Ok, here’s my setup. I have a 900mhz radio (which appears as a 2.4 radio in slot 0). I have bridged the 900 radio with ehter 1,2 and 3. I have a 2.4/5G radio in slot 1 and that radio is a local AP for a client device.
The 900 radio will associate with an AP upstream and receive a DHCP address for the Bridge interface upon connecting. Everything works fine, but we have about 10 radio’s out of about 200 that for some reason are getting 2 IP addresses from the DHCP server. One is bound to the mac of the Bridge (00:15:6D:94:60:4B), as it should be, but the other is bound to the Ethernet 1 Mac address (00:0C:42:3B:CB:CA).
Looking at the leases on the server, they appear to renew very close in time to each other. For the life of me, I can’t figure out why some of these are getting IP’s randomly on ther Ethernet 1 interface? Any ideas? Below is the config from a radio having this issue. IP DHCP Client is bound to the Bridge interface.

Note the 2.4 radio is acting as a DHCP server for local 2.4 clients, but that is NOT where the 900 radio get’s it’s IP from. The 900 connects to an AP on the LAN where the DHCP server resides.


\

aug/11/2011 13:42:54 by RouterOS 4.6

software id = XWFY-MTVT

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes
comment=“” disabled=no forward-delay=15s l2mtu=2290 max-message-age=20s
mtu=1500 name=bridge1 priority=0x8000 protocol-mode=none
transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes comment=“” disabled=no full-duplex=yes
l2mtu=1526 mac-address=00:0C:42:3B:CB:CA mtu=1500 name=ether1 speed=
100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1522 mac-address=00:0C:42:3B:CB:CB
master-port=none mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes l2mtu=1522 mac-address=00:0C:42:3B:CB:CC
master-port=none mtu=1500 name=ether3 speed=100Mbps
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set default authentication-types=“” eap-methods=passthrough group-ciphers=“”
group-key-update=5m interim-update=0s management-protection=disabled
management-protection-key=“” mode=none name=default
radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=
none static-key-0=“” static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“”
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=
none tls-mode=no-certificates unicast-ciphers=“” wpa-pre-shared-key=“”
wpa2-pre-shared-key=“”
add authentication-types=wpa2-psk eap-methods=passthrough group-ciphers=
aes-ccm group-key-update=5m interim-update=0s management-protection=
allowed management-protection-key=“” mode=dynamic-keys name=profile1
radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=
none static-key-0=“” static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“”
static-transmit-key=key-0 supplicant-identity=“” tls-certificate=none
tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=“”
wpa2-pre-shared-key=xxxxxxx
/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no
antenna-gain=0 antenna-mode=ant-a area=“” arp=enabled band=2.4ghz-b
basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment=“”
compression=no country=no_country_set default-ap-tx-limit=0
default-authentication=yes default-client-tx-limit=0 default-forwarding=
yes dfs-mode=none disable-running-check=no disabled=no
disconnect-timeout=3s frame-lifetime=0 frequency=2437 frequency-mode=
manual-txpower hide-ssid=no hw-fragmentation-threshold=disabled
hw-protection-mode=none hw-protection-threshold=0 hw-retries=4 l2mtu=2290
mac-address=00:15:6D:94:60:4B max-station-count=2007 mode=station-wds
mtu=1500 name=“wlan1 XR9” noise-floor-threshold=default
on-fail-retry-time=100ms periodic-calibration=default
periodic-calibration-interval=60 preamble-mode=both
proprietary-extensions=post-2.9.25 radio-name=xxxxxxx rate-set=default
scan-list=default security-profile=profile1 ssid=xxxxxxxx
station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=
1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default update-stats-interval=
disabled wds-cost-range=50-150 wds-default-bridge=none wds-default-cost=
100 wds-ignore-ssid=no wds-mode=disabled wmm-support=disabled
set 1 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no
antenna-gain=0 antenna-mode=ant-a area=“” arp=enabled band=2.4ghz-b
basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment=“”
compression=no country=no_country_set default-ap-tx-limit=0
default-authentication=yes default-client-tx-limit=0 default-forwarding=
yes dfs-mode=none disable-running-check=no disabled=no
disconnect-timeout=3s frame-lifetime=0 frequency=2437 frequency-mode=
manual-txpower hide-ssid=no hw-fragmentation-threshold=disabled
hw-protection-mode=none hw-protection-threshold=0 hw-retries=4 l2mtu=2290
mac-address=00:0C:42:68:A9:E7 max-station-count=2007 mode=ap-bridge mtu=
1500 name=“wlan2 R52H” noise-floor-threshold=default on-fail-retry-time=
100ms periodic-calibration=default periodic-calibration-interval=60
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=
xxxxxx rate-set=default scan-list=default security-profile=profile1
ssid=xxxxxx station-bridge-clone-mac=00:00:00:00:00:00
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled
wmm-support=disabled
/interface wireless manual-tx-power-table
set “wlan1 XR9” comment=“” manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11Mb
ps:17,6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,
54Mbps:17,HT20-0:0,HT20-1:0,HT20-2:0,HT20-3:0,HT20-4:0,HT20-5:0,HT20-6:0,H
T20-7:0,HT40-0:0,HT40-1:0,HT40-2:0,HT40-3:0,HT40-4:0,HT40-5:0,HT40-6:0,HT4
0-7:0”
set “wlan2 R52H” comment=“” manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11M
bps:17,6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17
,54Mbps:17,HT20-0:17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT2
0-6:17,HT20-7:17,HT40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:
17,HT40-6:17,HT40-7:17”
/interface wireless nstreme
set “wlan1 XR9” comment=“” disable-csma=no enable-nstreme=no enable-polling=
yes framer-limit=3200 framer-policy=none
set “wlan2 R52H” comment=“” disable-csma=no enable-nstreme=no enable-polling=
yes framer-limit=3200 framer-policy=none
/ip ipsec proposal
set default auth-algorithms=sha1 comment=“” disabled=no enc-algorithms=3des
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=192.168.1.1-192.168.1.10
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=
static disabled=no interface=“wlan2 R52H” lease-time=3d name=
“2.4 DHCP Server”
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none
stop-bits=1
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=
5
