Good day! I'm currently trying to create two separate interfaces one for lan and the other a DMZ for Raspberry pi (maybe later another one for guest, but not so important). Separating the two with its own vlan, creating firewall with port 53, 67, 68 allowed for RPI, and making RPI routed through wireguard with vpn-policy-routing work fine already for a long time, but I'm dead stuck with separating the dns dhcp. What I want to do simply is:
- LAN: dnsmasq (1) + DOH (1) with dns-https-proxy + Adblock
- RPI: dnsmasq (2) + DOH (2) with dns-https-proxy + Wireguard
I'm sure dns-https-proxy can be used in two separate dnsmasq (or not?), so pretty likely I did something wrong somewhere. Here is my dhcp settings so far:
config dnsmasq 'lan_dns'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option nonwildcard '1'
option ednspacket_max '1232'
option cachesize '5000'
option leasefile '/tmp/dhcp.leases.lan'
option confdir '/tmp/dnsmasq.d'
list interface 'lan'
option localservice '1'
option localuse '1'
option noresolv '1'
list server '127.0.0.1#5555'
config dnsmasq 'raspi_dns'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/raspi/'
option domain 'raspi'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option nonwildcard '1'
option ednspacket_max '1232'
option cachesize '5000'
option leasefile '/tmp/dhcp.leases.raspi'
list interface 'raspi'
list notinterface 'loopback'
option localservice '1'
option localuse '1'
option noresolv '1'
list server '127.0.0.1#6666'
With this setting the dhcp leases files were created, and the RPI came up in its own lease file, but somehow in Luci's active dhcp lists the RPI was still listed under lan_dns (or is this a known bug?). Also its traffic was still filtered by the lan Adblock, which I clearly don't want.
Thanks for any help!