After update to TOS 5.0 dnsmasq run as DNS resolver, kresd blocked


today silently update my Omnia to TOS5. After reboot my DNS is broken because dnsmasq occupy the port 53 and is used as DNS resolver, instead of the kresd.

tcp 0 0* LISTEN 5298/lighttpd
tcp 0 0* LISTEN 5769/dnsmasq
tcp 0 0* LISTEN 5769/dnsmasq
tcp 0 0* LISTEN 5769/dnsmasq
tcp 0 0* LISTEN 5769/dnsmasq

in log i see:

err kresd[4713]: [system] bind to ‘’: Address in use

because kresd integration is something “hybrid” for TOS, I’m not able to find easily how selection of the preferred resolver is handled.

but in my /etc/config/resolver i have set:

option prefered_resolver ‘kresd’

How to get kresd back to work, please ?

I think the key here is configuring dnsmasq’s listening port to zero (a means to disable that). It’s probably doable in luci as well, but in /etc/config/dhcp in section config dnsmasq you should have a line option port '0'

It was not silent update, it was announced here on the forum as every each version which we are releasing. The updater checks every 4 hours if there is any update available. If it wasn’t for you at a suitable time, there are opinions in Updater tab from which you can choose what suits you best.

If you want to edit any file on your router, you need to have access to advanced administration which includes access to root and then you are becoming administration of the system. Didn’t you modify the dnsmasq configuration file? As root, you can do almost everything that you want and need to be careful as your changes can be to the system dangerous and this can happen no matter if it was a major release or not. It may be running fine until in upstream there is an updated package as it will overwrite your changes because the file which you were editing was not marked as a configuration file in the Makefile. This is happening on OpenWrt as well.

This happened to several people on this forum on earlier releases, who were editing files of dnsmasq, but we are not using dnsmasq as DNS resolver by default and we can not guarantee nor check any respond by community if it is correct or not and as well we don’t support switching DNS resolver.

For these cases, you might want to use for example something like opkg list-changed-conffiles.

Usually this helps me : in /etc/config/dhcp use port 0 ; in /etc/config/resolver use port 53 in kresd section and restart dnsmasq and resolver services.

foris vs luci

Usually when there is TOS update i have to check&change both configs on regular basis. When you do some changes (DHCP clients in DNS is on) in Foris/DNS section it will change the config accordingly (but only dhcp one). As resolver config is not changed together with dhcp you might end up with non working kresd.

There might be also issue(s) with dynamic-domains vs static-domains options in resolver uci config. Dynamic-domains=1 needs static-domains=0 to be present as well.

If you have kresd rundir on some persistent storage, you have to ensure that there is only one file for tty/control. If there are more, kresd is confused and not sure which sock should be used. With default location in /tmp, no need to worry.

Thank you - the port 0 does the trick.

I have been confused, because /etc/config/dhcp-opkg has disabled this option, then I thought that it is no longer necessary.

Additionally the update completely killed my SSH config of the lighttpd, but it can be fixed easily :slight_smile:

Thank you all for the help

/etc/config/dhcp-opkg is not used. /etc/config/dhcp is used, and the *-opkg file is there because you have modified the original file so it didn’t get overwritten.
You are advised to look at differences and change either file. I cleaned up my system by changing the -opkg to match snippets of my old configuration and renamed *-opkg files (without the -opkg).

The confusing thing here is that dhcp-opkg does not have this port '0' line (on current Turris 5.0.0).

Exactly. As @vcunat mentioned, on the TOS5 this line is missing, then during the merge, I have removed this line. And it’s brought me the problem. It’s what i mention in my previous post.

Just to clarify. It wasn’t present on Turris 4.0.x as well. I just checked that. This is done by resolver-conf in runtime so it is not in “default” state. Note that defaults are modified not only by resolver-conf but also by other OpenWrt scripts (such as uci-default scripts) and so you should not just blindly merge new and old configuration files unless you know what you are doing… well at least not with core router components such as network, firewall, dhcp and wireless.

Aha, that explains that. I see two solutions:

  1. configure “port 0” (or other than 53) in “dnsmasq” section in /etc/config/dhcp
  2. configure “port 0” (or other than 53) in “kresd” section in /etc/config/resolver.
    I currently use first possibility but I think about the latter, with alternative of uninstalling kresd later (if it’s possible).