set default-small kind=pfifo name=default-small pfifo-limit=10
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0
max-limit=0 name=“VoIP RTP” packet-mark=“VoIP RTP” parent=“wlan1 XR9”
priority=1 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0
max-limit=0 name=“VoIP Sig” packet-mark=“VoIP Signal” parent=“wlan1 XR9”
priority=2 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0
max-limit=0 name=Default packet-mark=no-mark parent=“wlan1 XR9” priority=
8 queue=default
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment=“” disabled=no
ignore-as-path-len=no name=default out-filter=“” redistribute-connected=
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no
redistribute-static=no router-id=0.0.0.0 routing-table=“”
/routing ospf instance
set default comment=“” disabled=no distribute-default=never in-filter=ospf-in
metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=
auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out
redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no
redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 comment=“” disabled=no instance=default name=
backbone type=default
/snmp
set contact=“” enabled=yes engine-boots=305 engine-id=“” location=Truck055
time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
add address=x.x.x.x/32 authentication-password=“”
authentication-protocol=MD5 encryption-password=“” encryption-protocol=
DES name=xxxxxxx read-access=yes security=none write-access=no
add address=x.x.x.x/32 authentication-password=“”
authentication-protocol=MD5 encryption-password=“” encryption-protocol=
DES name=xxxxxxxx read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=x.x.x.x:514 src-address=
0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes
enter-setup-on=any-key
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes
enter-setup-on=any-key
/user group
add comment=“” name=read policy=“local,telnet,ssh,reboot,read,test,winbox,pass
word,web,sniff,sensitive,!ftp,!write,!policy”
add comment=“” name=write policy=“local,telnet,ssh,reboot,read,write,test,winb
ox,password,web,sniff,sensitive,!ftp,!policy”
add comment=“” name=full policy=“local,telnet,ssh,ftp,reboot,read,write,policy
,test,winbox,password,web,sniff,sensitive”
/interface bridge port
add bridge=bridge1 comment=“” disabled=no edge=auto external-fdb=auto
horizon=none interface=“wlan1 XR9” path-cost=10 point-to-point=auto
priority=0x80
add bridge=bridge1 comment=“” disabled=no edge=auto external-fdb=auto
horizon=none interface=ether1 path-cost=10 point-to-point=auto priority=
0x80
add bridge=bridge1 comment=“” disabled=no edge=auto external-fdb=auto
horizon=none interface=ether2 path-cost=10 point-to-point=auto priority=
0x80
add bridge=bridge1 comment=“” disabled=no edge=auto external-fdb=auto
horizon=none interface=ether3 path-cost=10 point-to-point=auto priority=
0x80
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=no
use-ip-firewall-for-vlan=no
/interface ethernet switch port
set (unknown)
set (unknown)
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=“” memory-limit=10
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.1.254/24 broadcast=192.168.1.255 comment=“” disabled=no
interface=“wlan2 R52H” network=192.168.1.0
/ip dhcp-client
add add-default-route=yes comment=“” default-route-distance=0 disabled=no
host-name=xxxxxxx interface=bridge1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.1.0/24 comment=“” gateway=192.168.1.254
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB
max-udp-packet-size=512 servers=x.x.x.x,x.x.x.x
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall mangle
add action=mark-packet chain=prerouting comment=“VoIP Sig” disabled=no dscp=
24 new-packet-mark=“VoIP Signal” passthrough=yes
add action=mark-packet chain=prerouting comment=“VoIP RTP” disabled=no dscp=
46 new-packet-mark=“VoIP RTP” passthrough=yes src-address-list=“”
/ip firewall nat
add action=dst-nat chain=dstnat comment=“” disabled=no dst-port=23 protocol=
tcp to-addresses=192.168.1.1 to-ports=23
add action=masquerade chain=srcnat comment=“” disabled=no src-address=
192.168.1.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip neighbor discovery
set ether1 discover=yes
set ether2 discover=yes
set ether3 discover=yes
set “wlan1 XR9” discover=no
set “wlan2 R52H” discover=no
set bridge1 discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0
parent-proxy-port=0 port=8080 serialize-connections=no src-address=
0.0.0.0
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set “wlan1 XR9” queue=wireless-default
set “wlan2 R52H” queue=wireless-default
set bridge1 queue=default
/radius incoming
set accept=no port=3799
/routing bfd interface
set all comment=“” disabled=no interface=all interval=0.2sec min-rx=0.2sec
multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m
gateway-selection=no-gateway origination-interval=5s preferred-gateway=
0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no
redistribute-connected=no redistribute-ospf=no redistribute-static=no
routing-table=main timeout-timer=3m update-timer=30s
/store
add comment=“” disabled=no disk=system name=user-manager1 type=user-manager
add comment=“” disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=America/Denver
/system clock manual
set dst-delta=+00:00 dst-end=“jan/01/1970 00:00:00” dst-start=
“jan/01/1970 00:00:00” time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system health
set fan-mode=auto use-fan=main
/system identity
set name=xxxxxxx
/system logging
add action=memory disabled=no prefix=“” topics=info
add action=memory disabled=no prefix=“” topics=error
add action=memory disabled=no prefix=“” topics=warning
add action=echo disabled=no prefix=“” topics=critical
add action=remote disabled=no prefix=“” topics=info
add action=remote disabled=no prefix=“” topics=debug
add action=remote disabled=no prefix=“” topics=error
add action=remote disabled=no prefix=“” topics=warning
/system note
set note=“” show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=x.x.x.x secondary-ntp=
x.x.x.x/system ntp server
set broadcast=no enabled=no manycast=yes multicast=no
/system scheduler
add comment=“” disabled=no interval=30m name=ConfigUpdate on-event=
ConfigUpdateScript policy=
reboot,read,write,policy,test,password,sniff,sensitive start-date=
jan/01/1970 start-time=00:00:00
/system script
add name=LED-OFF policy=ftp,read,winbox source=“:led user-led=no”
add name=LED-ON policy=ftp,read,winbox source=“:led user-led=yes”
add name=ConfigUpdateScript policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\

