Set up dhcp server rpi 3

I'm running openwrt on a raspberry pi 3 and I've been trying without success to enable/set up the dhcp server. there's no second router or other dhcp server involved, the rpi3 'is' the router and I'd like it also as a dhcp server I've set the wireless as an AP but it's not giving out addresses to clients that try to connect.
I've been trawling google but can't find the answers I need. Is there a dhcp file somewhere I could edit? I find the dhcp section in the gui confusing as well. thanks for any help

1 Like

where are the DHCP examples?
update: sorry I found them at https://openwrt.org/docs/guide-user/base-system/dhcp_configuration

but I still can't work out how to assign dhcp server to the wifi. all examples seem to only cater for the lan. I'm trying to connect a wireless client to the rpi3 AP but the rpi3 will not give out an ip address.

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
2 Likes

You assign a dhcp server to a network, and you assign the wifi to a network. That is the way to bring together wifi and dhcp.

4 Likes

It seems you misquoted me. I never said "DHCP examples" (yes, I see it in the link).

Nonetheless, @Stefan1 explained how to make a config. I hope you get it going!

Here's an example for LAN:

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
1 Like

thankyou is there an example config for dhcp wifi? or would one just use the above and substitute wifi for lan?

As you've been told by @Stefan1 above, there's no "special WiFi DHCP config". The config simply corresponds to the network you attached the WiFi to.

4 Likes
root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd24:8535:1964::/48'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '172.16.1.245'
        option netmask '255.255.0.0'
        option ip6assign '60'
        option ifname 'eth0'

config interface 'wan'
        option proto 'pppoe'
        option ifname 'eth1'
        option username '<my username>'
        option password '<password>'
        option peerdns '0'
        option dns '8.8.8.8 8.8.4.4'
        option type 'bridge'

config interface 'wlan0'
        option proto 'static'
        option type 'bridge'
        option netmask '255.255.255.0'
        option ipaddr '192.168.0.2'
root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/soc/3f300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
        option htmode 'HT20'
        option cell_density '0'
        option country 'GB'

config wifi-iface 'wifinet0'
        option device 'radio0'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'psk'
        option key '<key>'
        option network 'wlan0 wan'
root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        list server '8.8.8.8'
        list address '192.168.0.10'
        list address '192.168.0.20'
        option authoritative '1'
        option logqueries '1'
        option local '/wifi/'
        option domain 'wifi'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'
        option ra_maxinterval '600'
        option ra_mininterval '200'
        option ra_lifetime '1800'
        option ra_mtu '0'
        option ra_hoplimit '0'
        option ra_management '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config host
        option name 'dell-tower'
        option mac '<mac-address>'
        option ip '192.168.0.11'
        option leasetime '60'
root@OpenWrt:~# cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'lan2'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

config zone
        option name 'lan2'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config forwarding
        option src 'lan2'
        option dest 'wan'

You have defined WAN and WLAN as two different interfaces with different configurations. Then you try to configure WIFINET0 over both of them simultaneously. What are you trying to accomplish here?

4 Likes

I'm just trying to get dhcp server to work on the rpi3 wifi AP. I know its a bit of a mess but I've been trying different things without success.

The question is: what is the purpose of the WLAN0 network? do you want your wireless clients to be connected to the LAN, WAN, or WLAN0 network?

3 Likes

@neuronetv normally the LAN and WLAN are assigned to the same interface. This allows devices either connected via WLAN or LAN cable to communicate with each other.

With your current config you have a interface for the LAN and a separate interface for the WLAN. Devices connected through the WLAN are therefore not in the same network/subnet as devices connected through the LAN cable

Now, are you trying to achieve the scenario I described at the top or are you trying to achieve something else?

2 Likes

I'd like two seperate interfaces. I'd like wired devices to connect to eth0 on 172.16.1.x/16 (without dhcp) and wireless devices to connect to the wifi on 192.168.0.x/24. I'd like the dhcp server to work on 192.168.0.x/24, the 172.16.1.x/16 subnet doesn't matter, they are all static ip machines. I'd like both subnets to connect to the internet via eth1 which is the WAN port. As I'm new to openwrt I don't know if this is something it can or can't do.

My suggested solution would be the following:

/etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd24:8535:1964::/48'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '172.16.1.245'
        option netmask '255.255.0.0'
        option ip6assign '60'
        option ifname 'eth0'

config interface 'wan'
        option proto 'pppoe'
        option ifname 'eth1'
        option username '<my username>'
        option password '<password>'
        option peerdns '0'
        option dns '8.8.8.8 8.8.4.4'
        option type 'bridge'

config interface 'wlan0'
        option proto 'static'
        option type 'bridge'
        option netmask '255.255.255.0'
        option ipaddr '192.168.0.1'

IP address on "wlan0" interface changed to 192.168.0.1


/etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/soc/3f300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
        option htmode 'HT20'
        option cell_density '0'
        option country 'GB'

config wifi-iface 'wifinet0'
        option device 'radio0'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'psk'
        option key '<key>'
        option network 'wlan0'

option network changed from "wlan0 wan" to "wlan0"


/etc/config/dhcp

config dnsmasq
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        list server '8.8.8.8'
        list address '192.168.0.10'
        list address '192.168.0.20'
        option authoritative '1'
        option logqueries '1'
        option local '/wifi/'
        option domain 'wifi'

config dhcp 'wlan'
		option interface 'wlan0'
		option start '100'
		option limit '150'
		option leasetime '24h'

config dhcp 'lan'
        option interface 'lan'
        option ignore '1'  

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '1'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config host
        option name 'dell-tower'
        option mac '<mac-address>'
        option ip '192.168.0.11'
        option leasetime '60'

added dhcp on interface "wlan0" and disabled on interface "lan"


/etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wlan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
		list network 'wlan0'


config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config forwarding
        option src 'wlan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

network "lan2" removed from zone "lan", changed zone and forwarding for "lan2" to "wlan" (I guess "lan2" should be the wlan?)

1 Like

thankyou for these configs asfp however the wireless will still not work properly, no matter what it will not give out an ip address to any client that tries to connect. maybe I'm trying to do something that openwrt simply can't do. for the time being I'm giving up on openwrt.

Are you working with the LuCI WebInterface?

If so you may could share some screenshots from the WLAN interface and your firewall settings. It probably would be easier for me to spot any misconfiguration as I'm primarily working via LuCI.

maybe this would be a good place to start

i am using rpi 3b+ as wired network controller only because its radio is fairly weak