Did you turn off the dhcp server of the Tenda? Otherwise it is not a solution but a temporary workaround.

dimagoltsman · April 8, 2020, 1:02pm

yes, as i said, its set to "BRIDGE"....

system · April 18, 2020, 1:12pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.