COMMENT - This will remove previous file\r\

\n/file remove [/file find name="config-update.rsc"];\r
\n# COMMENT - Download New Config file\r
\n/tool fetch mode=http address=x.x.x.x src-path="/config-update.r
sc" dst-path="config-update.rsc";\r
\n# COMMENT - Import config file to running config\r
\n/import file-name="config-update.rsc";"
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=
0.0.0.0 user=“”
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=
100
/tool e-mail
set from=<> password=“” server=0.0.0.0:25 username=“”
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool netwatch
add comment=“” disabled=no down-script=LED-OFF host=10.35.52.254 interval=5s
timeout=1s up-script=LED-ON
/tool sms
set allowed-number=“” channel=0 keep-max-sms=0 receive-enabled=no secret=“”
/tool sniffer
set file-limit=10 file-name=“” filter-address1=0.0.0.0/0:0-65535
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=
yes interface=all memory-limit=10 memory-scroll=no only-headers=no
streaming-enabled=no streaming-server=0.0.0.0
/tool user-manager customer
add comment=“” disabled=no login=admin parent=admin password=“”
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no
permissions=owner signup-allowed=no subscriber=admin time-zone=+00:00
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no

In all the bridges in your network set MAC address manually (auto-mac=no, admin-mac= )

and protocol-mode=rstp for good measure.

