Setting up two DHCP servers on two interfaces

Hi all,

I have a device with several independent network interfaces and I am trying to setup two DHCP servers in two of them, and I want them to provide IP addresses in different range. I have set 3 interfaces as follows:

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdd6:1dcb:0eab::/48'

config interface 'wan'
        option ifname 'eth1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.200.6'

config interface 'Bridge'
        option proto 'static'
        option ifname 'eth0 eth1'
        option type 'bridge'
        option netmask '255.255.255.0'
        option ipaddr '192.168.10.1'

config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.100.6'
        option netmask '255.255.255.0'

If I set the DHCP server on the bridge interface and set "ignore" on the DHCP servers tab of the wan/lan interfaces, I get IP on the clients but on the bridge interface network range. When I try the following configuration it does not reply to any request on any interface:

root@OpenWrt:~# uci show dhcp
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.instance='lan_dns'
dhcp.lan.start='100'
dhcp.lan.leasetime='12h'
dhcp.lan.limit='150'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.instance='wan_dns'
dhcp.wan.start='100'
dhcp.wan.leasetime='12h'
dhcp.wan.limit='150'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
dhcp.lan_dns=dnsmasq
dhcp.lan_dns.domainneeded='1'
dhcp.lan_dns.localise_queries='1'
dhcp.lan_dns.rebind_protection='1'
dhcp.lan_dns.rebind_localhost='1'
dhcp.lan_dns.local='/lan/'
dhcp.lan_dns.domain='lan'
dhcp.lan_dns.expandhosts='1'
dhcp.lan_dns.authoritative='1'
dhcp.lan_dns.readethers='1'
dhcp.lan_dns.leasefile='/tmp/dhcp.leases.lan'
dhcp.lan_dns.resolvfile='/etc/resolv.conf.lan'
dhcp.lan_dns.interface='lan'
dhcp.lan_dns.localservice='0'
dhcp.wan_dns=dnsmasq
dhcp.wan_dns.domainneeded='1'
dhcp.wan_dns.localise_queries='1'
dhcp.wan_dns.rebind_protection='1'
dhcp.wan_dns.rebind_localhost='1'
dhcp.wan_dns.local='/wan/'
dhcp.wan_dns.domain='wan'
dhcp.wan_dns.expandhosts='1'
dhcp.wan_dns.authoritative='1'
dhcp.wan_dns.readethers='1'
dhcp.wan_dns.leasefile='/tmp/dhcp.leases.wan'
dhcp.wan_dns.resolvfile='/etc/resolv.conf.wan'
dhcp.wan_dns.interface='wan'
dhcp.wan_dns.notinterface='loopback'
dhcp.wan_dns.logqueries='1'
dhcp.wan_dns.localservice='0'

What am I missing / doing wrong? Any tips would be appreciated :slight_smile:

Many thanks!

hmmmmm.... why have have you done this... dhcp servers imply isolated broadcast domains... bridges do not...

1 Like

Many thanks for your reply!
That was left there as it was on the default configuration of OpenWRT (I am pretty new to it, hence I may be missing some basic stuff).

Removing the bridged interface effectively fixes the DHCP issue but now I am unable to route between both interfaces (which I had assumed was the reason for the bridged interface). I have enabled forwarding and masquerading between both areas (wan and lan, 1 interface each), do I need to set up static routes for this?

Thanks again for your help!

routers route... directly connected networks go automatically into the routing table... your issue is your firewall or gateway assignments...

are you masquerading / firewalling on 'wan' for a particular reason?

1 Like

Maybe you need to take a step back and explain what are you trying to accomplish here.
If I understand properly, your router has a wan interface under eth1 and a lan interface under eth0.
By default wan is supposed to be the upstream interface to the interface, that's why it has NAT/masquerade enabled and is blocking most of the inbound traffic. lan on the other hand is used to connect your devices, is open to all traffic, and is allowed to forward packets to the wan.
The bridge interface you created was obviously a mistake.

3 Likes

Remove the bridge. That is not how data gets from the LAN to the WAN. The default setup, which you should use and understand first, is already set up to make routes and firewall rules to forward from lan to wan.

If you static IP the WAN you also need to configure the gateway IP, which is the next router on the path to the Internet. Typically that machine is owned by the ISP, so you have to find out its IP address from them. Also you need to specify a DNS server. If supported by the ISP, dhcp or pppoe on the WAN allows the ISP to push those settings to your router so you don't have to set them directly.

2 Likes

Thanks all for your help.

Yes removing the bridge and adding the proper gateways manually along with their metrics and routes in some cases fixed the issue. The only thing I have still to figure out is how to handle DNS requests which I intend (if possible) to delegate to another network.

I believe that I approached OpenWRT with the wrong idea - I was wrongly expecting some kind of plug and play routing and handling of DHCP servers, but now I believe I am starting to understand it.

Thanks again for your help!

If the network on wan port is offering DHCP, then it is plug 'n' play.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.