Multiple DHCP - DNS server instances not work

Follow this tutorial/commands to create two dnsmasq instances, however, after I follow the commands, I can't connect to the APs anymore (I'm trying to use the wifi) My build 22.03-snapshot

# Remove default instances
while uci -q delete dhcp.@dnsmasq[0]; do :; done
while uci -q delete dhcp.@dhcp[0]; do :; done
 
# Use network interface names for DHCP/DNS instance names
INST="lan guest"
for INST in ${INST}
do
uci set dhcp.${INST}_dns="dnsmasq"
uci set dhcp.${INST}_dns.domainneeded="1"
uci set dhcp.${INST}_dns.boguspriv="1"
uci set dhcp.${INST}_dns.filterwin2k="0"
uci set dhcp.${INST}_dns.localise_queries="1"
uci set dhcp.${INST}_dns.rebind_protection="1"
uci set dhcp.${INST}_dns.rebind_localhost="1"
uci set dhcp.${INST}_dns.local="/${INST}/"
uci set dhcp.${INST}_dns.domain="${INST}"
uci set dhcp.${INST}_dns.expandhosts="1"
uci set dhcp.${INST}_dns.nonegcache="0"
uci set dhcp.${INST}_dns.authoritative="1"
uci set dhcp.${INST}_dns.readethers="1"
uci set dhcp.${INST}_dns.leasefile="/tmp/dhcp.leases.${INST}"
uci set dhcp.${INST}_dns.resolvfile="/etc/resolv.conf.${INST}"
uci set dhcp.${INST}_dns.nonwildcard="1"
uci add_list dhcp.${INST}_dns.interface="${INST}"
uci add_list dhcp.${INST}_dns.notinterface="loopback"
uci set dhcp.${INST}="dhcp"
uci set dhcp.${INST}.instance="${INST}_dns"
uci set dhcp.${INST}.interface="${INST}"
uci set dhcp.${INST}.start="100"
uci set dhcp.${INST}.limit="150"
uci set dhcp.${INST}.leasetime="12h"
ln -f -s /tmp/resolv.conf.d/resolv.conf.auto /etc/resolv.conf.${INST}
done
uci -q delete dhcp.@dnsmasq[0].notinterface
uci commit dhcp
/etc/init.d/dnsmasq restart

