Problem dnsmasq! (can't configure!)

NanoPI R4S (OpenWrt 21.02.3 r16554-1d4dea6d4f / LuCI openwrt-21.02 branch git-22.083.69138-0a0ce2a) and dnsmasq 2.85-8

Before dnsmasq I used bind (unfortunately I had to remove it as it is not suitable for blocking ads). So I decided to use dnsmasq. A bit painful interface, given that in the luci interface both the DHCP and DNS options are mixed and for a person who perhaps has no experience with dnsmasq it is a problem! But let's go on...
These are screenshots of the current dnsmasq settings. There are two big problems.

  • Set the forwarders to that address in the picture (via stubby) and it doesn't work
  • Before, with bind I had set some "zones" where there were entries (on a specific interface/subnet) for my personal devices...and more, on the other interface (wan/wifi). So I had "separated" the two network. Here, with dnsmasq, how do I do it!?

Other issues:

  • I still haven't figured out if I have to operate from the lights interface or via cli, and for a newbie it's a bit "unsettled"
  • I set it must not touch the resolv.conf file and when I try to check it changes the values ​​in that file!
  • Set the min-cache-ttl and it's as if I didn't set it!

File config/dhcp:

config dnsmasq
        option authoritative '1'
        option leasefile '/tmp/dhcp.leases'
        option ednspacket_max '1232'
        option nonwildcard '0'
        option dnsseccheckunsigned '0'
        option confdir '/tmp/dnsmasq.d/'
        option port '53'
        option localuse '1'
        option noresolv '1'
        option quietdhcp '1'
        option boguspriv '0'
        option rebind_protection '0'
        option cachesize '2048'
        option min_cache_ttl '900'
        option filterwin2k '1'
        option localservice '0'
        option nohosts '1'
        option nonegcache '1'
        option strictorder '1'
        option allservers '1'
        list server ''

Thank you

There's an adblock package, you know...

1 Like


  • Usually there's no DHCP setting on WAN
  • Usually WAN cannot directly reach IPs at

i modified the post.

That's ok, the package is still there, no matter what.

The wan would be the other ethernet port which is connected to my home WIFI router...and the nanopi r4s acts as my dhcp/dns/gateway simply because the router I have sucks.

was referring to bind

I do not understand what you mean

What part of "there's an adblock package" don't you understand ?

and I don't understand what you mean. Did you read my post correctly? what!? what does that have to do with the post!?

It relates to this, but hey, go ahead and use the wrong tool for the job ...

so, should i use bind again?

Did I say that ?

Speak clearly and not in half terms! I don't speak English, genius!!!!

1 Like

You seem to know English figures-of-speech.

  • Use adblock package
  • Adblock can use dnsmasq
  • Information here
1 Like

Maybe I explained myself wrong. The dnsmasq configuration doesn't work for me! And adblbock has nothing to do with it! The problem is getting dnsmasq to work as DNS...that's it. The ads have nothing to do with it

It works as DNS by defualt. Try resetting your device.

Maybe kick unbound around, if you're already down the (less desirable) stubby path; should be a cake walk coming from bind.


I've already done this many times...but I can't format every time. I would like to understand the problem.

Since it works by default, I'd suggest checking Internet access.

Other suggestion, don't change the default config (as it works by default).