oDHCPd static lease issue

I finally managed to get oDHCPd to assign IPv4 addresses only, but now it isn't obeying the static leases I am inputting, nor is it assigning specific DNS that I am applying to those hosts.

Unsure why it is not working and I want to pull my hair out. Here is my config:

config dhcp 'lan'
        option interface 'lan'
        option start '2'
        option limit '254'
        option leasetime '24h'
        option dhcpv4 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/lib/unbound/odhcpd.sh'
        option loglevel '4'

config host
        option name 'PC'
        option mac 'x-x-x-x-x-x'
        option ip '10.0.0.2'
        option leasetime 'infinite'
        list tag 'tag1'

config tag 'tag1'
        option dhcp_option '6,x.x.x.x'

What am I failing to add or remove?

I am still unable to get static leases to work. It continues to assign random IP addresses even if the config host is set.

Is there a reason you don't want to use dnsmasq for your dhcp server?

Meanwhile, your pool size is too big if you have a /24 network. The limit must be <=253 if you have a start value of 2.

Try removing the leastime and tag options from below...

If that doesn't fix it, let's see the complete network and dhcp files.

I could use DNSMasq, but I am using Unbound + oDHCPd. Using Unbound for DNS and DHCP for DNSMasq is tricky to set up.

Just add a dns option per host section and set it to 1.

Edit: for reference https://github.com/openwrt/packages/issues/22691

Would that also work for oDHCPd?

Yep, thats for unbound plus odhcpd....without dnsmasq.

No change. Static lease is not being enforced.

config host
        option name 'PC'
        option mac 'x-x-x-x-x-x'
        option ip '10.0.0.2'
        option leasetime 'infinite'
        option dns '1'
        list tag 'tag1'

Did you try the things i mentioned above?

Show your unbound config. Did you set the extra dns option?

I did. Doing that made it so that I cannot renew a new IP address. If I release then try to renew, it won't give me a new IP address and I have to set a static one to reconnect.

If it's any hinter at all, when it does allow renewals, it keeps assigning me "10.0.0.233", that exact same IP address even though I haven't specified it to do so.

Can we see the complete configuration files as I had requested earlier?

/etc/config/unbound:


config unbound 'ub_main'
        option dhcp_link 'odhcpd'
        option dns64 '0'
        option domain 'lan'
        option edns_size '1232'
        option extended_stats '0'
        option hide_binddata '1'
        option interface_auto '1'
        option listen_port '53'
        option localservice '1'
        option manual_conf '0'
        option num_threads '2'
        option protocol 'default'
        option rate_limit '0'
        option rebind_localhost '1'
        option rebind_protection '1'
        option recursion 'default'
        option resource 'default'
        option root_age '9'
        option ttl_min '120'
        option ttl_neg_max '1000'
        option unbound_control '2'
        option validator '1'
        option validator_ntp '1'
        option verbosity '1'
        list iface_wan 'wan'
        option enabled '1'
        option iface_lan 'lan'
        option domain_type 'static'
        option add_wan_fqdn '1'
        option add_extra_dns '1'
        option add_local_fqdn '1'
        list iface_trig 'lan'
        list iface_trig 'wan'

config zone 'DNS'
        option enabled '1'
        option fallback '0'
        option tls_index 'placeholder.com'
        option tls_upstream '1'
        option zone_type 'forward_zone'
        list zone_name '.'
        list server 'x.x.x.x'
        option dns_assist 'none'

I changed extra dns from 0 to 1, no change.

Sure. Which files do you need to see?

For /etc/config/dhcp, my original post has its entire contents.
For /etc/config/unbound, I just posted its entire contents right above.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

ubus system board call:

        "kernel": "5.15.150",
        "hostname": "???",
        "system": "ARMv7 Processor rev 0 (v7l)",
        "model": "Netgear Nighthawk XR500",
        "board_name": "netgear,xr500",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.3",
                "revision": "r23809-234f1a2efa",
                "target": "ipq806x/generic",
                "description": "OpenWrt 23.05.3 r23809-234f1a2efa"
        }
}

/etc/config/network:

