leaky dhcp server

[qwertybyrd]

Hi there...

I have a RT-N16 running merlin 378.50.

I have a DNS and DHCP server on my local network, and I want to have a guest wireless network. I collected various bits of info by googling, and got something that works, sort of. The internal wireless works fine, and the guest network works fine, but even though ( I think ) I am only letting the router give out IP addresses to the guest network, it seems to be responding on the wired network. my dnsmasq.conf is below:

pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=wl0.1
no-dhcp-interface=ppp1*
no-dhcp-interface=vlan1
resolv-file=/tmp/resolv.conf
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
dhcp-range=wl0.1,192.168.101.200,192.168.101.254,255.255.255.0,86400s
dhcp-option=wl0.1,3,192.168.101.1
dhcp-option=wl0.1,6,8.8.8.8,8.8.4.4
dhcp-option=wl0.1,252,"\n"
dhcp-lease-max=wl0.1,53
except-interface=br0
no-dhcp-interface=br0

some additional questions:

I have also not been able to find anything to indicate which SSID is associated with which interface - is there a config/command to look this up?

My understanding of the jffs/configs folder is that it is used in place of the one in /etc. In troubleshooting, I went to the web page and turned off the dhcp server. this seemed to work, and the setting stuck when I returned, but my dnsmasq.conf file was unchanged. can someone clarify how this works?

Thanks

 

[kevindb]

Hi there...

I have a RT-N16 running merlin 378.50.

I have a DNS and DHCP server on my local network, and I want to have a guest wireless network. I collected various bits of info by googling, and got something that works, sort of. The internal wireless works fine, and the guest network works fine, but even though ( I think ) I am only letting the router give out IP addresses to the guest network, it seems to be responding on the wired network. my dnsmasq.conf is below:

pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=wl0.1
no-dhcp-interface=ppp1*
no-dhcp-interface=vlan1
resolv-file=/tmp/resolv.conf
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
dhcp-range=wl0.1,192.168.101.200,192.168.101.254,255.255.255.0,86400s
dhcp-option=wl0.1,3,192.168.101.1
dhcp-option=wl0.1,6,8.8.8.8,8.8.4.4
dhcp-option=wl0.1,252,"\n"
dhcp-lease-max=wl0.1,53
except-interface=br0
no-dhcp-interface=br0

some additional questions:

I have also not been able to find anything to indicate which SSID is associated with which interface - is there a config/command to look this up?

My understanding of the jffs/configs folder is that it is used in place of the one in /etc. In troubleshooting, I went to the web page and turned off the dhcp server. this seemed to work, and the setting stuck when I returned, but my dnsmasq.conf file was unchanged. can someone clarify how this works?

Thanks

add 'log-dhcp' to dnsmasq.conf. This will log dhcp requests and responses to syslog. In that log you'll also see the 'tag/interface' on which the request/response is received/sent. That might give you some extra clues as to what is going on.

 

[john9527]

Hi there...
....
some additional questions:

I have also not been able to find anything to indicate which SSID is associated with which interface - is there a config/command to look this up?

nvram get wlifid_ssid

for example
nvram get wl0.1_ssid
will get the ssid for the first 2.4GHz guest network

My understanding of the jffs/configs folder is that it is used in place of the one in /etc. In troubleshooting, I went to the web page and turned off the dhcp server. this seemed to work, and the setting stuck when I returned, but my dnsmasq.conf file was unchanged. can someone clarify how this works?

The dnsmasq.conf in /etc is always the active conf file
- if dnsmasq.conf exists in /jffs/configs it is copied to /etc overwriting the system generated conf
- if dnsmasq.conf.add exists in /jffs/configs it's contents are appended to the the system generated conf in /etc
- if dnsmasq.postconf exists in /jffs/scripts it is executed to modify the contents of the system generated conf in /etc

Hope this helps.

 

[qwertybyrd]

add 'log-dhcp' to dnsmasq.conf. This will log dhcp requests and responses to syslog. In that log you'll also see the 'tag/interface' on which the request/response is received/sent. That might give you some extra clues as to what is going on.

Thank you. I have added that to my config file.

Is that the same log that is accessible from the web page? If so, it is showing the interface as br0, which I thought I already excluded in the config. It also shows that all of the requests are coming in over br0 whether wired or wireless.

 

[qwertybyrd]

nvram get wlifid_ssid

for example
nvram get wl0.1_ssid
will get the ssid for the first 2.4GHz guest network



The dnsmasq.conf in /etc is always the active conf file
- if dnsmasq.conf exists in /jffs/configs it is copied to /etc overwriting the system generated conf
- if dnsmasq.conf.add exists in /jffs/configs it's contents are appended to the the system generated conf in /etc
- if dnsmasq.postconf exists in /jffs/scripts it is executed to modify the contents of the system generated conf in /etc

Hope this helps.

