Your ISP would rain down fire and brimstone on you, if you'd dare to provide a DHCP-server on your wan interface (nor would they tolerate you to operate a DNS server on wan).
I think you guys all missed my point. I know that we should not run a DHCP server on WAN interface. What I wanted to ask is why we had to explicitly configure dnsmasq to ignore the interface? What if we delete the uci section config dhcp 'wan'. Shouldn't it be the same as ignoring?
Yes, having such things in my configuration file is an issue. I am using OpenWrt in an enterprise environment, with a lot of VLANs/subnets/interfaces defined in /etc/config/network. And in enterprise environment, I do not use DHCP for most subnets except for Wi-Fi.
If it is a requirement to explicitly instruct dnsmasq to ignore the interfaces, I have to write that a lot to match those defined in /etc/config/network. When the interfaces changes, I have to update /etc/config/dhcp too, and it is inconvenient.
It may serve as an additional protection when the firewall is disabled, or it is temporarily non-operational due to restarting the service/system, or configured with permissive upstream policy, and this is also required to create/resolve WAN FQDN:
BTW, odhcpd should ignore interfaces by default:
In theory, you can safely remove the DHCP WAN section when not using dnsmasq.