I tried setting to the dhcp-server to authoritative, I tried disabling bootp.
My log is getting spammed with these messages quite often:
default offering lease 192.168.22.209 for CC:35:40:04:38:1B to BC:8C:CD:46:15:F4 without success
default offering lease 192.168.22.206 for 08:95:2A:B8:EC:86 to BC:8C:CD:46:15:F4 without succes
It’s only these 2 messages, but over and over.
At one point I see an incomplete ARP for those IPs but there is never an associated MAC.
Can someone tell me what this means?
These are happening at another place, I have to go over there to work on it at some point. Power off devices until I figure out what is doing this.
I wiresharked this and I see a DHCP Discover frame sent from the BC:8C:CD:46:15:F4 MAC address, but in the DHCP options it’s setting the “client” MAC address to CC:35:40:04:38:1B. Or the other MAC 08:95:2A:B8:EC:86 in another DHCP Discover frame.
This seems like crappy behavior from one of the DHCP clients on WiFi, specifically the one with MAC BC:8C:CD:46:15:F4.
If I search on BC:8C:CD:46:15:F4, I can see this device (192.168.223.85) doing all kinds of stuff, including trying to communicate with a random (or not?) source APIPA address, SSDP, UDP from a source address of 1.1.1.1, etc. Seems like not such a polite client to me.
I finally got to the place where this device exists, and it’s a DirecTV DVR/set top box thing. It’s apparently doing something on behalf of 2 other “slave” or “client” boxes in other rooms.
Super, duper annoying.
So I did this:
/system logging set 2 topics=warning,!dhcp
And this suppressed the most common messages.
However, I believe this disables all warning level dhcp messages, which I don’t want. Is there a way to match a regex only and drop it? I’m not finding it in the logging part of the wiki.
There are also some info messages that I would want to turn off:
feb/25 20:43:08 dhcp,info default assigned 192.168.22.19 to CC:03:FA:98:6A:FF
feb/25 20:43:08 dhcp,info default assigned 192.168.22.209 to CC:35:40:04:38:1B
I don’t want to turn off all dhcp info messages as well as warning.
I think he mainly wants to get rid of this type of message:
default offering lease 192.168.22.209 for CC:35:40:04:38:1B to BC:8C:CD:46:15:F4 without success
The info,!dhcp would get rid of the lease renewal messages which he also wants to hide. There may be other info level messages he wants to keep. I haven’t looked at the DHCP server info output closely lately.
acruhl,
I think your best bet is to log to a syslog server and do filtering there. MikroTik does not give you that much granularity in the system. The more non-routing related features they add in the more likely the system is to become unstable. Once the logs go to a syslog server you can use something like logwatch to bring the stuff that is important to you to your inbox. That way you are not manually scanning the logs all day long. You also get to keep the full logs so that you can forensically figure out arcane issues which your users report.
[quote=Kackele post_id=644716 time=1519661512 user_id=115363]
I bet my left nut you are using some crappy repeaters or a device for switch, that (firmware) is not meant to be a switch. Or connected a freaking Sonos device that makes a loop…
Even a laptop, connected both wired and wireless will get 2 separate IPs without problems. Running xp/7/Linux/BD/whatever. Tested that, know that for sure.
[/quote]
Ahh, no, it’s a DirecTV set top box, like I said. I’m sure lots of devices create a lot of chatter. This one is particularly annoying.
Yeah, that’s worth a try next time I’m over there. Setting a static IP is a good start probably. The real problem is I don’t know exactly why it’s doing this stuff or if it’s necessary for it’s functionality. In the end the “problem” might only be that MikroTik likes to log messages that this impolite device causes.
Will ask here to not make another topic, subject is very similar…
<…>
Update: post removed, problem solved, it was a bug in client firmware, Mikrotik is not guilty.
[/quote]