Sorry about this question.
When I start the DHCP server by interfaces in I get the following error in the logging
Sat Mar 14 14:57:05 2026 daemon.crit dnsmasq[1]: bad dhcp-range at line 66 of /var/etc/dnsmasq.conf.cfg01411c
checking the dnsmasw.conf.cfg file line 66 is dhcp-range=set:lan,19,,255.255.255.0,12h
My router is Netgear R8000 (BCM4709)
How can I get DNSMASQ to write a proper config file
Thanks
By not making any config errors.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button (red circle; this works best in the 'Markdown' composer view in the blue oval):
Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
The ipcalc must have errored out. Post the network and dhcp config.
Not so easy with a troublesome dropbear "Not backgrounding"
Try failsafe mode. Once booted and logged in, mount_root and the grab the config files.
{
"kernel": "6.6.119",
"hostname": "DG-DNS",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Netgear R8000 (BCM4709)",
"board_name": "netgear,r8000",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.5",
"revision": "r29087-d9c5716d1d",
"target": "bcm53xx/generic",
"description": "OpenWrt 24.10.5 r29087-d9c5716d1d",
"builddate": "1766005702"
}
}
cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd1c:50c7:477::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ip6assign '60'
option gateway '192.168.0.254'
option broadcast '192.168.0.255'
option metric '40'
option ip4table 'default'
option ip6table 'default'
option dns_metric '0'
option force_link '0'
list dns_search 'home'
list ipaddr '192.168.0.238/24'
list ipaddr '192.168.0.1/24'
list ipaddr '192.168.0.2/24'
cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option local '/home/'
option domain 'home'
option expandhosts '1'
option cachesize '1000'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option ednspacket_max '1232'
list interface 'lan'
option port '53'
option minport '1024'
option maxport '50000'
option nonwildcard '0'
option logfacility 'DAEMON'
option filter_aaaa '1'
option nonegcache '1'
option stripmac '1'
option stripsubnet '1'
option logdhcp '1'
list server '/mask.icloud.com/'
list server '/mask-h2.icloud.com/'
list server '/use-application-dns.net/'
list server '127.0.0.1#5053'
list server '127.0.0.1#5054'
option dnssec '1'
option doh_backup_noresolv '-1'
option noresolv '1'
list doh_backup_server '/mask.icloud.com/'
list doh_backup_server '/mask-h2.icloud.com/'
list doh_backup_server '/use-application-dns.net/'
list doh_backup_server '127.0.0.1#5053'
list doh_backup_server '127.0.0.1#5054'
list doh_server '127.0.0.1#5053'
list doh_server '127.0.0.1#5054'
config dhcp 'lan'
option interface 'lan'
option start '45'
option limit '253'
option leasetime '12h'
option dhcpv4 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
option piofolder '/tmp/odhcpd-piofolder'
The limit is added to the start, it doesn’t represent the ending IP. Change limit to 209.
Also, on 24.10, it will error out if the lan ip is within the dhcp range. So this is probably the first offense. Then the limit is next.
# ipcalc.sh 192.168.0.238/24 45 253
IP=192.168.0.238
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
PREFIX=24
COUNT=256
error: address 192.168.0.238 inside range 192.168.0.45..192.168.0.254
I was going to raise that issue, too.
And it prompts another question: why does your lan interface have 3 different addresses. It's not technically incorrect to use multiple addresses in the same subnet, but it doesn't generally make a lot of sense to do this.
Another question/issue:
This device is clearly not the main router. Does the main router have its DHCP server disabled?
Thanks, I have changed it to Start 50: Limit: 203
But still a wrong dhcp-range in DNSMASQ config file
dhcp-range=set:lan,19,,255.255.255.0,12h
this must be dhcp-range=set:lan,192.168.0.50,192.168.0.253,255.255.255.0,12h
Did you remove the lan address that was within the DHCP pool?
Thanks, this was the issue. I changed the pool with the lan address outside the pool.
About your other question, yes there is another DHCP service in the network and this router is going to replace it, but I had to be sure it was working. And hopefully this router will replace the ISP router in the future when I get it working properly. For the time being I use is only for encrypted DNS and after some testing for DHCP.
The lack of error controle in luci is a PIMA for me and the interface is not typical user-friendly. It is not built by a webdesigner but by a webdeveloper with a linux background.
In the past I used Openwrt with an old linksys and during those days it was a lot better.
And since there can't be 2 DHCP server on a single broadcast domain [without advanced configuration], did you disable the other DHCP server while making sure and testing that the OpenWrt works?
thank you for your compliment
It's a valid question.
I’m going to guess that the op has not disabled the dhcp server on the main router.
Why do I think that?
If the main dhcp server is disabled with the current openwrt config, the network will appear to break because the DHCP advertised gateway will be incorrect. The op needs to add dhcp option 3 in order to ensure that the correct gateway is supplied.
With that in mind, I would wager that the dhcp server on OpenWrt is disabled as a function of a positive hit on the dhcp probe test that is performed when the dhcp server starts.
You mean this:
config dhcp 'lan'
option interface 'lan'
option start '50'
option limit '30'
option leasetime '12h'
option dhcpv4 'server'
list dhcp_option '3,192.168.0.254'
list dhcp_option '6,192.168.0.1,192.168.0.2'
Yes.
But... I also see this:
which, when looking at this next part...
doesn't make any sense.
The purpose of providing two (or more) DNS servers is for redundancy. Since both of the DNS addresses are the same as this current device, there is absolutely zero value in this method... if the device as a whole, or even just the dnsmasq service goes down, neither DNS server addresses will respond. I would recommend removing one of the addresses from both the lan interface and the DHCP option 6 line. Later, you can add another physical device to your network that is the secondary DNS server, if you wish to have a backup DNS*.
Further, you never did answer the question about why you have 3 addresses on the lan interface. There doesn't seem to be any real reason to do this in your situation.
*There is an argument that a single DNS server is fine if/when that DNS server is actually hosted on the main gateway. Typically, if the gateway goes down, the lack of DNS is not the core issue. You could still have a dnsmasq failure, but I think that's relatively infrequent (assuming proper configuration) and the likelihood of a larger issue with the gateway device (i.e. power, software crash affecting the whole system, etc.) is probably statistically more relevant.
Also, returning to this.... disabling the main router's DHCP server is mandatory if you want the OpenWrt DHCP server to be active. While it is possible to force-enable the OpenWrt DHCP server, it is a bad idea to do so in most situations because two or more simultaneous DHCP servers on a network can cause major issues (unless, as @lleachii said, you've done advanced configurations on all of the DHCP servers to ensure that they work in a cooperative manner; this is highly uncommon for small networks, and this type of advanced config is almost always serious overkill in those environments).