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix '???'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1.1'
        option ipv6 '0'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '10.0.0.1'
        option netmask '255.255.255.0'
        list dns '10.0.0.1'
        option delegate '0'

config interface 'wan'
        option device 'eth0.2'
        option proto 'dhcp'
        option hostname '*'
        option peerdns '0'
        list dns '10.0.0.1'
        option delegate '0'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '1 2 3 4 6t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '5 0t'

config device
        option name 'eth0'
        option ipv6 '0'

config device
        option name 'eth0.2'
        option type '8021q'
        option ifname 'eth0'
        option vid '2'
        option ipv6 '0'

config device
        option name 'eth1'
        option ipv6 '0'

config device
        option name 'eth1.1'
        option type '8021q'
        option ifname 'eth1'
        option vid '1'
        option ipv6 '0'

config device
        option name 'phy0-ap0'
        option ipv6 '0'

/etc/config/wireless:

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
        option channel '36'
        option band '5g'
        option htmode 'VHT80'
        option cell_density '0'
        option txpower '14'
        option country 'US'
        option beacon_int '200'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid '???'
        option encryption 'sae'
        option isolate '1'
        option dtim_period '1'
        option key '???'
        option skip_inactivity_poll '1'
        option macaddr 'random'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
        option channel '1'
        option band '2g'
        option htmode 'HT20'
        option disabled '1'

/etc/config/dhcp:

config dhcp 'lan'
        option interface 'lan'
        option start '2'
        option limit '253'
        option leasetime '24h'
        option dhcpv4 'server'
        option ra 'server'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/lib/unbound/odhcpd.sh'
        option loglevel '4'

config host
        option name 'PC'
        option mac '???'
        option ip '10.0.0.2'
        option dns '1'

config tag 'tag1'
        option dhcp_option '6,???'

/etc/config/firewall:

config defaults
        option input 'DROP'
        option output 'ACCEPT'
        option forward 'DROP'
        option synflood_protect '1'
        option drop_invalid '1'
        option flow_offloading '1'
        option flow_offloading_hw '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option mtu_fix '1'
        list network 'lan'

config zone
        option name 'wan'
        option input 'DROP'
        option output 'ACCEPT'
        option forward 'DROP'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'
        option enabled '0'

config rule
        option name 'HTTP Router'
        option src 'lan'
        list src_ip '10.0.0.1'
        option dest 'wan'
        option dest_port '80'
        option target 'DROP'

config rule
        option name 'HTTP Devices'
        option src 'lan'
        option dest 'wan'
        option dest_port '80'
        option target 'DROP'
        list src_ip '10.0.0.3/24'

config include 'pbr'
        option fw4_compatible '1'
        option type 'script'
        option path '/usr/share/pbr/pbr.firewall.include'

The leasefile option looks odd ... make sure, that it really points to an existing leasefile. In my config it points to ...

option leasefile '/var/lib/odhcpd/dhcp.leases'

Edit: please reboot your router after you've applied all your changes.

 option leasefile '/tmp/hosts/odhcpd'

is completely correct, that's where odhcpd tucks away its leases. I have it as well. There does not seem to be a /var/lib/odhcpd directory by default.

1 Like

That's may be OK (as the directory will be created if not available), but in the unbound readme regarding odhcpd & unbound the other file/directory will be recommended, see https://github.com/openwrt/packages/blob/master/net/unbound/files/README.md#unbound-and-odhcpd

Well, either your suggestion fixed the static lease problem, or some magic happened while I was asleep. For some reason, /tmp/hosts/odhcpd is automatically assigned when installing it. Leasetrigger was the same, Unbound reported it was incorrectly set to sbin by default, which is how I knew to check documentation to fix that.

However, I still have one critical issue: my tag option to give an IP address a separate DNS is not applying, it is applying Unbound's DNS still:

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/var/lib/odhcpd/dhcp.leases'
        option leasetrigger '/usr/lib/unbound/odhcpd.sh'
        option loglevel '4'

config host
        option name 'PC'
        option mac 'x-x-x-x-x-x'
        option ip '10.0.0.2'
        option dns '1'
        list tag 'tag1'

config tag 'tag1'
        option dhcp_option '6,x.x.x.x'

As you can see at the bottom, I use the split-dns option that egc has specified in previous posts to other users. But for some reason, OpenWRT is not obeying it like it does with DNSMasq.

So I have two questions:

1. How do I make it so the tag option works correctly again?
2. Is there anything in my Unbound+DHCP configs that is needless?

Unbound is for DoT+DNSSEC to serve devices on a home router, and DHCP should be IPv4 only. (The "ra" parts of my config, I am unsure if I even need those specified. I've forgotten about it.)