DHCP Server does not work

Reacon · January 10, 2017, 2:35pm

Hey folks,

im new here and also new to Mikrotik.
I configured my CRS125 with v. 6.38 so far and facing some issues here.
Bassically, I want to seperate in sum in 5 VLANs

110 Clients
210 Server
310 Media
410 Management
999 GuestWLAN

So far so good. I already implemented this and it seems to be working - I was not able to ping to clients connected to an port from another VLAN.
Now, I wanted to configure a DHCP Server based on each VLAN interface to serve a specific pool of IP addresses for each VLAN…from my POV, the DHCP configuration should be correct.
But I dont get a IP address for any reason… could you guys help me out here?

Thanks

Reacon

[admin@MikroTik] > interface ethernet switch vlan print
Flags: X - disabled, I - invalid, D - dynamic
 #   VLAN-ID PORTS                                           SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP
 0       110 e1-master-WAN                                   no  yes   no    no             none
             e5-BUERO1
             e6-BUERO2
             e7-BUERO3
             e8-BUERO4
             e9-BUERO5
             e10-BUERO6
             e11-WOHNZIMMER1
             e13-KUECHE1
             e15-KSZ1
             e17-MSZ1
             e19-MSZ3
 1       210 e1-master-WAN                                   no  yes   no    no             none
             e2-RESERVED
             e3-NAS
             e4-FHEM
 2       310 e1-master-WAN                                   no  yes   no    no             none
             e12-WOHNZIMMER2
             e14-KUECHE2
             e16-KSZ2
             e18-MSZ2
             e20-MSZ4
 3       410 e1-master-WAN                                   no  yes   no    no             none
             switch1-cpu
 4       999 e1-master-WAN                                   no  yes   no    no             none
             e23-WLANAP1
             e24-WLANAP2
             switch1-cpu
 5 D    4095 sfp1-TRUNK                                      no  no    no    no             none
             switch1-cpu

[admin@MikroTik] > interface vlan print
Flags: X - disabled, R - running, S - slave
 #    NAME                                                 MTU ARP             VLAN-ID INTERFACE
 0 R  ClientVLAN110                                       1500 enabled             110 e1-master-WAN
 1 R  ManagementVLAN410                                   1500 enabled             410 e1-master-WAN
 2 R  MediaVLAN310                                        1500 enabled             310 e1-master-WAN
 3 R  ServerVLAN210                                       1500 enabled             210 e1-master-WAN

[admin@MikroTik] /ip> dhcp-client print
Flags: X - disabled, I - invalid
 #   INTERFACE                                                                 USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS
 0   e1-master-WAN                                                             yes          yes               bound         192.168.0.174/24

[admin@MikroTik] > ip dhcp-server print
Flags: X - disabled, I - invalid
 #   NAME                                       INTERFACE                                      RELAY           ADDRESS-POOL                                      LEASE-TIME ADD-ARP
 0   dhcp1                                      ServerVLAN210                                                  dhcp_pool10                                       10m
 1   dhcp2                                      ClientVLAN110                                                  dhcp_pool11                                       10m

[admin@MikroTik] /ip pool> print
 # NAME                                                                                                                                             RANGES
 0 dhcp_pool1                                                                                                                                       192.168.11.2-192.168.11.254
 1 dhcp_pool2                                                                                                                                       192.168.21.2-192.168.21.254
 2 dhcp_pool3                                                                                                                                       192.168.31.2-192.168.31.254
 3 dhcp_pool4                                                                                                                                       10.10.11.50-10.10.11.200
 4 dhcp_pool10                                                                                                                                      10.10.21.2-10.10.21.254
 5 dhcp_pool11                                                                                                                                      10.10.11.2-10.10.11.254
 6 vpn                                                                                                                                              192.168.89.2-192.168.89.255

[admin@MikroTik] > interface ethernet switch ingress-vlan-translation print
Flags: X - disabled, I - invalid, D - dynamic
 0   ports=e5-BUERO1,e6-BUERO2,e7-BUERO3,e8-BUERO4,e10-BUERO6,e11-WOHNZIMMER1,e13-KUECHE1,e15-KSZ1,e17-MSZ1,e19-MSZ3 service-vlan-format=any customer-vlan-format=any
     new-customer-vid=110 pcp-propagation=no sa-learning=yes

 1   ports=e2-RESERVED,e3-NAS,e4-FHEM service-vlan-format=any customer-vlan-format=any new-customer-vid=210 pcp-propagation=no sa-learning=yes

 2   ports=e12-WOHNZIMMER2,e14-KUECHE2,e16-KSZ2,e18-MSZ2,e20-MSZ4 service-vlan-format=any customer-vlan-format=any new-customer-vid=310 pcp-propagation=no sa-learning=yes

 3 D ports=sfp1-TRUNK service-vlan-format=any customer-vlan-format=any new-customer-vid=4095 pcp-propagation=no sa-learning=no

[admin@MikroTik] > interface ethernet switch egress-vlan-tag print
Flags: X - disabled, I - invalid, D - dynamic
 #   VLAN-ID TAGGED-PORTS
 0       110 e1-master-WAN
 1       210 e1-master-WAN
 2       310 e1-master-WAN
 3       410 e1-master-WAN
             switch1-cpu
 4       999 e1-master-WAN
             switch1-cpu
 5 D    4095

[admin@MikroTik] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         INTERFACE
 0   10.10.41.1/24      10.10.41.0      ManagementVLAN410
 1   10.10.21.1/24      10.10.21.0      ServerVLAN210
 2   10.10.31.1/24      10.10.31.0      MediaVLAN310
 3   10.10.11.1/24      10.10.11.0      ClientVLAN110
 4   10.10.11.1/24      10.10.11.0      sfp1-TRUNK
 5 D 192.168.0.174/24   192.168.0.0     e1-master-WAN

k6ccc · January 10, 2017, 11:23pm

I’m trying to compare your data to one of my routers, and in some cases getting some radically different screens, so I may be missing something here. Also note the router that I’m comparing to is used as a router and not a switch or bridge - all VLANs appear on one port only. I have never used a MikroTik router as anything but a router.

