Community discussions

MikroTik App
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

DHCP Server Issues

Fri Mar 01, 2019 8:33 pm

I have two desktop computers, both running Win 10 that have problems getting an IP from my RB3011 (v6.44).
Currently I can see 8 leases on the router to the various devices around the house. Those systems have internet access, so server is running. (IP pool is /24 so I'm not out of addresses)
On the affected machine(s) the ethernet reports no default gateway and the subnet mask of 255.0.0.0. They are setup for DHCP, not with fixed addresses.
I can ping the gateway from the machine so I now the wires are working.
If I run ipconfig /release and then ipconfig /rewnew most of the the time it does not receive an address.
Sometimes if I turn the Wi-Fi on, I can log into the wireless router in the house. But the connection is too weak to do anything useful. But when I turn the Wi-Fi off and run /release and /renew most of the time the ethernet gets an IP address.

What is stopping these machines from consistently getting an IP?
 
User avatar
gkk
newbie
Posts: 25
Joined: Sat Dec 24, 2016 1:17 pm

Re: DHCP Server Issues

Fri Mar 01, 2019 9:10 pm

Cable problems?
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Fri Mar 01, 2019 9:34 pm

Hmmm did you try rebooting the PCs and the router?
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Fri Mar 01, 2019 10:11 pm

Cable problems?
The computer pings the gateway without any issues. I also have gotten the RB3011 to give it an address and when that happens everything is fine.
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Fri Mar 01, 2019 10:20 pm

Hmmm did you try rebooting the PCs and the router?
I have rebooted the PC twice this morning and didn't get an IP. I read your reply and decided to do it a 3rd time, and this time I got an IP.

Since I have at two computers having these random issues I'm skeptical that it the problem lies in the PC.
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Fri Mar 01, 2019 10:33 pm

I dont blame you.
Can you post your config.
/export hide-sensitive file=yourconfigmar01
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
nostromog
Member Candidate
Member Candidate
Posts: 166
Joined: Wed Jul 18, 2018 3:39 pm

Re: DHCP Server Issues

Fri Mar 01, 2019 11:20 pm

/interface detect-internet snoops and sets up dynamic dhcp-server in interfaces. This might be confusing some computers.

If you have it configured and you are not using it, which usually only is worth in very dynamic situations, you might disable it to see if it helps.
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Sat Mar 02, 2019 12:41 am

Thats not a default setting is it..................
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Sat Mar 02, 2019 2:15 am

Can you post your config.
# feb/11/2019 14:35:44 by RouterOS 6.43.11
# software id = QSEQ-N8CZ
#
# model = RouterBOARD 3011UiAS
# serial number = 71A0065DE59E
/interface bridge
add admin-mac=6C:3B:6B:1C:E9:DC auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=\
192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/system clock
set time-zone-name=America/Los_Angeles
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Sat Mar 02, 2019 5:09 am

/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=\

should be
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Sat Mar 02, 2019 5:42 am

should be
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
You didn't noob this enough. I tried to enter what you said to change it to. But got into an edit (?) mode where it wanted more information I think, I got a line with "\..." (without the quotes)
I then entered the command without the network=\

However when I looked at the /ip address I get:

# ADDRESS NETWORK INTERFACE
0 ;;; defconf
192.168.88.1/24 192.168.88.0 ether2
1 D 73.118.217.10/23 73.118.216.0 ether1
2 ;;; defconf
192.168.88.1/24 192.168.88.0 bridge

I suspect that having the ether2 interface still there won't fix the problem. How do I get rid of it?
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Sat Mar 02, 2019 6:25 am

How do I get rid of it?
I was in WinBox and saw in Address List that I could delete ether2. I did that and thought I'd really screwed up everything. All of the computers lost internet connection but after a reboot of the computers and router, things seem to work and I have:
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; defconf
192.168.88.1/24 192.168.88.0 bridge
1 D 73.118.217.10/23 73.118.216.0 ether1
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Sat Mar 02, 2019 3:56 pm

