"https-dns-proxy" does not start after rebooting the router

I have problems with "https-dns-proxy"
After rebooting the router "https-dns-proxy" does not start. Starts working only after a forced reboot of the "https-dns-proxy" service in the control panel.

In the previous version of OpenWRT 22.03 everything worked without problems.

After searching I have seen many posts about the exact same problem over the past 2-3 years. dnsmasq and https-dns-proxy compatibility issue. All of them have been fixed.
Config:
TP-Link Archer C6U (ramips/mt7621)
OpenWrt 23.05.2, lastest "https-dns-proxy" package

Disable the auto start, add a sleep and start, to rc.local.

Will this help? I don't have the experience to make changes like this.

Then you learn something in the process.
Let us know afterwards.

You answered so quickly and confidently, as if you were sure that this was the problem. If this is the case, then why didn't the developers make these changes?

Because not everyone's using https-dns-proxy.

It's probably a race condition, not seen on all devices.

After rebooting, capture the output of logread -ehttps-dns-proxy and post it here.

user.notice https-dns-proxy: Starting service instances on_boot ✓
user.notice https-dns-proxy: Updating dnsmasq config ✓
user.notice https-dns-proxy: Restarting dnsmasq on_config_update ✓
user.notice https-dns-proxy: Stopping service on_boot ✓```

Thank you, one more thing to run in this state:
service https-dns-proxy info

So what's happening under the hood is that htttps-dns-proxy is starting on boot, but then it checks name resolution health and in case it started too early (and the network is not up, so no resolution possible), it shuts down and sets the trigger to be restarted in any interface coming up.

Obviously in your case it only works up to shutdown and the trigger either is not set (that's why I need additional output) or not working.

I tried to figure out which command to use, but I couldn't. Could you write the entire command that needs to be used?

Yes, I did earlier. Reboot your router and in the shell paste:

logread -ehttps-dns-proxy
service https-dns-proxy info

You have already provided the output from the first command, but I also need the output from the second command.

I realized my mistake. I copied the first log from OpenWRT interface. Second command I tried to do it through the command "uci" in Putty. Then I found the correct instructions https://openwrt.org/docs/guide-user/base-system/user.beginner.cli
Sorry and Thank You for your patience :grin:

root@OpenWrt:~# service https-dns-proxy info
{
        "https-dns-proxy": {
                "instances": {
                        "instance1": {
                                "running": true,
                                "pid": 2637,
                                "command": [
                                        "/usr/sbin/https-dns-proxy",
                                        "-r",
                                        "https://dns0.eu/",
                                        "-a",
                                        "127.0.0.1",
                                        "-p",
                                        "5053",
                                        "-b",
                                        "1.1.1.1,1.0.0.1,8.8.8.8,8.8.4.4",
                                        "-4",
                                        "-u",
                                        "nobody",
                                        "-g",
                                        "nogroup"
                                ],
                                "term_timeout": 5,
                                "data": {
                                        "firewall": [
                                                {
                                                        "type": "redirect",
                                                        "target": "DNAT",
                                                        "src": "lan",
                                                        "proto": "tcp udp",
                                                        "src_dport": "53",
                                                        "dest_port": "53",
                                                        "family": "any",
                                                        "reflection": false
                                                },
                                                {
                                                        "type": "rule",
                                                        "src": "lan",
                                                        "dest": "*",
                                                        "proto": "tcp udp",
                                                        "dest_port": "853",
                                                        "target": "REJECT"
                                                }
                                        ],
                                        "mdns": {
                                                "https-dns-proxy_5053": {
                                                        "service": "_https-dns-p                                                                                                                     roxy._udp.local",
                                                        "port": 5053,
                                                        "txt": [
                                                                "DNS over HTTPS                                                                                                                      proxy"
                                                        ]
                                                }
                                        }
                                },
                                "respawn": {
                                        "threshold": 3600,
                                        "timeout": 5,
                                        "retry": 5
                                }
                        }
                },
                "triggers": [
                        [
                                "interface.*.up",
                                [
                                        [
                                                "run_script",
                                                "/etc/init.d/https-dns-proxy",
                                                "restart",
                                                "on_interface_up"
                                        ]
                                ],
                                3000
                        ],
                        [
                                "config.change",
                                [
                                        "if",
                                        [
                                                "eq",
                                                "package",
                                                "https-dns-proxy"
                                        ],
                                        [
                                                "run_script",
                                                "/etc/init.d/https-dns-proxy",
                                                "reload",
                                                "on_config_change"
                                        ]
                                ],
                                1000
                        ]
                ]
        }
}

Thank you for providing the service info output. Are you sure it was ran right after reboot? From that output it looks like the https-dns-proxy is running normally with dns0.eu instance.

