dnsmasq.conf.add not working on Guest Network Pro clients

[David Cavalli]

I have a couple of Guest Networks defined -- IoT, guest and "Bryan" (stepson). I define all permanent clients in my dnsmasq.conf.add file. "Guests" are irrelevant and never added as I use "on/off" for security and only really open it for parties. My IoT network is attached to the main subnet and seems to define things correctly, as it did when they were originally in the main network. The "Bryan" network acts differently now for some reason.

"Bryan" is a normal 5GHz network, with the LAN IP defined specifically as 192.168.55.1. It's defined so he can add/subtract units as he sees fit, without me having to maintain (or ever change) the main subnet password. He just has to eventually let me know the MAC addresses for each, so I can ensure that nobody foreign is online. I even map custom icons for each device (which works) so I can visually see it easier. I want to control the internal IP addresses for my hosts file, so I can name and access them easier. For the dnsmasq file, the "Bryan" entries are as follows (w/ MAC XX'd):

###----- Bryan devices
dhcp-host=70:48:XX:XX:XX:1E,BryanSwitchW,192.168.55.49,1440
dhcp-host=12:8C:4C:XX:XX:XX,BryanPhone,192.168.55.46,1440
dhcp-host=C0:BF:BE:XX:XX:XX,BryanChromebook,192.168.55.39,1440

When they were on the main subnet, they worked fine in dnsmasq. Now that they are on "55", they show up with random client numbers. For example, phone=192.168.55.190 and Switch=192.168.55.227. They show up acknowledged with the right MAC in the "Client List". Just wrong client numbers. Does the dnsmasq process happen before the creation of the Guest Networks? That's the only thing I could come up with.

Anyway, system running VERY stable right now for two days since 102.6 and back on trivial configuration issue fixes. Thanks in advance for any help / knowledge.

 

[dave14305]

Guest Network Pro networks with their own subnets have dedicated dnsmasq instances that have a number appended. Maybe yours is dnsmasq-1.conf.add

 

[David Cavalli]

Guest Network Pro networks with their own subnets have dedicated dnsmasq instances that have a number appended. Maybe yours is dnsmasq-1.conf.add

That's great news! What determines the '1' component? Order created? Any way to identify other than trial/error? I'll try '1' next boot, but if there's any way to research / identify which network "Bryan" is numerically, I can finish now. Thanks for giving me something to research!

 

[jksmurf]

That's great news! What determines the '1' component? Order created? Any way to identify other than trial/error? I'll try '1' next boot, but if there's any way to research / identify which network "Bryan" is numerically, I can finish now. Thanks for giving me something to research!

I am pretty sure it is SDN number i.e. follows order created; so be br52, br53 etc correspond to 1, 2 etc.

I think a very good resource on this is one from @bennor here:

Beta - Asuswrt-Merlin 3006.102.4 Beta is now available

So, I have a RT-AX88U Pro running 3004.388.8_4 And an Aimesh RT-AC86U running 3004.386.14_2 So, If I update the AX88U Pro to 3006, with AiMesh still work? I don't use any guest networks. Very similar setup here, with an RT-AX86U running 3004.388.8_4 and an RT-AC86U as the node. No guest...

www.snbforums.com

I went through all that a while back and had it working beautifully.

Saving the multiple DHCP Static Lists and Custom Client Lists from 3006 Routers with Guest Network Pro?

As noted a few times in various posts I’ve been using WinSCP and just saving several files from the router containing dhcp reservation details, then copying them back into /jffs/nvram, for many years, without issue. For one fixed DHCP list (under the LAN, DHCP tab) that 3004 FW had, it worked...

www.snbforums.com

However .... before you go down that dsnmasq-x.add.conf route, strongly consider installing @Martinski updated YazDHCP, which now does Guest Networks and is simply fantastic, it really is.

