DHCP does not work in bridged VLAN

Hello everyone.
I have a problem with my router. I have configured several VLANs working inside a bridge, but I don’t know why when I try to add another one, in the same way as I did the others it doesn’t work for me. The id of the Vlan that does not work is 30. When I try to connect to this network it does not give me a DHCP address. The rest of them all work correctly.
I put my configuration to see if you could help me to solve it.
Thank you very much for your help.

# aug/29/2022 14:44:57 by RouterOS 7.4.1
# software id = 72BE-WTA3
#
# model = RB4011iGS+
# serial number = 
/interface bridge
add fast-forward=no name=br_lan
/interface ethernet
set [ find default-name=ether3 ] mac-address=B8:69:F4:92:2E:1C
set [ find default-name=ether4 ] mac-address=B8:69:F4:92:2E:1D
set [ find default-name=ether5 ] mac-address=B8:69:F4:92:2E:1E
set [ find default-name=ether6 ] mac-address=B8:69:F4:92:2E:1F
set [ find default-name=ether7 ] mac-address=B8:69:F4:92:2E:20
set [ find default-name=ether8 ] mac-address=B8:69:F4:92:2E:21
set [ find default-name=ether9 ] mac-address=B8:69:F4:92:2E:22
set [ find default-name=ether10 ] comment="br wan movistar" mac-address=B8:69:F4:92:2E:23
set [ find default-name=ether2 ] comment="lan interface" mac-address=B8:69:F4:92:2E:1B name=inside
set [ find default-name=ether1 ] comment="wan interface" mac-address=B8:69:F4:92:2E:1A mtu=1592 name=outside
set [ find default-name=sfp-sfpplus1 ] l2mtu=2000 mac-address=B8:69:F4:92:2E:24
/interface vlan
add comment="vlan 3" interface=outside name=vlan3 vlan-id=3
add interface=ether10 name=vlan3_f vlan-id=3
add comment="vlan 6 movistar" interface=outside name=vlan6 vlan-id=6
add comment="vlan 10 staff" interface=br_lan name=vlan10 vlan-id=10
add comment="vlan 11 guest" interface=br_lan name=vlan20 vlan-id=20
add interface=br_lan name=vlan30 vlan-id=30
/interface pppoe-client
add add-default-route=yes comment="dialer movistar" disabled=no interface=vlan6 name=Dialer1 user=adslppp@telefonicanetpa
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec peer
# This entry is unreachable
add name=peer1 passive=yes
/ip ipsec profile
set [ find default=yes ] dh-group=modp1024
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
add enc-algorithms=aes-256-cbc,3des name=L2TP-Proposal pfs-group=none
/ip pool
add name=dhcp_vlan10 ranges=192.168.10.30-192.168.10.100
add name=dhcp_vlan20 ranges=192.168.20.2-192.168.23.254
add name=POOL_VPN_L2TP ranges=172.16.30.10-172.16.30.20
add name=dhcp_pool8 ranges=10.25.223.1-10.25.223.20
add name=dhcp ranges=192.168.0.33-192.168.0.88
add name=dhcp_fakevlan3 ranges=172.20.0.2-172.20.0.6
add name=dhcp_pool11 ranges=10.0.0.2/31
add name=dhcp_pool17 ranges=10.0.30.2-10.0.30.254
add name=dhcp_vlan30 ranges=192.168.30.2-192.168.30.254
/ip dhcp-server
add address-pool=dhcp_vlan10 interface=vlan10 lease-time=1d name=dhcp_staff
add address-pool=dhcp_vlan20 interface=vlan20 lease-time=3h name=dhcp_hotspot
add address-pool=dhcp interface=br_lan lease-time=1d10m name=dhcp_lan
add address-pool=dhcp_vlan30 interface=vlan30 lease-time=3h name=dhcp_test
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add change-tcp-mss=yes dns-server=8.8.8.8 local-address=172.16.30.1 name=VPN-L2TP remote-address=POOL_VPN_L2TP use-encryption=required
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,rest-api
/interface bridge port
add bridge=br_lan ingress-filtering=no interface=inside trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether3 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether4 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether5 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether6 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether7 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether8 trusted=yes
add bridge=br_lan ingress-filtering=no interface=ether9 trusted=yes
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface l2tp-server server
set authentication=mschap2 default-profile=VPN-L2TP enabled=yes max-mru=1460 max-mtu=1460 use-ipsec=yes
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.0.1/24 comment=LAN interface=br_lan network=192.168.0.0
add address=192.168.10.1/24 comment="VLAN 10 - STAFF" interface=vlan10 network=192.168.10.0
add address=192.168.20.1/22 comment="VLAN 20 - GUEST" interface=vlan20 network=192.168.20.0
add address=192.168.1.1/24 interface=br_lan network=192.168.1.0
add address=192.168.30.1/24 interface=vlan30 network=192.168.30.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=5m
/ip dhcp-client
add add-default-route=no disabled=yes interface=vlan3
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=80.58.0.33,8.8.8.8 gateway=192.168.0.1
add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24
add address=192.168.10.0/24 comment="VLAN 10 - Staff" gateway=192.168.10.1
add address=192.168.20.0/22 comment="VLAN 20 - Hotspot" gateway=192.168.20.1
add address=192.168.30.0/24 comment="VLAN 30 - TEST" gateway=192.168.30.1
/ip dns
set servers=8.8.8.8,9.9.9.9
/ip firewall address-list
add address=192.168.1.111 list=CCTV
/ip firewall filter
add action=accept chain=input comment=IPSEC dst-port=500 protocol=udp
add action=accept chain=input comment=IPSEC protocol=ipsec-esp
add action=accept chain=input comment=IPSEC dst-port=4500 protocol=udp
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=drop chain=input comment="BLOQUEJA DURANT 24 hores qui fa 5 intents seguits de login SSH!" dst-port=22109 protocol=tcp src-address-list=black_list_ssh
