I have a RB5009UPr+S+ and a few Raspberry Pi’s running Talos Linux. I want them to get a static IP based on the port it connects to on the router. Of course I can also set static IPs based on the MAC address. But the option 82 method seems more elegant.
However, it may be an odd setup? Because the relay and server are then on the same system. Usually the relay forwards it to a separate DHCP server, often running on a dedicated Linux system. But I wonder if both these roles can work fine on a Mikrotik.
I’ve been checking the docs. For what it’s worth, I gather that relay-info-remote-id and add-relay-info need to be set for the relay. But then what? Should I then be seeing leases coming in on the server with that relay info? And then set static IPs there?
dhcp-relay is only appropriate when the DHCP clients are in a different subnet to the DHCP server, otherwise use the bridge dhcp-snooping=yes plus add-dhcp-option82=yes settings.
The main issue is that the Mikrotik DHCP server doesn’t have an option to match static leases to agent circuit ID or agent remote ID, only MAC address or client ID. I’ve not investigated Mikrotik DHCP server with RADIUS to see if the agent information is passed to a RADIUS server.
It may be possible to use the generic matcher https://help.mikrotik.com/docs/spaces/ROS/pages/24805500/DHCP#DHCP-Genericmatcher in 7.16 onwards to match part of the option 82 data, otherwise you would have to create a string which matches it exactly which could be tricky as there are suboptions containing the circuit and remote IDs https://www.rfc-editor.org/rfc/rfc3046.html#section-2.0. Each matcher entry would reference a pool containing the single desired IP address, I’m not sure what would happen when you disconnect one device from a port and connect a different one as the lease would have the previous device MAC address so could well fail until the lease expires.
Yes, it’s totally possible to run both the DHCP server and the Option 82 relay on the same MikroTik device — I’ve done similar setups on RB5009.
You’re on the right track:
Enable add-relay-info and set relay-info-remote-id (e.g., use interface name or a custom string).
On the DHCP server side, make sure it’s set to receive Option 82 info (use-src-mac = yes can help in some cases).
Once that’s set up, yes — you should see Option 82 info (like circuit-id and remote-id) in the active lease details. Then, under IP > DHCP Server > Leases, you can convert dynamic leases to static, or define static entries manually based on that info.
Works great for port-based IP assignments — especially when MACs might rotate or for devices like Pis running minimal OSes.
Key points:
option82 in the bridge settings
dhcp server, what is not set to static only and the pool is outside of the ones you allocate to the ports (100-200 in my case)
some new pools for the specific interfaces (pool1,2,3 in my case with only one address)
dhcp server matcher to match the specific interfaces
Since 7.21 it is possible to specify Agent Remote Id and Agent Circuit Id for DHCP leases. These parameters work similarly to Client ID parameter- the server will use the lease for a request if those parameters match.
You could also set Dynamic Lease Identifiers to Option 82 in DHCP server. then the newly created dynamic lease will be populated with those Option 82 parameters only. This is useful when you don’t want to trust the values generated by clients.