Stable from amtm, latest develop branch here:

YazDHCP - YazDHCP v1.2.3 [2025-Nov-07] - Feature expansion of DHCP assignments (increasing limit on the number of DHCP reservations)

This is a very good question. I always thought it was the GNP profile but as it is wired amd does not logon to any SSID, maybe it was always on the main. This would still not explain why it isn’t simply taking the assigned address though? If you configured the Guest Network Pro profile for Use...

www.snbforums.com

[EDIT] Note (as a separate FYI only):

• Regardless of VLAN ID or subnet, the br52, br53 order is sequential from those numbers (brtcl show).
• Apparently you can get a situation where you have br54 only, if e.g. you had br52, br53 and br54, then deleted the first two VLANs, you can end up with just br54...
• I am not sure what the dnsmasq-x.conf.add number would look like in that situation, whether it would be 3 or goes back to 1... maybe you will find out
  

 

[David Cavalli]

I think a very good resource on this is one from @bennor here:
[URL unfurl="true"]https://www.snbforums.com/threads/asuswrt-merlin-3006-102-4-beta-is-now-available.94366/post-951062[/URL]

I went through all that a while back and had it working beautifully.

Saving the multiple DHCP Static Lists and Custom Client Lists from 3006 Routers with Guest Network Pro?

As noted a few times in various posts I’ve been using WinSCP and just saving several files from the router containing dhcp reservation details, then copying them back into /jffs/nvram, for many years, without issue. For one fixed DHCP list (under the LAN, DHCP tab) that 3004 FW had, it worked...

www.snbforums.com

However ,,,before you go down that route, strongly consider installing @Martinski updated YazDHCP, which now does Guest Networks and is simply fantastic, it really is.

Stable from amtm, latest develop branch here:

YazDHCP - YazDHCP v1.2.3 [2025-Nov-07] - Feature expansion of DHCP assignments (increasing limit on the number of DHCP reservations)

This is a very good question. I always thought it was the GNP profile but as it is wired amd does not logon to any SSID, maybe it was always on the main. This would still not explain why it isn’t simply taking the assigned address though? If you configured the Guest Network Pro profile for Use...

www.snbforums.com

Ironically, I've been reading all of those posts, once I saw the dnsmsq-INDEX concept. Unfortunately, almost ALL of that level of "technical" means nothing to me just reading it, so far. I manually just have the config files behind the scenes along with the GUI created Guest Network Pro items. In general, working great, and even got the IoT VLAN working somehow! Trying to keep up with all that's available, but hard to do without inital simple instructions. For example, the sentence with "...installing @Martinski updated YazDHCP..." is probably very helpful, but only if you have any context on what any of that means.

 

[David Cavalli]

I am pretty sure it is SDN number i.e. follows order created; so be br52, br53 etc correspond to 1, 2 etc.

So given my GNP configuring in the GUI, and assuming "BR52" relates to the "VLAN" I see in my picture "52", Bryan (VLAN 53) would be "3" then, so I should use dnsmasq-3.conf.add?

 

[jksmurf]

So given my GNP configuring in the GUI, and assuming "BR52" relates to the "VLAN" I see in my picture "52", Bryan (VLAN 53) would be "3" then, so I should use dnsmasq-3.conf.add?

Yes. If you created them in the order above, Bryan would be 3.
More on YazDHCP in the next post.

 

[jksmurf]

Ironically, I've been reading all of those posts, once I saw the dnsmsq-INDEX concept.

Excellent.

Unfortunately, almost ALL of that level of "technical" means nothing to me just reading it, so far.

OK, that's fair enough. We all start somewhere. What I was trying to get across though that YazDHCP is far less technical than fiddling around with dnsmasq-x.conf.add files and has some great advantages, IMO.
If you're willing to drop where you are (or complete it so you know what it looks like and that it works), I am sure you can go the YazDHCP Addon route very easily. You already get into the Router via SSH, access Dirs, create and populate files, so you are more than capable of installing YazDHCP, which is actually easier, IMO; and it has a WebGUI Tab of its own on the Router in the LAN/DHCP Tab....

I manually just have the config files behind the scenes along with the GUI created Guest Network Pro items. In general, working great, and even got the IoT VLAN working somehow!

If you wish to persist with dnsmasq-x.conf.add then one thing I found with it was that it did not work (it actually conflicted) in conjunction with the (up to 32) Manual Assignments that you can setup via each mini GUI menu in each VLAN Profile (you do know about these presumably, limit 32 though...)