Unless I’m missing something (could be) you have VLAN 110 and 210 as the only VLANs that have a DHCP server and an address pool assigned.. Further, you are only allowing the DHCP servers to function on port 1 which is a VLAN trunked port. Therefore, unless the computer you are using for test is VLAN aware and plugged into port 1, it’s not going to work.

Like I said, I could be very wrong here.

Reacon · January 11, 2017, 6:16am

Here you go dillagr

[admin@EdgeRouterMikrotik] > /ip dhcp-server network print
 # ADDRESS            GATEWAY         DNS-SERVER      WINS-SERVER     DOMAIN
 0 10.10.11.0/24      10.10.11.1      10.10.11.1
 1 10.10.21.0/24      10.10.21.1      10.10.21.1

Reacon · January 11, 2017, 6:21am

Hmm, just to be clear: where did you notice that I am allowing DHCP server just on port 1 (which is my master port)? Maybe I missed something

k6ccc · January 11, 2017, 5:16pm

None of the code segments that you included specified that port 1 was a master port (unless I missed it) other than the name you gave it, but the name can be anything. As I said before, I only use my MikroTik routers as routers so none of the LANs (physical or VLAN) appear on more than one port. Therefore I’m really weak on bridges and master ports - as I simply don’t have a need to use them at all.

k6ccc · January 12, 2017, 3:50am

But it does not indicate if any port is a master (other than the name - which can be anything).

Reacon · January 12, 2017, 6:56am

Anyway, here another output which shows, that e1 has been configured as master.

[admin@EdgeRouterMikrotik] > interface ethernet print
Flags: X - disabled, R - running, S - slave
 #    NAME                MTU MAC-ADDRESS       ARP             MASTER-PORT            SWITCH
 0 R  e1-master-WAN      1500 6C:3B:6B:85:B4:6B enabled         none                   switch1
 1  S e2-RESERVED        1500 6C:3B:6B:85:B4:6C enabled         e1-master-WAN          switch1
 2  S e3-NAS             1500 6C:3B:6B:85:B4:6D enabled         e1-master-WAN          switch1
 3  S e4-FHEM            1500 6C:3B:6B:85:B4:6E enabled         e1-master-WAN          switch1
 4  S e5-BUERO1          1500 6C:3B:6B:85:B4:6F enabled         e1-master-WAN          switch1
 5  S e6-BUERO2          1500 6C:3B:6B:85:B4:70 enabled         e1-master-WAN          switch1
 6  S e7-BUERO3          1500 6C:3B:6B:85:B4:71 enabled         e1-master-WAN          switch1
 7  S e8-BUERO4          1500 6C:3B:6B:85:B4:72 enabled         e1-master-WAN          switch1
 8  S e9-BUERO5          1500 6C:3B:6B:85:B4:73 enabled         e1-master-WAN          switch1
 9 RS e10-BUERO6         1500 6C:3B:6B:85:B4:74 enabled         e1-master-WAN          switch1
10  S e11-WOHNZIMMER1    1500 6C:3B:6B:85:B4:75 enabled         e1-master-WAN          switch1
11  S e12-WOHNZIMMER2    1500 6C:3B:6B:85:B4:76 enabled         e1-master-WAN          switch1
12  S e13-KUECHE1        1500 6C:3B:6B:85:B4:77 enabled         e1-master-WAN          switch1
13  S e14-KUECHE2        1500 6C:3B:6B:85:B4:78 enabled         e1-master-WAN          switch1
14  S e15-KSZ1           1500 6C:3B:6B:85:B4:79 enabled         e1-master-WAN          switch1
15  S e16-KSZ2           1500 6C:3B:6B:85:B4:7A enabled         e1-master-WAN          switch1
16  S e17-MSZ1           1500 6C:3B:6B:85:B4:7B enabled         e1-master-WAN          switch1
17  S e18-MSZ2           1500 6C:3B:6B:85:B4:7C enabled         e1-master-WAN          switch1
18  S e19-MSZ3           1500 6C:3B:6B:85:B4:7D enabled         e1-master-WAN          switch1
19  S e20-MSZ4           1500 6C:3B:6B:85:B4:7E enabled         e1-master-WAN          switch1
20  S e23-WLANAP1        1500 6C:3B:6B:85:B4:81 enabled         e1-master-WAN          switch1
21  S e24-WLANAP2        1500 6C:3B:6B:85:B4:82 enabled         e1-master-WAN          switch1
22  S ether21            1500 6C:3B:6B:85:B4:7F enabled         e1-master-WAN          switch1
23  S ether22            1500 6C:3B:6B:85:B4:80 enabled         e1-master-WAN          switch1
24    sfp1-TRUNK         1500 6C:3B:6B:85:B4:83 enabled         none                   switch1

k6ccc · January 12, 2017, 8:17pm

Well, you’ve got me then. As I said, I know very little about having more than one port on any given LAN as I don’t do that at all. Someone who does so will have to answer.

janus20 · January 12, 2017, 9:01pm

Hi,

would you be kind to post output of

/ip dhcp-server export

kind regards,

Revelation · January 12, 2017, 9:35pm

Why is your WAN port your Master port for every interface? Do your clients get their IP from your ISP / WAN link?

k6ccc · January 13, 2017, 9:53pm

I’m glad someone brought that up. That did not look right to me either, but as I’ve stated, I don’t use a Master Port on either of my routers.