I have setup a mikrotik as DHCP server for my access point, everything (should be) has been setup including ip pool, etc.
One thing that make me confused is that every device can get the IP from the mikrotik but unable to surf to internet, but if i manually set the ip that i get from mikrotik previously to the device, and it can surf to internet.
Just wonder, why same ip (one through DHCP server and another using manual setup) can have different behaviour.
Any idea?
Check routes and firewall. You are maybe missing masquerade rule or the dns cache is off..
masquerade rule is there, as i mentioned above, same ip, same gateway, same dns server and different behaviour.
One that get from dhcp cant access to internet, while if manually setup it can access to internet.
Put export of dhcp here..
DHCP
# may/11/2016 12:40:44 by RouterOS 6.35.2
# software id = H2M6-0ZJB
#
/ip dhcp-server
add add-arp=yes address-pool="NET 100" disabled=no interface="Ether 3" lease-time=1d10m name="DHCP NET 100"
/ip dhcp-server network
add address=192.168.100.0/32 dns-server=202.155.0.10,202.155.0.15 gateway=192.168.100.1 netmask=24
FIREWALL
/ip firewall layer7-protocol
add name=Youtube regexp="^.+(c.youtube.com|googlevideo.com).*\$"
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established,related
add action=drop chain=input comment="default configuration" in-interface=ether1-gateway
add action=fasttrack-connection chain=forward comment="default configuration" connection-state=established,related
add chain=forward comment="default configuration" connection-state=established,related
add action=drop chain=forward comment="default configuration" connection-state=invalid
add action=drop chain=forward comment="default configuration" connection-nat-state=!dstnat connection-state=new in-interface=ether1-gateway
/ip firewall mangle
add action=mark-connection chain=forward layer7-protocol=*3 new-connection-mark="Utube Conn"
add action=mark-connection chain=prerouting layer7-protocol=Youtube new-connection-mark=Koneksi-Youtube protocol=tcp
add action=mark-packet chain=prerouting connection-mark=Koneksi-Youtube new-packet-mark=Paket-Youtube passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway
That is quite a small network isn’t it!!
It should of course be /24.
And how does your pool “NET 100” look?
Yep. The mask is small…
ip pool
add name=dhcp ranges=192.168.1.100-192.168.1.200
add name="NET 100" ranges=192.168.100.100-192.168.100.200
This is just a home network which wont be exceed 256 of hosts. mask should be /24 right? i mean something like 255.255.255.0 = /24
and something weird is that the mikrotik assign the ip in reverse order, mean it will assign 192.168.100.200 and the 192.168.100.199. Shouldn’t it assign starting from the small IP?
Yes. Then why did you put /32 there? That is a 1-host network…
and something weird is that the mikrotik assign the ip in reverse order, mean it will assign 192.168.100.200 and the 192.168.100.199. Shouldn’t it assign starting from the small IP?
I know it is annoying, but there is nothing wrong with that.
It is the way the Linux DHCP server did it for some time (first it started numbering from low, then some arbitrary
change was made in the code that made it numbering reverse, all comments about it were downplayed and
“it wasn’t going to change because it wasn’t worth the effort to look at it”, but as if by magic at some later
version it was fixed. But apparently MikroTik have not yet incorporated that version into RouterOS.
Maybe in RouterOS v7 
weird, where the /32 come from? i didn’t put it there.
as for the reverse numbering, it is not any problem for me, i just simply mentioned it and probably could be the caused.
anyway thank you for pointed it.