openwrt настройка dhcp сервера

OpenWrt Project

User Tools

Site Tools


Table of Contents

Конфигурация DNS и DHCP


Возможные для использования типы секций в конфигурационном файле dhcp определены далее. Не все типы могут быть использованы в файле и большинство из них требуются только для специальных случаев конфигурирования. Общие секции это Common Options, DHCP Pools и Static Leases.

Общие настройки

Тип конфигурационной секции dnsmasq определяет значения и опции относящиеся ко всем действиям dnsmasq, а также общие для всех обслуживаемых интерфейсов опции DHCP . В следующем списке перечислены все доступные опции, их значения по умолчанию, а также соответствующие опции командной строки dnsmasq. См. the dnsmasq man page для дополнительных подробностей.

Это настройки по умолчанию для общих опций:

All Options

Name Type Default Option Description
add_local_domain boolean 1 Add the local domain as search directive in resolv.conf.
add_local_hostname boolean 1 Add A and PTR records automatically for the local hostname.
addnhosts list of file paths (none) -H Additional host files to read for serving DNS responses
authoritative boolean -K Force dnsmasq into authoritative mode. This speeds up DHCP leasing. Used if this is the only server on the network
bogusnxdomain list of IP addresses (none) -B IP addresses to convert into NXDOMAIN responses (to counteract “helpful” upstream DNS servers that never return NXDOMAIN).
boguspriv boolean -b Reject reverse lookups to private IP ranges where no corresponding entry exists in /etc/hosts
cachelocal boolean 1 When set to 0 , use each network interface’s dns address in the local /etc/resolv.conf . Normally, only the loopback address is used, and all queries go through dnsmasq.
cachesize integer 150 -c Size of dnsmasq query cache.
dbus boolean -1 Enable DBus messaging for dnsmasq.
Standard builds of dnsmasq on OpenWRT do not include DBus support.
dhcp_boot string (none) Specifies BOOTP options, in most cases just the file name
dhcphostsfile file path (none) Specify an external file with per host DHCP options
dhcpleasemax integer 150 -X Maximum number of DHCP leases
dnsforwardmax integer 150 -0 (zero) Maximum number of concurrent connections
domain domain name (none) -s DNS domain handed out to DHCP clients
domainneeded boolean -D Tells dnsmasq never to forward queries for plain names, without dots or domain parts, to upstream nameservers. If the name is not known from /etc/hosts or DHCP then a “not found” answer is returned
ednspacket_max integer 1280 -P Specify the largest EDNS.0 UDP packet which is supported by the DNS forwarder
enable_tftp boolean Enable the builtin TFTP server
expandhosts boolean -E Add the local domain part to names found in /etc/hosts
filterwin2k boolean -f Do not forward requests that cannot be answered by public name servers
fqdn boolean Do not resolve unqualifed local hostnames. Needs domain to be set.
interface list of interface names (all interfaces) -i List of interfaces to listen on. If unspecified, dnsmasq will listen to all interfaces except those listed in notinterface .
leasefile file path (none) -l (ell) Store DHCP leases in this file
local string (none) -S Look up DNS entries for this domain from /etc/hosts . This follows the same syntax as server entries, see the man page.
localise_queries boolean -y Choose IP address to match the incoming interface if multiple addresses are assigned to a host name in /etc/hosts . Note well the spelling of this option.
logqueries boolean -q Log the results of DNS queries, dump cache on SIGUSR1
nodaemon boolean -d Don’t daemonize the dnsmasq process
nohosts boolean -h Don’t read DNS names from /etc/hosts
nonegcache boolean -N Disable caching of negative “no such domain” responses
noresolv boolean -R Don’t read upstream servers from /etc/resolv.conf
notinterface list of interface names (none) -I (eye) Interfaces dnsmasq should not listen on.
nonwildcard boolean -z Bind only configured interface addresses, instead of the wildcard address.
port port number 53 -p Listening port for DNS queries, disables DNS server functionality if set to 0
queryport integer (none) -Q Use a fixed port for outbound DNS queries
readethers boolean -Z Read static lease entries from /etc/ethers , re-read on SIGHUP
resolvfile file path /etc/resolv.conf -r Specifies an alternative resolv file
server list of strings (none) -S List of DNS servers to forward requests to. See the dnsmasq man page for syntax details.
strictorder boolean -o Obey order of DNS servers in /etc/resolv.conf
tftp_root directory path (none) –tftp-root Specifies the TFTP root directory
rebind_protection boolean 1 –stop-dns-rebind Enables DNS rebind attack protection by discarding upstream RFC1918 responses
rebind_localhost boolean –rebind-localhost-ok Allows upstream responses, required for DNS based blacklist services, only takes effect if rebind protection is enabled
rebind_domain list of domain names (none) –rebind-domain-ok List of domains to allow RFC1918 responses for, only takes effect if rebind protection is enabled

DHCP Pools

You can disable a lease pool for a specific interface by specifying the ignore option in the corresponding section.

A minimal example of a dhcp section is listed below:

Below is a listing of legal options for dhcp sections.