Trying to keep up with all that's available, but hard to do without inital simple instructions. For example, the sentence with "...installing @Martinski updated YazDHCP..." is probably very helpful, but only if you have any context on what any of that means.

I can walk you through it if you like. Do you use any addons at all; access amtm?

 

[David Cavalli]

Excellent.

OK, that's fair enough. We all start somewhere. What I was trying to get across though that YazDHCP is far less technical than fiddling around with dnsmasq-x.conf.add files and has some great advantages, IMO.
If you're willing to drop where you are (or complete it so you know what it looks like and that it works), I am sure you can go the YazDHCP Addon route very easily. You already get into the Router via SSH, access Dirs, create and populate files, so you are more than capable of installing YazDHCP, which is actually easier, IMO; and it has a WebGUI Tab of its own on the Router in the LAN/DHCP Tab....

If you persist dnsmasq-x.conf.add then one thing I found with it hat it did not work in conjunction with the (up to 32) Manual Assignments taht you can setup via each mini GUI menu in each VLAN Profile (you do know about these presumably, limit 32 though...)

I can walk you through it if you like. Do you use any addons at all; access amtm?

I can't even respond to your post apparantly. (See #9). But I learned UNIX in '85 @ Berkeley, have extensive use of multilpe Linux varieties for local servers and can maintain them from my windows computer easy enough (VNC, SSH, etc.).

Anyway, onward. "Addons". "amtm". No. Never knew about / needed / used it before. Smart enough to figure things out fast though. amtm seems to be a script that self-installs on the server. I think I've now done that and have the latest thing working. I've even listed all "available scripts" and now "YazDHCP" even means something, in that it is on the list...

The dnsmasq-x.conf.add concept (along with usericons, profile.add, hosts.add, etc) have served me well in that they easily backup and reinstall. I was able to have my new router up and running very fast because all these things were done with files that just needed to be added back in place.

However, I did *NOT* know that there was any limitation to manual assignments. I have MUCH more than 32 in my current dnsmasq.conf.add file and never had any problems. If the limit has something to do with the GUI, I have 0 entries in the GUI and maintain my dnsmasq (unlimited?) file accordingly. Same reason. Easy maintenance and forward compatibility with easy backup.

That hopefully levels up my level of (in?)competance. Bring on Yaz.

 

[jksmurf]

I can't even respond to your post apparantly.

Lol...

(See #9). But I learned UNIX in '85 @ Berkeley, have extensive use of multilpe Linux varieties for local servers and can maintain them from my windows computer easy enough (VNC, SSH, etc.).

Super. I am just a user that sort of stumbles around in trial and error mode most of the time, so you're all over it on that front. All good stuff.

Anyway, onward. "Addons". "amtm". No. Never knew about / needed / used it before. Smart enough to figure things out fast though.

Cool.

amtm seems to be a script that self-installs on the server. I think I've now done that and have the latest thing working. I've even listed all "available scripts" and now "YazDHCP" even means something, in that it is on the list...

Very cool.

The dnsmasq-x.conf.add concept (along with usericons, profile.add, hosts.add, etc) have served me well in that they easily backup and reinstall. I was able to have my new router up and running very fast because all these things were done with files that just needed to be added back in place.

Yes, that is true. And you can drag and drop them back with WinSCP, which is what I did when I used them.
YazDHCP I think is a sort of WebGUI assisted version of this, where you can save the same, and backup icons.
With some nice colours too, if that turns your crank.

However, I did *NOT* know that there was any limitation to manual assignments.

That limitation is not with dnsmasq-x.conf.add; sorry things ran into each other a bit there.
Rather, it is The WebGUI versions (Asus and Merlin, see below) have that limitation (or less, as I found out).
YazDHCP has 187.
dnsmasq-x.conf.add ... not sure. Many more than 32 for sure.

I have MUCH more than 32 in my current dnsmasq.conf.add file and never had any problems. If the limit has something to do with the GUI, I have 0 entries in the GUI and maintain my dnsmasq (unlimited?) file accordingly. Same reason. Easy maintenance and forward compatibility with easy backup.