add action=add-src-to-address-list address-list=black_list_ssh address-list-timeout=1d chain=input connection-state=new dst-port=22109 protocol=tcp src-address-list=ssh_stage4
add action=add-src-to-address-list address-list=ssh_stage4 address-list-timeout=1m chain=input connection-state=new dst-port=22109 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=22109 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=22109 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=22109 protocol=tcp
add action=drop chain=input comment="BLOQUEJA DURANT 24 hores qui fa 5 intents seguits de login winbox!" dst-port=18291 protocol=tcp src-address-list=black_list_winbox
add action=add-src-to-address-list address-list=black_list_winbox address-list-timeout=1d chain=input connection-state=new dst-port=18291 protocol=tcp src-address-list=winbox_stage4
add action=add-src-to-address-list address-list=winbox_stage4 address-list-timeout=3m chain=input connection-state=new dst-port=18291 protocol=tcp src-address-list=winbox_stage3
add action=add-src-to-address-list address-list=winbox_stage3 address-list-timeout=3m chain=input connection-state=new dst-port=18291 protocol=tcp src-address-list=winbox_stage2
add action=add-src-to-address-list address-list=winbox_stage2 address-list-timeout=3m chain=input connection-state=new dst-port=18291 protocol=tcp src-address-list=winbox_stage1
add action=add-src-to-address-list address-list=winbox_stage1 address-list-timeout=3m chain=input connection-state=new dst-port=18291 protocol=tcp src-address-list=winbox_stage1
add action=drop chain=input comment="BLOQUEJA DURANT 24 hores qui fa 5 intents seguits de login telnet!" dst-port=22323 protocol=tcp src-address-list=black_list_winbox
add action=add-src-to-address-list address-list=black_list_winbox address-list-timeout=1d chain=input connection-state=new dst-port=22323 protocol=tcp src-address-list=winbox_stage4
add action=add-src-to-address-list address-list=winbox_stage4 address-list-timeout=3m chain=input connection-state=new dst-port=22323 protocol=tcp src-address-list=winbox_stage3
add action=add-src-to-address-list address-list=winbox_stage3 address-list-timeout=3m chain=input connection-state=new dst-port=22323 protocol=tcp src-address-list=winbox_stage2
add action=add-src-to-address-list address-list=winbox_stage2 address-list-timeout=3m chain=input connection-state=new dst-port=22323 protocol=tcp src-address-list=winbox_stage1
add action=add-src-to-address-list address-list=winbox_stage1 address-list-timeout=3m chain=input connection-state=new dst-port=22323 protocol=tcp src-address-list=winbox_stage1
/ip firewall nat
add action=jump chain=hs-auth disabled=yes dst-port=465 jump-target=hs-smtp protocol=tcp
add action=jump chain=hs-auth dst-port=587 jump-target=hs-smtp protocol=tcp
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat disabled=yes out-interface=vlan3_f
add action=masquerade chain=srcnat comment="global nat" out-interface=Dialer1
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=192.168.20.0/24
add action=dst-nat chain=dstnat comment="CCTV TCP 6080 192.168.1.111" dst-port=6080 in-interface=Dialer1 protocol=tcp to-addresses=192.168.0.111 to-ports=6080
add action=dst-nat chain=dstnat comment="CCTV TCP 55677 192.168.1.111" dst-port=55677 in-interface=Dialer1 protocol=tcp to-addresses=192.168.0.111 to-ports=55677
add action=masquerade chain=srcnat out-interface-list=*2000010
/ip firewall service-port
set sip ports=5060,5061,5070
/ip hotspot
add address-pool=*D addresses-per-mac=1 idle-timeout=none interface=*16 login-timeout=1h name=hotspot1 profile=SandwiChez
/ip hotspot user
add name=admin
/ip ipsec policy
add proposal=L2TP-Proposal template=yes
/ip service
set telnet disabled=yes port=22323
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes port=22109
set api disabled=yes
set winbox port=18291
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/routing rip interface-template
add disabled=yes instance=*1 interfaces=vlan3 mode=passive
/system clock
set time-zone-name=Europe/Madrid
/system resource irq rps
set sfp-sfpplus1 disabled=no
/system scheduler
add interval=1d name=backup on-event="/system script run backup-email" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=mar/03/2019 start-time=06:00:00

Didnt see anything really bad on the first pass but glossed over the firewall rules as they are overly bloated…
I personally would not setup the bridge and vlans as you have. The bridge only should bridge and vlans pass data.
So my bridge never does dhcp if you have a subnet that you want to use on the bridge, make it a vlan and send it to the ports it needs to go like any other vlan.

Its far less confusing, I would also not run separate vlans on the interfaces as you ahve done.
They would all be on my one bridge and then sent to the appropriate port…for me this is needless confusion or needlessly complex.

Reading your config, you have all trunk ports potentially carrying 10,20,30 to ether2-9 as well as the bridge subnet…

That is the big clue, we dont know, why… -----------------------------> MISSING is /interface bridge vlans ???

VLAN setup is missing many things:

• entire section of /interface bridge vlan is missing
• /interface bridge port is likely incomplete unless all bridge ports are meant to be trunk ports
• bridge lacks vlan-filtering=yes

IMO it’s no wonder things don’t work as intended. If they did, it would be next to a miracle.

Now I’m off, I’m sure @anav wil handle the rest

There is METOD to your madness… jajajajaja couldnt resist!