I've switched to unbound and uninstalled dnsmasq, odhcp-ipv6 and installed odhcp full
Currently trying trying to create a separated interface for a SSID to isolate IoT things, but this interface can't get DHCP or DNS to work.
Devices in this isolated SSID fails to connect (dhcp)
uci show dhcp
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv4='server'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.lan.ra_slaac='1'
dhcp.lan.ra_flags='managed-config' 'other-config'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.leasefile='/var/lib/odhcpd/dhcp.leases'
dhcp.odhcpd.leasetrigger='/usr/lib/unbound/odhcpd.sh'
dhcp.odhcpd.maindhcp='1'
dhcp.ivlan2=dhcp
dhcp.ivlan2.interface='ivlan2'
dhcp.ivlan2.start='100'
dhcp.ivlan2.limit='150'
dhcp.ivlan2.leasetime='12h'
dhcp.ivlan2.dhcp_option='6,192.168.1.1'
ca-bundle, unbound-daemon and unbound-control installed
network
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
onfig interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option norelease '1'
option peerdns '0'
config device
option type '8021q'
option ifname 'br-lan'
option vid '2'
option name 'br-lan.2'
option mtu '1492'
option ipv6 '1'
option mtu6 '1492'
config interface 'ivlan2'
option proto 'static'
option device 'br-lan.2'
list ipaddr '192.168.2.0/24'
dhcp
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option leasefile '/var/lib/odhcpd/dhcp.leases'
option leasetrigger '/usr/lib/unbound/odhcpd.sh'
option maindhcp '1'
config dhcp 'ivlan2'
option interface 'ivlan2'
option start '100'
option limit '150'
relevant firewall
config zone
option name 'vlan2'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'ivlan2'
config rule
option name 'allow-dns-dhcp'
option src 'vlan2'
option dest_port '53 853 67-68 546-547'
option target 'ACCEPT'
and unbound
config unbound 'ub_main'
option add_extra_dns '0'
option add_local_fqdn '1'
option add_wan_fqdn '0'
option dhcp_link 'odhcpd'
option dns64 '0'
option domain 'lan'
option domain_type 'static'
option edns_size '1232'
option extended_stats '0'
option hide_binddata '1'
option interface_auto '1'
option listen_port '53'
option localservice '1'
option manual_conf '0'
option num_threads '1'
option protocol 'ip6_prefer'
option rate_limit '100'
option rebind_localhost '0'
option rebind_protection '1'
option recursion 'passive'
option resource 'tiny'
option root_age '9'
option ttl_min '120'
option ttl_neg_max '1000'
config zone
option enabled '1'
option fallback '0'
option tls_index '****.dns.nextdns.io'
option tls_upstreamn '1'
option tls_port '853'
option zone_type 'forward_zone'
list server '2a07:a8c0::0'
list server '2a07:a8c1::0'
list server '45.90.28.0'
list server '45.90.30.0'
option dns_assist 'none'
option tls_upstream '1'
list zone_name '.'
just to confirm, listening services:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3021/uhttpd
tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN 24199/unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 24199/unbound
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3021/uhttpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4120/dropbear
tcp 0 0 ::1:8953 :::* LISTEN 24199/unbound
tcp 0 0 :::80 :::* LISTEN 3021/uhttpd
tcp 0 0 :::53 :::* LISTEN 24199/unbound
tcp 0 0 :::443 :::* LISTEN 3021/uhttpd
tcp 0 0 :::22 :::* LISTEN 4120/dropbear
udp 0 0 0.0.0.0:53 0.0.0.0:* 24199/unbound
udp 0 0 0.0.0.0:67 0.0.0.0:* 10816/odhcpd
udp 0 0 :::546 :::* 16556/odhcp6c
udp 0 0 :::546 :::* 15881/odhcp6c
udp 0 0 :::547 :::* 10816/odhcpd
udp 0 0 :::53 :::* 24199/unbound