That hopefully levels up my level of (in?)competance. Bring on Yaz.

Go for Yaz. I think it is the cat's pyjamas.

Note that it does NOT work with those dnsmasq-x.conf.add files, so dump (delete) them first, but keep a copy as after you install YazDHCP and export the csv template, you can use a wee bit of parsing in Excel (one off) and then copy the data from dnsmasq-x.conf.add files (pl) to the excel file, import via the WebGUI, done.

If your custom_client list is populated already for the MAC addreses and stock icons you should see names filter through too.

 

[jksmurf]

And.. if you want to have some fun with a custom_clientlist generator I cobbled together in Excel, have a wee look at this post.
It has (on one of the tabs) the source of the numbering of the icons that appears between the 'mysterious' syntax of the numerous "<" and ">" in custom_clientlist.

 

[David Cavalli]

Go for Yaz. I think it is the cat's pyjamas.

View attachment 68986

Installed it. From what I can see, it looks like the main function is to allow me to manually enter the information in a GUI, with a 140 max limit. It definately doesn't look "easier" to enter, if that's one of the benefits. As things stood, I just had to copy/paste from my hosts file to add one line to the dnsmasq one. It looks like there's a CSV way to import / export the information, but ultimately, it's just a different way to do something I already have (mostly, not Bryan) working... Any other advantages I might be missing?

I'm especially impressed with the amtm script overall though. Just installing it completely changed my GUI experience on the DHCP Server page. It looks like it somehow affects the user icons. Hopefully, it didn't mess up my icon hard links, but I have scripts that can put all that back fast if it did.

Also, what is the point of your two pictures? I see that you highlighted 0/32, but not sure if that is Yaz related, or showing me GUI-wise, 32 is the cap for GUI adding manual entries...

This gives me an entirely new set of things to look at. It's possible that many things I've done manually or created my own scripts to achieve might be in 'amtm'. Worth researching all the possibilities, but the wife is already giving me the side-eye...

Thanks for your time and help! This is the reason I've bought ASUS, specifically for the Merlin community. Take care and talk to you soon, I'm sure!

 

[David Cavalli]

And.. if you want to have some fun with a custom_clientlist generator I cobbled together in Excel, have a wee look at this post.
It has (on one of the tabs) the source of the numbering of the icons that appears between the 'mysterious' syntax of the numerous "<" and ">" in custom_clientlist.

And.. if you want to have some fun with a custom_clientlist generator I cobbled together in Excel, have a wee look at this post.
It has (on one of the tabs) the source of the numbering of the icons that appears between the 'mysterious' syntax of the numerous "<" and ">" in custom_clientlist.

It looks like we both look to do similar things but in an different way. I'm impressed with your scripts that look very user friendly. Pretty awesome. I'm sure very helpful.

I'm the guy who hates windows GUI and does a whole bunch of things still by writing DOS scripts. In Linux, I automate a ton of things with my own scripts, because I can reverse engineer things and optimize. Here's a post of how I handled the icons for each MAC, for instance - Custom logo icons for each device. Exceptionally NOT GUI / user friendly, but with tons of details on how I achieved import / export of icons. Anyway, want to be married tomorrow, so off I go! Nite!

 

[jksmurf]

Installed it. From what I can see, it looks like the main function is to allow me to manually enter the information in a GUI, with a 140 max limit. It definately doesn't look "easier" to enter, if that's one of the benefits.

At the top you will see Export to CSV button. Below it an Import.

So whilst you can enter the information manually, you can also populate (from your existign files) the csv and then import it.

IMO that is somewhat easier, with the data kept in a csv (import/export and manipulate) than several text files dnsmasq-x.conf.add.
I will admit if you're used to doing that you can keep doing that; as I said above it's a more WebGUI way to get the asignments into the Router. Plus you won't get the pretty colours.

It is however not limited to manually entering it in the WebGUI; you manually enter it (copy paste from your existing text files e.g.) into excel then import that into the WebGUI.
Same amount of work? Maybe; but only once...

