SOLVED - Cannot get dcpd/odhcpd to run

dhcp/odhcpd is not answering queries/broadcasts and I cannot see why

Here is networks:


config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdfd:ec3f:3cf0::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config interface 'wan'
        option device 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth1'
        option proto 'dhcpv6'

config device
        option name 'eth1'
        option mtu '9000'
        option mtu6 '9000'

config device
        option name 'eth2'
        option mtu '9000'
        option mtu6 '9000'

config device
        option name 'eth3'

config device
        option name 'eth4'

config interface '10g'
        option proto 'bonding'
        option ipaddr '172.16.27.2'
        option netmask '255.255.255.0'
        option all_slaves_active '0'
        option link_monitoring 'mii'
        option miimon '0'
        option downdelay '0'
        option updelay '0'
        option use_carrier '1'
        list dns '172.16.27.1'
        list dns '8.8.8.8'
        list dns '4.2.2.2'
        option bonding_policy 'balance-rr'
        option packets_per_slave '1'
        list slaves 'eth1'
        list slaves 'eth2'
        option force_link '1'

config device
        option name 'bond-10g'
        option mtu '9000'
        option mtu6 '9000'

config route
        option interface '10g'
        option target '0.0.0.0/0'
        option gateway '172.16.27.1'

and here's the dhcp file:

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'
        option domain '<my domain name is here>'

config dhcp 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'
        option maindhcp '1'
        option dynamicdhcp '1'

config dhcp '10g'
        option interface '10g'
        option start '192'
        option leasetime '12h'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'
        option ra 'hybrid'
        option dhcpv6 'hybrid'
        option ignore '0'
        option dhcpv4 'server'
        option force '1'
        option limit '58'
root@OpenWrt:~# netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 172.16.27.2:53          0.0.0.0:*               LISTEN      2310/dnsmasq
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      2731/vsftpd
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      2310/dnsmasq
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2364/dropbear
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      2670/uhttpd
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      2670/uhttpd
tcp        0      0 fe80::f652:14ff:fee3:4e44:53 :::*                    LISTEN      2310/dnsmasq
tcp        0      0 ::1:53                  :::*                    LISTEN      2310/dnsmasq
tcp        0      0 :::22                   :::*                    LISTEN      2364/dropbear
tcp        0      0 :::443                  :::*                    LISTEN      2670/uhttpd
tcp        0      0 :::80                   :::*                    LISTEN      2670/uhttpd
root@OpenWrt:~# lsof -i :67
root@OpenWrt:~# lsof -i :68
root@OpenWrt:~# 
root@OpenWrt:/etc/config# cat firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network '10g'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

Maybe I've misunderstood 'limit', buit I've tried it as '250' (range 192 to 250) and as '58' with no behavior change.

The basic issue is that the server is not answering either broadcast or direct on port.
Any pointers on where I've screwed this up?

Thanks in advance (firewall file added)

let's see your firewall file.

I edited the OP above to include the fw.
'10g' is included in the LAN zone

limit is the size of the pool, so something in the neighborhood of 58 is correct.

I see you have eth1 both in the bond and also directly used as wan, that is not going to work.

Other than that I don't know anything about bonding and would naturally suggest to remove that for now. I think the new syntax of bonding is within a config device stanza since it is a layer 2 operation.

You could also differentiate if it is a DHCP problem or a general network issue by temporarily configuring a static IP on the other end.

1 Like

This should be in wan. Note that multiple DNSs listed this way are a failover configuration. It will not work the way you may be hoping to use the 172 one for local domains and the public ones for the rest of the Internet. The proper way to do that is to use list server lines in /etc/config/dhcp.

Using eth1 in the WAN was a mistake, thanks for spotting it.
It should have been eth3. I made that change.
There's no difference in behavior

Here's lsof:

root@OpenWrt:~# lsof | grep dhcp
odhcpd    2539    root  cwd       DIR                8,2     4096          2 /
odhcpd    2539    root  rtd       DIR                8,2     4096          2 /
odhcpd    2539    root  txt       REG                8,2    83017       1249 /usr/sbin/odhcpd
odhcpd    2539    root  mem       REG                8,2    73744        363 /lib/libgcc_s.so.1
odhcpd    2539    root  mem       REG                8,2    28874        369 /lib/libubus.so.20220601
odhcpd    2539    root  mem       REG                8,2    37586        657 /usr/lib/libnl-tiny.so
odhcpd    2539    root  mem       REG                8,2    41050        370 /lib/libuci.so
odhcpd    2539    root  mem       REG                8,2    45148        368 /lib/libubox.so.20220515
odhcpd    2539    root  mem       REG                8,2   480340        361 /lib/libc.so
odhcpd    2539    root    0r      CHR                1,3      0t0         35 /dev/null
odhcpd    2539    root    1w      CHR                1,3      0t0         35 /dev/null
odhcpd    2539    root    2w      CHR                1,3      0t0         35 /dev/null
odhcpd    2539    root    3u  a_inode                0,9        0         23 [eventpoll:4,9,11,13,14,15]
odhcpd    2539    root    4r     FIFO                0,8      0t0        330 pipe
odhcpd    2539    root    5w     FIFO                0,8      0t0        330 pipe
odhcpd    2539    root    6u     sock                0,6      0t0        331 protocol: UDP
odhcpd    2539    root    7r      CHR                1,9      0t0         32 /dev/urandom
odhcpd    2539    root    8u  netlink                         0t0        332 ROUTE
odhcpd    2539    root    9u  netlink                         0t0        333 ROUTE
odhcpd    2539    root   10r      REG               0,14        0 4026532179 /proc/2539/net/ipv6_route
odhcpd    2539    root   11r     FIFO                0,8      0t0        337 pipe
odhcpd    2539    root   12w     FIFO                0,8      0t0        337 pipe
odhcpd    2539    root   13u     unix 0x00000000b1e2042f      0t0        338 type=STREAM 
odhcpd    2539    root   14u     raw6                         0t0       3923 00000000000000000000000000000000:003A->00000000000000000000000000000000:0000 st=07
odhcpd    2539    root   15u     IPv6               3924      0t0        UDP *:dhcpv6-server 
odhcpd    2539    root   16u     unix 0x00000000306f957a      0t0        569 type=DGRAM

The DHCP server in a standard install is dnsmasq. It is used only for IPv4. OK I see you have maindhcp set to use odhcpd for v4. That requires replacing the odhcpd-ipv6only package with the full version. dnsmasq should remain installed and enabled for its DNS functions.

Though I still wonder if interface 10g works at all.

I am using the bond-10g interface directly with no issues at all. I'm talking to the gui over that port and it works fine. I'm also able to test that it is in fact providing rr bonding correctly.

Thanks for catching that! I'm replacing it with the full odhcpd - your suggestion worked perfectly. it's fixed! Thanks!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.