Thank you.

re dnsmasq.conf: That matches what I thought I understood. I am guessing therefore, that when I turned off the dhcp server from the web page, it probably updated the config in /etc, which would then get overwritten on the next reboot, correct?

re nvram get xxx_ssid: That is very helpful, but leaves me more confused than before.
ifconfig shows:
br0
eth0
eth1
lo
vlan1
wl01.1

brctl shows:
vlan1
eth1
wl0.1

this all made sense, and led me to believe that the main wireless interface must be vlan1, but
nvram show | grep ssid:
wl0_ssid=MAIN
wl_ssid=MAIN
wl0.1_ssid=GUEST
wl1_ssid=ASUS_5G
that the main wireless interface would be called wl0 made sense from other things that I have read, but why doesn't is show up on the ifconfig list, and why does the bridge use vlan1 instead of wl0?

Is there someplace that describes how all of this works?

Thanks again to all who are helping me understand this!

 

[john9527]

Take a look at

nvram show | grep ifname

and see if that helps you to put it all together

 

[qwertybyrd]

Take a look at

nvram show | grep ifname

and see if that helps you to put it all together

Is there a document somewhere that describes what all of these nvram values actually mean?

wan_ifnames=eth0 ; okay, makes sense - which interfaces are on the wan
wan0_ifname=eth0 ; the name of one of the wan interfaces. Is this so that it can be referenced below?
wan0_gw_ifname=eth0; the wan gateway

lan_ifnames=vlan1 eth1 wl0.1 ; these interfaces are on the lan
lan_ifname=br0 ; why is this not listed above?

wl_ifname=eth1 ; wait - eth1 is a wireless interface?
wl_ifnames=eth1 ; if this is wireless, where are the 4 ethernet ports
wl_vifnames=wl0.1 ; wl0.1 is the guest network - where is the main (wireless) network?

wl0_ifname=eth1 ; second reference to the same interface?
wl0_vifnames=wl0.1 ; I could almost see it if the 2 vifnames had different values, but I'm lost here
wl0.1_ifname=wl0.1 ; tautology?

Also, the DHCP server is still answering queries over br0:
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPDISCOVER(br0) 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPOFFER(br0) 192.168.101.235 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPREQUEST(br0) 192.168.101.115 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPNAK(br0) 192.168.101.115 08:00:27:06:51:d2 wrong server-ID
Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPINFORM(br0) 192.168.101.119 90:fb:a6:df:11:32
Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPACK(br0) 192.168.101.119 90:fb:a6:df:11:32 foyle

Why is it giving an ACK to an address that's not even in its range?
ACK!

 

[RMerlin]

Is there a document somewhere that describes what all of these nvram values actually mean?

wan_ifnames=eth0 ; okay, makes sense - which interfaces are on the wan
wan0_ifname=eth0 ; the name of one of the wan interfaces. Is this so that it can be referenced below?
wan0_gw_ifname=eth0; the wan gateway

lan_ifnames=vlan1 eth1 wl0.1 ; these interfaces are on the lan
lan_ifname=br0 ; why is this not listed above?

wl_ifname=eth1 ; wait - eth1 is a wireless interface?
wl_ifnames=eth1 ; if this is wireless, where are the 4 ethernet ports
wl_vifnames=wl0.1 ; wl0.1 is the guest network - where is the main (wireless) network?

wl0_ifname=eth1 ; second reference to the same interface?
wl0_vifnames=wl0.1 ; I could almost see it if the 2 vifnames had different values, but I'm lost here
wl0.1_ifname=wl0.1 ; tautology?

eth0 = WAN
eth1 = Wifi 2.4 GHz
eth2 = Wifi 5 GHz
wifi0 = Wifi 5 GHz on the RT-AC87U

Also, the DHCP server is still answering queries over br0:
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPDISCOVER(br0) 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPOFFER(br0) 192.168.101.235 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPREQUEST(br0) 192.168.101.115 08:00:27:06:51:d2
Mar 5 08:32:45 dnsmasq-dhcp[415]: DHCPNAK(br0) 192.168.101.115 08:00:27:06:51:d2 wrong server-ID
Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPINFORM(br0) 192.168.101.119 90:fb:a6:df:11:32
Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPACK(br0) 192.168.101.119 90:fb:a6:df:11:32 foyle

Why is it giving an ACK to an address that's not even in its range?
ACK!

Read more closely, it said NACK.

 

[qwertybyrd]

eth0 = WAN
eth1 = Wifi 2.4 GHz
eth2 = Wifi 5 GHz
wifi0 = Wifi 5 GHz on the RT-AC87U




Read more closely, it said NACK.

Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPACK(br0) 192.168.101.119 90:fb:a6:df:11:32 foyle

but why is responding at all? - I don't even want it to be listening on that port. foyle is on the wired network.
What are the lan wired ports?

 

[RMerlin]

Mar 5 08:47:30 dnsmasq-dhcp[415]: DHCPACK(br0) 192.168.101.119 90:fb:a6:df:11:32 foyle

but why is responding at all? - I don't even want it to be listening on that port. foyle is on the wired network.
What are the lan wired ports?

Ports are part of a switch, they are not separate interfaces. They are part of the br0 bridge, like the two wireless interfaces.

 

[qwertybyrd]

Ports are part of a switch, they are not separate interfaces. They are part of the br0 bridge, like the two wireless interfaces.

I apologize if I am not using the correct terminology, but does that mean that the DHCP server cannot be configured so that it does not respond to requests coming in over the wired ethernet?