As things stood, I just had to copy/paste from my hosts file to add one line to the dnsmasq one. It looks like there's a CSV way to import / export the information, but ultimately, it's just a different way to do something I already have (mostly, not Bryan) working... Any other advantages I might be missing?

It's all in one file; all in oen list. It is easy to identify with colour separations. Easy to check as it is on the WebGUI LAN page (you do nto have to go back to the files each time). More reservations than stock.

I'm especially impressed with the amtm script overall though. Just installing it completely changed my GUI experience on the DHCP Server page. It looks like it somehow affects the user icons. Hopefully, it didn't mess up my icon hard links, but I have scripts that can put all that back fast if it did.

I believe the icons are pulled from (a) Known parts of MACs XXD:EE especially if Asus equipment (b) the custom_clientlist file if they were already there and assigned.

Also, what is the point of your two pictures? I see that you highlighted 0/32, but not sure if that is Yaz related, or showing me GUI-wise, 32 is the cap for GUI adding manual entries...

Sorry that was to show that the GNP menu on the Router WebGUI has a built-in option to set manual assignments; for up to 32 devices. Built in, not Yaz.

This gives me an entirely new set of things to look at. It's possible that many things I've done manually or created my own scripts to achieve might be in 'amtm'. Worth researching all the possibilities, but the wife is already giving me the side-eye...

Head over to the Addons subforum... there are indeed some excellent addons. I use Diversion, SkyNet, Tailmon, MerlinAU, YazDHCP .. Shell History and Disk Health Check are built in.

Thanks for your time and help! This is the reason I've bought ASUS, specifically for the Merlin community. Take care and talk to you soon, I'm sure!

Pleasure. Hope you get it sorted out and humming along, whichever path you take.

 

[jksmurf]

It looks like we both look to do similar things but in an different way.

Oh yes, looking at that icon link.. that is so true.
We want the same end result but for sure, approaching it from a very different starting point.
My only formal computing experience was a TRS-80 at school and Fortran in 1st year at Uni, with punch cards.
My only foray into coding anything was Microbasic on a BBC Micro, then on some old IBM thing, then I must have written hundreds of macros in Windows Visual Basic, but that's about it.

So maybe dnsmasq-x.conf.add really is for you... me... I'm very happy with my colours.

I'm impressed with your scripts that look very user friendly. Pretty awesome. I'm sure very helpful.

Thank you. I figured if I wrote it for me and just one other person finds it useful, I am giving back. It's way too GUI for you though... .

I'm the guy who hates windows GUI and does a whole bunch of things still by writing DOS scripts. In Linux, I automate a ton of things with my own scripts, because I can reverse engineer things and optimize. Here's a post of how I handled the icons for each MAC, for instance - Custom logo icons for each device. Exceptionally NOT GUI / user friendly, but with tons of details on how I achieved import / export of icons. Anyway, want to be married tomorrow, so off I go! Nite!

Lol, Okey dokey, good luck with all that!

 

[dave14305]

but if there's any way to research / identify which network "Bryan" is numerically, I can finish now

If you run the get_mtlan command you will see all the GN pro networks enumerated. Find Bryan and look for the idx number. Not the easiest output to read, but it works.

 

[RMerlin]

That value is an internal index. You need to match it with the corresponding network to know which is which - @dave14305 's command will do that.

 

[rung]

I use the nvram variable "subnet_rl" to determine the GNP index among other info

 

[David Cavalli]

If you run the get_mtlan command you will see all the GN pro networks enumerated. Find Bryan and look for the idx number. Not the easiest output to read, but it works.

The get_mtlan command worked great. The name for both Guest and Bryan was "guest", but I found the idx quickly.

That value is an internal index. You need to match it with the corresponding network to know which is which - @dave14305 's command will do that.

Exactly! After running that command, I found the dhcp_min with the ".55." component and now have it. idx=4 in my case. Naming the dnsmasq accordingly.

Now just need a good time to reboot and test. Thanks everyone, for the knowledge!

 

[RMerlin]

Now just need a good time to reboot and test. Thanks everyone, for the knowledge!

You should be fine just restarting dnsmasq, over SSH:

service restart_dnsmasq