Name Type Required Default Description
dhcp_option list of strings no (none) The ID dhcp_option here must be with written with an underscore. OpenWrt will translate this to –dhcp-option, with a hyphen, as ultimately used by dnsmasq. Multiple option values can be given for this network-id, with a a space between them and the total string between “”. E.g. ‘26,1470’ or ‘option:mtu, 1470’ that can assign an MTU per DHCP . Your client must accept MTU by DHCP for this to work. Or “3, 6,” to give out gateway and dns server addresses.
dynamicdhcp boolean no 1 Dynamically allocate client addresses, if set to 0 only clients present in the ethers files are served
force boolean no Forces DHCP serving on the specified interface even if another DHCP server is detected on the same network segment
ignore boolean no Specifies whether dnsmasq should ignore this pool if set to 1
interface logical interface name yes (none) Specifies the interface associated with this DHCP address pool; must be one of the interfaces defined in /etc/config/network .
leasetime string yes 12h Specifies the lease time of addresses handed out to clients, for example 12h or 30m
limit integer yes 150 Specifies the maximum allowable address that may be leased to clients, calculated as network address + “start” + “limit”. The maximum number of leased addresses is limit+1
networkid string no (value of interface ) The dhcp functionality defined in the dhcp section is limited to the interface indicated here through its network-id. In case omitted the system tries to know the network-id via the ‘interface’ setting in this dhcp section, through consultation of /etc/config/network. Some IDs get assigned dynamically, are not provided by network, but still can be set here.
start integer yes 100 Specifies the offset from the network address of the underlying interface to calculate the minimum address that may be leased to clients. It may be greater than 255 to span subnets.

This departs from ‘ifname’ and ‘network’ as used in /etc/config/network and in /etc/config/wireless, so double check!

Static Leases

The configuration options in this section are used to construct a -G option for dnsmasq.

As well as adding host sections, you can also enable the dnsmasq section option readethers , and add entries to the /etc/ethers file.

DHCP OPTION example to set an alternative default gateway

You can specify an alternative default Gateway

use the list ‘dhcp_option’ ‘3,’ to set the default gateway. A list of options can be found here here

Booting Options

The configuration options in this section are used to construct a -M option for dnsmasq.

This tells the client to load pxelinux.0 from the server at, and mount root from /data/netboot/root on the same server.

Name Type Required Default Description
dhcp_option list of strings no (none) Additional options to be added for this network-id. If you specify this, you also need to specify the network-id.
filename string yes (none) The filename the host should request from the boot server.
networkid string no (none) The network-id these boot options should apply to. Applies to all clients if left unspecified.
serveraddress string yes (none) The IP address of the boot server.
servername string yes (none) The hostname of the boot server.

Classifying Clients And Assigning Individual Options

config classifier option classifiervalue‘ option networkid ‘network-id‘ list dhcp_option ‘DHCP -option

The placeholder classifier can be one of these values:

Classifier Description
mac Hardware address of the client
vendorclass String sent by the client representing the vendor of the client. dnsmasq performs a substring match on the vendor class string using this value.
userclass String sent by the client representing the user of the client. dnsmasq performs a substring match on the user class string using this value.
circuitid Matches the circuit ID as sent by the relay agent, as defined in RFC3046.
remoteid Matches the remote ID as sent by the relay agent, as defined in RFC3046.
subscrid Matches the subscriber ID as sent by the relay agent, as defined in RFC3993.

Using plain dnsmasq.conf

It is possible to mix the traditional /etc/dnsmasq.conf configuration file with the options found in /etc/config/dhcp .

The dnsmasq.conf file does not exist by default but will be processed by dnsmasq on startup if it is present. Note that options in /etc/config/dhcp take precendence over dnsmasq.conf since they are translated to command line arguments.

You can have dnsmasq execute a script on every action:

DNS and DHCP Ports


Static Lease (MAC address hot swap)

Define a static lease for a host with MAC addresses 00:a0:24:5a:33:69 and 00:11:22:33:44:55 (handy when you use both wired and wireless connection on the same computer/laptop — of course, you can use just one MAC address) and assign the IP address and the hostname example-host to it. We call this MAC address hot swap, since IP address stay same, but MAC address changes.


Windows 7 has introduced a new Microsoft-enhanced feature. It won’t assign IP address obtained from a DHCP server to an interface, if the IP was used before for another interface, even if that other interface is NOT active currently (i.e. cable disconnected). This behaviour is unique and was not reported for older Windows versions, Mac OS nor Linux.

If you try configure MAC address hot swap on your router, Windows 7 clients will end up in an infinite DORA loop.

Custom Domain

Note that this currently only works for IPv4 addresses and that this functionality is not present in release prior to 8.09.2 .



To specify that the web server also doubles as the FTP server (at least in name), one might use:


If you’re running the mail server for your domain behind a firewall (and therefore, with split-horizon for your own domain) then you might need to convince that mailer that it’s actually authoritative for your domain.

If sendmail tells you “Domain of sender address xxx@yyy.zzz does not exist” this is because it isn’t finding an MX record confirming that it’s an MX relay for that domain.

will mitigate the issues caused by split-horizon.


Читайте также:  neogate tg100 настройка с asterisk

Добавить комментарий