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export dhcp; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
   "kernel": "5.10.125",
        "hostname": "DIR-878",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "D-Link DIR-878 A1",
        "board_name": "dlink,dir-878-a1",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "22.03-SNAPSHOT",
                "revision": "r19482-2b8021d614",
                "target": "ramips/mt7621",
                "description": "OpenWrt 22.03-SNAPSHOT r19482-2b8021d614"
        }
}
package network
config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
config globals 'globals'
        option packet_steering '1'
        option ula_prefix 'fdbc:108a:fec5::/48'
config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        option igmp_snooping '1'
config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '10.4.4.1'
config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option peerdns '0'
        list dns '1.1.1.1'
        list dns '8.8.8.8'
        list dns '208.67.222.222'
config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'
config device
        option type 'bridge'
        option name 'br-vlan20'
        list ports 'lan4'
        option igmp_snooping '1'
config bridge-vlan
        option device 'br-vlan20'
        option vlan '20'
        list ports 'lan4'
config interface 'vlan20'
        option proto 'static'
        option device 'br-vlan20.20'
        option ipaddr '10.5.5.1'
        option netmask '255.255.255.0'
config device
        option type 'bridge'
        option name 'br-guest'
config interface 'guestwifi'
        option proto 'static'
        option ipaddr '192.168.4.1'
        option netmask '255.255.255.0'
        option device 'br-guest'
package dhcp
config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'
config domain
        option name 'router.lan'
        option ip '10.4.4.1'
config host
        option ip '10.4.4.200'
        option mac 'xxxxxx'
        option name 'moto-g7-play-xxxxxx'
        option dns '1'
config host
        option ip '10.4.4.201'
        option mac 'xxxxxxxx'
        option name 'mibox4-Ribeiro'
        option dns '1'
config host
        option ip '10.4.4.202'
        option mac '52:xxxxxxxxxxxA0'
        option name 'Galaxy-A10s-Joelma'
        option dns '1'
config host
        option ip '10.5.5.100'
        option mac 'Bxxxxxxxx90'
        option name 'jaxxxxxx'
        option dns '1'
config host
        option ip '10.5.5.101'
        option mac '18xxxxxxxxxCD'
        option name 'joxxxxxxxor'
        option dns '1'
config host
        option ip '10.5.5.102'
        option mac '18:xxxxxxxxxx3'
        option name 'bxxxxxxor'
        option dns '1'
config dnsmasq 'lan_dns'
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases.lan'
        option resolvfile '/etc/resolv.conf.lan'
        option nonwildcard '1'
        list interface 'lan'
config dhcp 'lan'
        option instance 'lan_dns'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
config dnsmasq 'guestwifi_dns'
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/guestwifi/'
        option domain 'guestwifi'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases.guestwifi'
        option resolvfile '/etc/resolv.conf.guestwifi'
        option nonwildcard '1'
        list interface 'guestwifi'
        list notinterface 'loopback'
config dhcp 'guestwifi'
        option instance 'guestwifi_dns'
        option interface 'guestwifi'
        option start '100'
        option limit '150'
        option leasetime '12h'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
7: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc cake state UP qlen 1000
    inet 10.2.2.105/24 brd 10.2.2.255 scope global wan
       valid_lft forever preferred_lft forever
21: br-vlan20.20@br-vlan20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc cake state UP qlen 1000
    inet 10.5.5.1/24 brd 10.5.5.255 scope global br-vlan20.20
       valid_lft forever preferred_lft forever
60: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP qlen 1000
    inet 10.4.4.1/24 brd 10.4.4.255 scope global br-lan
       valid_lft forever preferred_lft forever
65: br-guest: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    inet 192.168.4.1/24 brd 192.168.4.255 scope global br-guest
       valid_lft forever preferred_lft forever
default via 10.2.2.1 dev wan  src 10.2.2.105
10.2.2.0/24 dev wan scope link  src 10.2.2.105
10.4.4.0/24 dev br-lan scope link  src 10.4.4.1
10.5.5.0/24 dev br-vlan20.20 scope link  src 10.5.5.1
192.168.4.0/24 dev br-guest scope link  src 192.168.4.1
broadcast 10.2.2.0 dev wan table local scope link  src 10.2.2.105
local 10.2.2.105 dev wan table local scope host  src 10.2.2.105
broadcast 10.2.2.255 dev wan table local scope link  src 10.2.2.105
broadcast 10.4.4.0 dev br-lan table local scope link  src 10.4.4.1
local 10.4.4.1 dev br-lan table local scope host  src 10.4.4.1
broadcast 10.4.4.255 dev br-lan table local scope link  src 10.4.4.1
broadcast 10.5.5.0 dev br-vlan20.20 table local scope link  src 10.5.5.1
local 10.5.5.1 dev br-vlan20.20 table local scope host  src 10.5.5.1
broadcast 10.5.5.255 dev br-vlan20.20 table local scope link  src 10.5.5.1
broadcast 127.0.0.0 dev lo table local scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host  src 127.0.0.1
local 127.0.0.1 dev lo table local scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link  src 127.0.0.1
broadcast 192.168.4.0 dev br-guest table local scope link  src 192.168.4.1
local 192.168.4.1 dev br-guest table local scope host  src 192.168.4.1
broadcast 192.168.4.255 dev br-guest table local scope link  src 192.168.4.1
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default
-rw-r--r--    1 root     root           132 Jun 28 19:17 /etc/resolv.conf
lrwxrwxrwx    1 root     root            35 Jun 28 19:41 /etc/resolv.conf.guest -> /tmp/resolv.conf.d/resolv.conf.auto
lrwxrwxrwx    1 root     root            35 Jun 29 22:34 /etc/resolv.conf.guestwifi -> /tmp/resolv.conf.d/resolv.conf.auto
lrwxrwxrwx    1 root     root            35 Jun 29 22:34 /etc/resolv.conf.lan -> /tmp/resolv.conf.d/resolv.conf.auto
lrwxrwxrwx    1 root     root            16 Jun 27 20:34 /etc/resolv.conf.nextdns-bak -> /tmp/resolv.conf
lrwxrwxrwx    1 root     root            35 Jun 28 19:42 /etc/resolv.conf.vlan20 -> /tmp/resolv.conf.d/resolv.conf.auto
-rw-r--r--    1 root     root            47 Jun 29 02:51 /tmp/resolv.conf
-rw-r--r--    1 root     root           111 Jun 28 20:03 /tmp/resolv.conf.d/resolv.conf.auto
/tmp/resolv.conf.d:
-rw-r--r--    1 root     root           111 Jun 28 20:03 resolv.conf.auto
==> /etc/resolv.conf <==
# This file is managed by nextdns.
#
# Run "nextdns deactivate" to restore previous configuration.
search lan
nameserver 127.0.0.1
==> /etc/resolv.conf.guest <==
# Interface wan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 208.67.222.222
# Interface wan6
nameserver ::
==> /etc/resolv.conf.guestwifi <==
# Interface wan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 208.67.222.222
# Interface wan6
nameserver ::
==> /etc/resolv.conf.lan <==
# Interface wan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 208.67.222.222
# Interface wan6
nameserver ::
==> /etc/resolv.conf.nextdns-bak <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /etc/resolv.conf.vlan20 <==
# Interface wan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 208.67.222.222
# Interface wan6
nameserver ::
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error
==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface wan
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 208.67.222.222
# Interface wan6
nameserver ::

