odhcpd icon indicating copy to clipboard operation
odhcpd copied to clipboard
verified publisher icon openwrt

odhcpd: supports rewrite DNS server to local IPv6 DNS server in relay mode

Open jjm2473 opened this issue 1 month ago • 7 comments

Just like server mode.

My ISP provides IPv6 DNS in the RA. In odhcpd relay mode, internal network devices use the IPv6 DNS advertised by the ISP, causing internal DNS requests to bypass OpenWRT's DNS server. Therefore, relay mode needs to support overriding the DNS server.

In relay mode, dns_service is false by default, so this change doesn't affect the original logic. A future PR will be given to LuCI to allow modification of dns_service in relay mode.

jjm2473 avatar Nov 24 '25 04:11 jjm2473

@Alphix @systemcrash can you take a look at this?

Noltari avatar Nov 25 '25 10:11 Noltari

This is a low-cost fix, but the initial post and commit message need rewriting to support the commit's reasoning.

It's possible to have dnsmasq capture everything on port (8)53 and send that upstream via DoH or whatever, but this might not be viable for everyone.

Maybe something like:

In odhcpd RA/DHCPv6 relay mode, downstream network devices receive the upstream IPv6 DNS. This commit enables overriding the DNS server in relay modes (with the exception of authenticated DHCPv6), whereby the local device is substituted as the DNS server. Since dns_service is false by default, this change does not affect the default behaviour.

systemcrash avatar Nov 25 '25 14:11 systemcrash

I was wrong. dns_service doesn't default to false. Switching the mode to relay on LuCI only hides the dns_service option; it doesn't become false.

If dns_service is not specified, it will always be true (in set_interface_defaults): https://github.com/openwrt/odhcpd/blob/650a5df88ebae82d956831c2f87c7c6eedd8c283/src/config.c#L329

jjm2473 avatar Nov 26 '25 03:11 jjm2473

Should we first enable LuCI to support configuring dns_service in relay mode? I want to override the ISP's IPv6 DNS with the local DNS in relay mode, which theoretically should be configured using dns_service.

jjm2473 avatar Nov 26 '25 03:11 jjm2473

Should we first enable LuCI to support configuring dns_service in relay mode? I want to override the ISP's IPv6 DNS with the local DNS in relay mode, which theoretically should be configured using dns_service.

I haven't looked into this in detail yet, but there's (from the top of my head) two options that are relevant.

One is if dns has been set explicitly, the other one is if dns_service has been set.

My main concern is not whether this makes sense...I agree that being able to override the ISP's DNS servers is desirable. It's more about what the cfg should look like and how it should behave, both in LuCI and in the cfg files.

(and forgive me if I missed something simple here...I haven't looked into the relevant parts of the code, I'm busy with other hacks)

Alphix avatar Nov 28 '25 18:11 Alphix

Hi @jjm2473 have you given this some more thought?

systemcrash avatar Dec 09 '25 15:12 systemcrash

Hi @systemcrash : This patch currently meets the needs of most users, but in relay mode, it overrides the DNS provided by the RA/DHCPv6 by default, which is different from before. However, I think this is reasonable because the description of dns_service in LuCI is 'Announce this device as IPv6 DNS server' It shouldn't differ based on server or relay mode.

This patch has another issue: it only overrides DNS provided by the upstream RA/DHCPv6. If the upstream RA/DHCPv6 itself doesn't provide DNS, then the downstream won't receive IPv6 DNS (it will generally fall back to IPv4 DNS).

Actually, for me, as long as it overridden the DNS provided by the ISP, even completely deleting it is fine, because the ISP-provided DNS allows OpenWrt's DNS to be bypassed by clients, which is the most important issue.

jjm2473 avatar Dec 09 '25 16:12 jjm2473