/interface bridge filter
add action=jump chain=input jump-target=dhcp2 packet-mark=dhcp packet-type=
broadcast
add action=return chain=dhcp2 limit=1,3
add action=drop chain=dhcp2
/ip firewall mangle
add action=mark-packet chain=prerouting dst-port=67 in-interface=bridge1
new-packet-mark=dhcp passthrough=yes protocol=udp src-port=68
hello could you please explain what happen here ? sorry in new in Mikrotik still studying Mikrotik
I know this topic is old, but I’m currently experiencing this type of attack on my network.
I have a Mikrotik 4011 connected to a Unifi switch and some Unifi antennas. I have my VLANs (10,20,30) associated with Mikrotik’s ETHER6 port, which communicates with the Unifi switch. On each port of this switch, I have a Unifi antenna with 3 Wifi networks configured (each in its own VLAN 10,20,30), and the Mikrotik is the DHCP server for these networks (each with its own IP range).
What’s happening is that one of the clients is connecting to the Wifi and running a script that generates a lot of IP requests to Mikrotik’s DHCP, and it becomes overwhelmed. This causes the network to become unavailable.
Please, if anyone can help me with a step-by-step on how I can protect the network, I would appreciate it!