What is the proper (ideally UCI) way of completely disabling DHCP and DNS servers that will survive accross updates?
Currently I have to manually remove /etc/resolv.conf and create a symlink pointing to /tmp/resolv.conf.auto instead of /tmp/resolv.conf otherwise dns resolution fails.
I also I have to perform
/etc/init.d/dnsmasq disable
/etc/init.d/odhcpd disable
even though I think I disabled everything through /etc/config/dhcp
Ideally I would stop the processes from running since I don't need them.
I don't want to create a custom firmware just for that. I don't think uninstalling is worthwhile since they will be reinstalled after every update and no space will be saved. Plus I might need them one day.
The thing bugging me the most is the resolv.conf thing. It could almost be considered a bug that DNS resolution fails by default with the provided /etc/config/dhcp even though valid DNS servers are received by the DHCP client.
I stop DHCP server. I keep the DHCP client running. They are not the same processes or configuration files.
Typical access point (not router) configuration.
I am trying to ping google.com from the openwrt device and it fails unless I do the resolv.conf hack described above. By default openwrt uses 127.0.0.1 as its DNS server. Obviously it fails in my case.
Are you talking about on the router, or on LAN clients???
On the router: You cannot ping a domain name from the server, since you've stopped the DNS server at 127.0.0.1. You will need to assign DNS servers to another interface, and specify that interface when testing ping, downloads, etc.
On LAN clients: you will have to statically address them. Use a Public DNS server, do not use 127.0.0.1, this is a Loopback Address and means "this host."
On the openwrt router, which I am configuring as a non-router, WiFi to Ethernet access-point / bridge only.
It works fine AFTER I make the resolv.conf hack. I was asking is there was a proper way of doing that with the UCI configuration system, that would survive across updates.
All my LAN clients work fine since they get their DHCP lease from another server.
thanks, but with this configuration the dumb AP itself isn't able to ping google.com (or to resolv any other DNS), as /etc/resolv.conf points to the wrong file
So at least the case of a disabled dnsamsq init script should work after a clean boot. I agree however that this would be no pure uci solution as the disable state is not yet conveyed in sysupgrades.
My attempt to shutdown dnsmasq uci-wise would be the following:
config dnsmasq
...
option port 0 # upstream suggested way to disable DNS service
option resolvfile /dev/null # stop mangling the /tmp/resolv.conf -> /tmp/resolv.conf.auto symlink
option nonwildcard 1 # stop listening on 0.0.0.0
list interface lo # only listen on loopback to get rid of DHCP service
...
I tried /etc/init.d/dnsmasq stop and it didn't restore a link between /tmp/resolv.conf and /tmp/resolv.conf.auto. They were still two different standard files, so there might be a bug there or something in my configuration was preventing the link to be restored.
However with your suggested configuration lines, after reboot the link is there (probably because of /etc/init.d/boot).
I still disable dnsmasq and odhcpd, which I don't need. But at least now even if I forget to disable them and change the /etc/resolv.conf symlink after an OS upgrade, my device is still able to resolve DNS now.
Wow, I don't understand how disabling the DHCP server it's so hard. On every comercial router all you have to do is flip a switch and let your own DHCP server do it's work.
Is this still the case? I don't want DNS or DHCP now on the router, but I want it to route and switch. Is this the only option today?