[SOLVED] Want to convert from KEA/Unbound to dnsmasq (for DHCP and DNS), but can't!

[Drinyth]

@Drinyth - are you running multple Vlans.  If you disable dnsmasq, re-enable kea dhcp4 does kea re-insert fw rules in vlans? After resetting back to dnsmasq, does dnsmasq reinstall fw rules on vlans?

Yes. I'm running multiple VLANs here.

If I disable dnsmasq, all of the firewall rules that were set for it get removed. Enabling KEA will insert the KEA firewall rules in the VLANs. Removing KEA will remove the firewall rules. And lastly, turning dnsmasq back on will put the dnsmasq firewall rules back in for all VLANs.

[davidfi01]

Intersting.  I only see 3 rules created by dnsmasq in the LAN vlan.  No rules are created in any of the other vlans.  Are you using static addresses or only dhcp?

[meyergru]

@davidfi01: Are you aware that DNSmaq DNS and DHCP interfaces are a different thing (just asking)?

FWIW: When you enable the "advanced options" switch, you will see a list of interfaces that are not bound to DHCP.

[davidfi01]

OMG .... Thanks for this response!!!

Yes, I understand diff between dns & dhcp.

NO, I was unaware that the advanced settings had "interface NO DHCP" option. Of course all my vpn interfaces were listed there.  As soon as I removed them, guess what....? Problem solved. 

Not sure how those got set as I never used the advanced interface option.  Don't recall seeing any description of advanced interface options in opnsense
 documentation.

As soon as I removed the vlans from "interface no dhcp" dns/dhcp started working.

THANK YOU!!!

D

[djr92]

Fixed my issue also. I stumbled on this earlier today and I came here to post the update. All the interfaces I had selected were automatically also selected for "no DHCP" option and hidden in the advance toggle switch. Once I deselected all of them, my leases started working.