Config looks alright. What is the problem exactly? Can't you connect to wifi at all? This would be irrelevant to the dnsmasq. If you can connect but don't get dhcp, this needs some more troubleshooting service dnsmasq restart; logread -e dnsmasq

Thu Jun 30 08:41:34 2022 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!             
Thu Jun 30 08:41:34 2022 user.notice dnsmasq: Allowing 127.0.0.0/8 responses                                                           
Thu Jun 30 08:41:35 2022 user.notice dnsmasq: DNS rebinding protection is active, will discard upstream RFC1918 responses!             
Thu Jun 30 08:41:35 2022 user.notice dnsmasq: Allowing 127.0.0.0/8 responses                                                           
Thu Jun 30 08:41:36 2022 user.err : jail: creat(/tmp/ujail-bnldhP/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:41:36 2022 user.err : jail: creat(/tmp/ujail-mMNLfC/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:41:36 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:41:36 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:41:36 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:41:36 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:41:41 2022 user.err : jail: creat(/tmp/ujail-mLaiPi/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:41:41 2022 user.err : jail: creat(/tmp/ujail-KHKgfm/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:41:41 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:41:41 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:41:41 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:41:41 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:07 2022 user.err : jail: creat(/tmp/ujail-OplOfF/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:07 2022 user.err : jail: creat(/tmp/ujail-LgpkEE/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:07 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:07 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:07 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:07 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:12 2022 user.err : jail: creat(/tmp/ujail-HJOkpI/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:12 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:12 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:12 2022 user.err : jail: creat(/tmp/ujail-lDLLka/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:12 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:12 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:17 2022 user.err : jail: creat(/tmp/ujail-LpfIEf/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:17 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:17 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:17 2022 user.err : jail: creat(/tmp/ujail-BFIcnB/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:17 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:17 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:22 2022 user.err : jail: creat(/tmp/ujail-lccDCn/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:22 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:22 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:22 2022 user.err : jail: creat(/tmp/ujail-ENmLAI/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:22 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:22 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:27 2022 user.err : jail: creat(/tmp/ujail-pfBKPg/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:27 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:27 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:27 2022 user.err : jail: creat(/tmp/ujail-Ieckde/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:27 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:27 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:32 2022 user.err : jail: creat(/tmp/ujail-KhplkF/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:32 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.lan for resolv-file is missing, cannot poll                
Thu Jun 30 08:44:32 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:32 2022 daemon.info procd: Instance dnsmasq::lan_dns s in a crash loop 6 crashes, 0 seconds since last crash          
Thu Jun 30 08:44:32 2022 user.err : jail: creat(/tmp/ujail-GNedlK/etc/dnsmasq.conf) failed: Read-only file system                      
Thu Jun 30 08:44:32 2022 daemon.crit dnsmasq[1]: directory /etc/resolv.conf.guestwifi for resolv-file is missing, cannot poll          
Thu Jun 30 08:44:32 2022 daemon.crit dnsmasq[1]: FAILED to start up                                                                    
Thu Jun 30 08:44:32 2022 daemon.info procd: Instance dnsmasq::guestwifi_dns s in a crash loop 6 crashes, 0 seconds since last crash

seems to be the issue ...

what does mount have to say ?

2 Likes

in the previous version 21.02.03 it works, but in this one it doesn't

  1. does /tmp/resolv.conf.d exist? and /tmp/resolv.conf.d/resolv.conf.auto?
  2. would you try with this:
    uci set dhcp.${INST}_dns.resolvfile="/tmp/resolv.conf.d/resolv.conf.${INST}" and skip ln -f -s ... part?

Wasn't there something about jails not working in the recent release thread? got patched on master instead?

(edit) Found it

1 Like

looks like it hasn't been fixed

quick fix about 'failed to seed the random number generator' problem:
edit /etc/init.d/dnsmasq
add /dev/urandom at the end of this line procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts /etc/ethers

final line looks like:
procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts /etc/ethers /dev/urandom

5 Likes

I just found that in 22.03.3 the same problem still exists, luckily I was able to find this thread out (because all my clients were able to get the IPv6 ULA assignment from my OpenWRT but no IPv4 at all!)