Custom DNSv6 server


I’m trying to announce a custom DNSv6 server via DHCP. I have tried the following /etc/config/dhcp:

config dhcp 'lan'
    option interface 'lan'
    option start '10'
    option limit '200'
    option ra_management '1'
    list dns ''
    list dns 'fda6:7d51:ff03:0:xxx:xxx:xxx:xxx'
    list domain ''
    option ra 'server'
    option dhcpv6 'server'
    option ignore '0'
    option leasetime '3600'
    list dhcp_option '6,'
    list dhcp_option '23,[fda6:7d51:ff03:0:xxx:xxx:xxx:xxx]'

But my clients still get the IP address of the Omnia as DNSv6 server. What am I doing wrong?

I think you need to add new firewall rule/s.

Hm. How would such a rule look like?

Maybe something like this:

config rule
	option name 'blabla dns'
	option dest_port '53'
    option dest_ip ''
	option src 'blabla'
	option target 'ACCEPT'

Hm I don’t really get it. Omnia is already announcing an DNSv6 address to clients - it’s own. Why is a firewall rule needed to announce a different address?

Announcing is one thing accessing is another thing.

But how should a firewall rule make the DHCP server announce different things? Announcing should be the first step, right?

Also, wenn I configure the address manually on clients, it works. Why do you think this is a firewall issue?

1 Like

Actually we don’t know anything about your network configuration, dns resolver configuration etc.
Firewall rule will be needed for other subnets if you have any, eg guest. Even for dhcp.

Btw where is your custom dns server? Is it on the router or another pc etc? By default knot resolver listens at 53 so where does your dns server listen?
Knot or whatever resolver, you need to configure it properly to forward to your custom dns server.

Something like this in dhcp cfg, assuming custom server is installed on the router and listens at 5353:
list server ‘’
list server ‘0::1#5353’

Nit: please, don’t deploy DNS on 5353. That’s really confusing, as it’s the default port for mDNS/avahi which even has a similar but different protocol.


My DNS server is AdGuard and it’s running on a Proxmox LXC container in the same subnet on port 53. Currently it’s configured as upstream resolver for Knot, but I want clients to directly use it. So I want dnsmasq to announce it as DNS server. It already works for IPv4, but not for IPv6.

Your initial question was misleading “custom dns server”.

Anyway you may inspire about dhcp/firewall etc configuration from this:

I had similar problems, as soon as I started changing things, somehow the standard “list dns” options didn’t work anymore as expected. I had to explicitly send DHCP announcement packages myself with “list dhcp_options”.

Also there is to be considered, that IPv4 DHCP is provided by DNSMASQ while IPv6 router advertisments and or DHCPv6 is provided by ODHCPD, though they use the same config file “/etc/config/dhcp” it helped me going trough the options described in the OpenWrt Wiki for both packages and the IANA documentation about DHCP option numbers.

Here is what I have in my /etc/config/dhcp file:

  config odhcpd 'odhcpd
      option legacy '0'
      option maindhcp '0'
      option leasefile '/tmp/hosts/odhcpd'
      option leasetrigger '/usr/sbin/odhcpd-update'
      option loglevel '4'

config dhcp 'lan'
	  option interface 'lan'
	  option force '1'
	  option dhcpv6 'server'
	  option ra 'server'
	  option ra_management '1'
	  option ra_dns '1'
	  list ra_flags 'managed-config'
	  list ra_flags 'other-config'
	  option dhcpv6_na '1'
	  option dhcpv6_pd '1'
	  option start '100'
	  option limit '150'
	  option leasetime '12h'
	  list dns ''
	  list dns ''
	  list dns '2001:0DB8::4'
	  list dns '2001:0DB8::43'
	  list dhcp_option '2,3600'
	  list dhcp_option '4,'
	  list dhcp_option '6,,'
	  list dhcp_option '42,'
	  list dhcp_option '100,CET-1CEST-2,M3.5.0/02:00:00,M10.5.0/03:00:00'
	  list dhcp_option '101,Europe/Zurich'
	  list dhcp_option '252,"\n"'
1 Like