Thanks. We will test this and report back. We have spanning tree disabled intentionally to allow faster roaming from AP to AP (don’t have to wait for spanning tree timers).

Ok, I believe this will fix this behaviour. However, I would like to implement this using scripts. I already have a script running whereby the radio’s check in for updates. So I just need to add this to the script so they re-write their bridge mac. Ideally, I’d like them to query for their first ethernet mac and just bind the same mac to the bridge, so something like this:

/interface bridge
set admin-mac=[/interface ethernet get mac-address]

/interface bridge
set auto-mac=no

I need help with the syntax however, as I can’t seem to get it working. Also, it appears on both the admin-mac command and the auto-mac command, they expect you to type the mac address after the command, which is causing issues as well.

Any help on scripting this would be much appreciated.

You shouldn’t use the same MAC address twice. That’s a very bad idea. MAC addresses are supposed to be globally unique unless they represent multicast addresses. To do this properly you should use locally administered MAC addresses:
http://en.wikipedia.org/wiki/MAC_address#Address_details

The original IEEE 802 MAC address comes from the original Xerox Ethernet addressing scheme.[2] This 48-bit address space contains potentially 248 or 281,474,976,710,656 possible MAC addresses.

All three numbering systems use the same format and differ only in the length of the identifier. Addresses can either be universally administered addresses or locally administered addresses. A universally administered address is uniquely assigned to a device by its manufacturer; these are sometimes called burned-in addresses. The first three octets (in transmission order) identify the organization that issued the identifier and are known as the Organizationally Unique Identifier (OUI).[3] The following three (MAC-48 and EUI-48) or five (EUI-64) octets are assigned by that organization in nearly any manner they please, subject to the constraint of uniqueness. The IEEE expects the MAC-48 space to be exhausted no sooner than the year 2100;[4] EUI-64s are not expected to run out in the foreseeable future. A locally administered address is assigned to a device by a network administrator, overriding the burned-in address. Locally administered addresses do not contain OUIs.

Universally administered and locally administered addresses are distinguished by setting the second least significant bit of the most significant byte of the address. This bit is also referred to as the U/L bit, short for Universal/Local, which identifies how the address is administered. If the bit is 0, the address is universally administered. If it is 1, the address is locally administered. In the example address 06-00-00-00-00-00 the most significant byte is 06 (hex), the binary form of which is 00000110, where the second least significant bit is 1. Therefore, it is a locally administered address.[5] Consequently, this bit is 0 in all OUIs.

You can base a locally administered address on an existing hardware address:

:local mac ("06" . [:pick [/interface ethernet get ether1 mac-address] 2 17]]);
/interface bridge 
set admin-mac="$mac"
set auto-mac=no

thanks for the detailed response. Yes I understand the Mac should be unique, but the default behavior of these devices is to use the same Mac of an already defined interface, so it’s built in this way.

Having said that, yes I’d like to base my bridge mac off the ethernet mac and just change it slightly so it’s unique.

I’ve tried using the code you included in your response, but it does not appear to work as a script:

[admin@TESTTRUCK001] > /import file-name=“BridgeMacChange.rsc”;
Opening script file BridgeMacChange.rsc

Script file loaded successfullysyntax error (line 1 column 77)



The file “BridgeMacChange.rsc” contains the following text:

:local mac (“06” . [:pick [/interface ethernet get ether1 mac-address] 2 17]]);
/interface bridge
set admin-mac=“$mac”
set auto-mac=no

That isn’t an importable script, it’s a proof of concept. If you copy and paste it you will also have to concatenate everything into one line. The script also had an error, you need to identify the bridge interface somehow. I’m going by name. Change that name as required.

:local mac ("06" . [:pick [/interface ethernet get ether1 mac-address] 2 17]]); /interface bridge { set [find name="bridge1"] admin-mac="$mac" }; /interface bridge { set [find name="bridge1"] auto-mac=no };