Yes, this is right after the reboot. And DoH didn't work.
I noticed that the log shows 1.1.1.1,1.0.0.1,8.8.8.8,8.8.4.4.4 DNS addresses, although in the settings I changed it to another.

The system log and the output from service info contradict each other. If service is stopped, there could be no instances running.

Also, when you say "DoH is not working", please clarify exactly what you mean/how you test.

I see it on https://browserleaks.com/dns or https://1.1.1.1/help (if Cloudflare)
In the WAN settings I changed DNS address to 193.110.81.0 (dns0.eu server)
After router rebooting browserleaks website shows servers from the Netherlands. After restarting https-dns-proxy browserleaks shows the correct servers (country where I am).
Before this I used Cloudflare. In this case it's even easier.
After router rebooting:
Connected to 1.1.1.1 - Yes
Using DNS over HTTPS (DoH) - No
After https-dns-proxy restarting:
Connected to 1.1.1.1 - Yes
Using DNS over HTTPS (DoH) - Yes

Partial log, where, as it seems to me, it is clear what the reason is.
"using nameserver" switches several times between 127.0.0.1#5053 and 193.110.81.0#53

Summary
Fri Mar  1 08:00:37 2024 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!
Fri Mar  1 08:00:37 2024 user.notice dnsmasq: Allowing 127.0.0.0/8 responses
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-nftset no-auth no-cryptohash no-DNSSEC no-ID loop-detect inotify dumpfile
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:00:37 2024 daemon.warn dnsmasq[1]: no servers found in /tmp/resolv.conf.d/resolv.conf.auto, will retry
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Fri Mar  1 08:00:37 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 0 names

Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'lan' is enabled
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'lan' is setting up now
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'lan' is now up

Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is enabled
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is setting up now
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is now up
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: reading /tmp/resolv.conf.d/resolv.conf.auto
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan6' is enabled
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using nameserver 193.110.81.0#53
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Network device 'eth0' link is up
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Network device 'lo' link is up
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'loopback' has link connectivity
Fri Mar  1 08:00:43 2024 daemon.notice netifd: radio0 (1993): WARNING: Variable 'data' does not exist or is not an array/object
Fri Mar  1 08:00:43 2024 user.notice firewall: Reloading firewall due to ifup of lan (br-lan)
Fri Mar  1 08:00:43 2024 user.notice https-dns-proxy: Starting service instances on_boot ✓
Fri Mar  1 08:00:43 2024 user.notice https-dns-proxy: Updating dnsmasq config ✓
Fri Mar  1 08:00:44 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM

Fri Mar  1 08:00:45 2024 daemon.notice netifd: Network device 'wan' link is up
Fri Mar  1 08:00:45 2024 daemon.notice netifd: Interface 'wan' has link connectivity
Fri Mar  1 08:00:45 2024 daemon.notice netifd: Interface 'wan6' has link connectivity
Fri Mar  1 08:00:45 2024 daemon.notice wpa_supplicant[1325]: Set new config for phy phy0
Fri Mar  1 08:00:45 2024 daemon.notice hostapd: Set new config for phy phy0: /var/run/hostapd-phy0.conf
Fri Mar  1 08:00:45 2024 daemon.notice hostapd: Restart interface for phy phy0

Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.378802] br-lan: port 5(phy0-ap0) entered blocking state
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.384474] br-lan: port 5(phy0-ap0) entered disabled state
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.390724] device phy0-ap0 entered promiscuous mode
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.396235] br-lan: port 5(phy0-ap0) entered blocking state
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.401936] br-lan: port 5(phy0-ap0) entered forwarding state
Fri Mar  1 08:00:45 2024 daemon.notice hostapd: phy0-ap0: interface state UNINITIALIZED->COUNTRY_UPDATE
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.408078] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
Fri Mar  1 08:00:45 2024 daemon.notice netifd: bridge 'br-lan' link is up
Fri Mar  1 08:00:45 2024 daemon.notice netifd: Interface 'lan' has link connectivity
Fri Mar  1 08:00:45 2024 daemon.notice netifd: Network device 'phy0-ap0' link is up
Fri Mar  1 08:00:45 2024 kern.info kernel: [   20.496481] IPv6: ADDRCONF(NETDEV_CHANGE): phy0-ap0: link becomes ready
Fri Mar  1 08:00:45 2024 daemon.notice hostapd: phy0-ap0: interface state COUNTRY_UPDATE->ENABLED
Fri Mar  1 08:00:45 2024 daemon.notice hostapd: phy0-ap0: AP-ENABLED
Fri Mar  1 08:00:45 2024 user.notice firewall: Reloading firewall due to ifup of wan (wan)
Fri Mar  1 08:00:46 2024 daemon.notice netifd: Wireless device 'radio0' is now up
Fri Mar  1 08:00:46 2024 kern.info kernel: [   21.159722] mt7530-mdio mdio-bus:1f lan2: Link is Up - 1Gbps/Full - flow control rx/tx
Fri Mar  1 08:00:46 2024 kern.info kernel: [   21.167809] br-lan: port 2(lan2) entered blocking state
Fri Mar  1 08:00:46 2024 kern.info kernel: [   21.173114] br-lan: port 2(lan2) entered forwarding state
Fri Mar  1 08:00:46 2024 daemon.notice netifd: Network device 'lan2' link is up
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-nftset no-auth no-cryptohash no-DNSSEC no-ID loop-detect inotify dumpfile
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 4 names
Fri Mar  1 08:00:48 2024 daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Fri Mar  1 08:00:48 2024 user.notice https-dns-proxy: Restarting dnsmasq on_config_update ✓

Fri Mar  1 08:00:49 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-nftset no-auth no-cryptohash no-DNSSEC no-ID loop-detect inotify dumpfile
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: reading /tmp/resolv.conf.d/resolv.conf.auto
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using nameserver 193.110.81.0#53
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 4 names
Fri Mar  1 08:00:52 2024 daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Fri Mar  1 08:00:52 2024 user.notice https-dns-proxy: Stopping service on_boot ✓

And this problem appears after wan6 starting:

Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is enabled
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is setting up now
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan' is now up
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: reading /tmp/resolv.conf.d/resolv.conf.auto
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:00:43 2024 daemon.notice netifd: Interface 'wan6' is enabled
Fri Mar  1 08:00:43 2024 daemon.info dnsmasq[1]: using nameserver 193.110.81.0#53

This is part of the log after https-dns-proxy restart:

Fri Mar  1 08:04:06 2024 user.notice https-dns-proxy: Starting service instances ✓
Fri Mar  1 08:04:06 2024 user.notice https-dns-proxy: Updating dnsmasq config ✓
Fri Mar  1 08:04:06 2024 daemon.info dnsmasq[1]: exiting on receipt of SIGTERM
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: started, version 2.89 cachesize 1000
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: DNS service limited to local subnets
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-nftset no-auth no-cryptohash no-DNSSEC no-ID loop-detect inotify dumpfile
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: UBus support enabled: connected to system bus
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq-dhcp[1]: DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using nameserver 127.0.0.1#5053
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for test
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for onion
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for localhost
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for local
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for invalid
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for bind
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for use-application-dns.net
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using only locally-known addresses for mask-h2.icloud.com
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: using 2 more local addresses
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 4 names
Fri Mar  1 08:04:10 2024 daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Fri Mar  1 08:04:10 2024 user.notice https-dns-proxy: Restarting dnsmasq on_config_update ✓

If you explicitly specify an external non-encrypted server in dhcp settings with the specific port, the https-dns-proxy can't override that.

I would like to clarify where exactly changes need to be made?
Interfaces > wan > DHCP Server > Advanced settings > DHCP Options ?
or
Network > DHCP and DNS > ... ?

Which changes? You get as good an answer as the effort you put in posing the question.

I would like to clarify where exactly changes need to be made?
Interfaces > wan > DHCP Server > Advanced settings > DHCP Options ?
or
Network > DHCP and DNS > ... ?