Too funny.
I was merely pointing out that ether2 needed to be replaced by bridge in your rule.
Yes I didn't include the last line of the rule but it should be
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0

It should work.
(I normally use winbox to enter rules but using cli is good practice as well).
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Sun Mar 31, 2019 5:13 am

Things have not gotten any better, in fact worse when i tried to add a hAP ac^2. I think the problems I'm seeing are in the RB3011. I have the RB set up as a router. But I think something is wrong with the DHCP server. I have two desktop computers that shut off at night and they almost always need 1 or 2 ipconfig /release & /renew commands before they get an IP assigned to them. Now I look at the DHCP server panel and there are 8 devices who's status is waiting. Waiting for what? Is it really likely that all of them have failed to accept an offered IP address? I really need some help here. I tend to use Winbox but I think I can handle the terminal as well. Here is my current configuration:

# mar/30/2019 19:12:14 by RouterOS 6.44.1
# software id = QSEQ-N8CZ
#
# model = RouterBOARD 3011UiAS
# serial number = 71A0065DE59E
/interface bridge
add admin-mac=6C:3B:6B:1C:E9:DC auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment="To Internet"
set [ find default-name=ether2 ] comment="To Switch"
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] comment="To wAP"
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge lease-time=1h name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip cloud
set update-time=no
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
/ip dhcp-server lease
add address=192.168.88.11 client-id=1:3c:28:6d:d1:27:21 comment="Pixel 3 XL" \
mac-address=3C:28:6D:D1:27:21 server=defconf
add address=192.168.88.100 client-id=1:84:d6:d0:c:f:64 comment=\
"Echo (1st Gen)" mac-address=84:D6:D0:0C:0F:64 server=defconf
add address=192.168.88.2 client-id=1:e4:8d:8c:be:14:e3 comment=wAP \
mac-address=E4:8D:8C:BE:14:E3 server=defconf
add address=192.168.88.101 comment="Echo Spot" mac-address=24:4C:E3:F9:36:75 \
server=defconf
add address=192.168.88.102 client-id=1:cc:f7:35:da:93:93 comment="Echo Show" \
mac-address=CC:F7:35:DA:93:93 server=defconf
add address=192.168.88.18 comment="Fire TV" mac-address=B0:FC:0D:F6:AD:34 \
server=defconf
add address=192.168.88.5 client-id=1:3c:2a:f4:27:87:88 comment=\
"Brother Printer" mac-address=3C:2A:F4:27:87:88 server=defconf
add address=192.168.88.30 client-id=1:2c:e:3d:3:e8:42 comment="Lisa's S7" \
mac-address=2C:0E:3D:03:E8:42 server=defconf
add address=192.168.88.3 client-id=1:b8:69:f4:f0:52:e6 comment="hAP ac2" \
mac-address=B8:69:F4:F0:52:E6 server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall address-list
add address=192.168.88.2-192.168.88.254 list=allowed_to_router
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
add action=accept chain=input comment="default configuration" \
connection-state=established,related
add action=accept chain=input src-address-list=allowed_to_router
add action=accept chain=input protocol=icmp
add action=drop chain=input
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
set winbox address=192.168.88.0/24
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes
/system clock
set time-zone-name=America/Los_Angeles
/system ntp client
set enabled=yes server-dns-names=time.google.com
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool mac-server ping
set enabled=no
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Sun Mar 31, 2019 5:33 am

A quick perusal doesnt seem to have any show stoppers.
I would look at DNS
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 name=router.lan

Go to the IP DNS static setting right hand menu click on STATIC button and then delete the above static entry from the quickset config.
I would then add the DNS server on your dhcp network if you want to use the router to cache DNS put in the IP of the gateway as your DNS server, or put in DNS servers direct.
Can you poste your hapac config as well.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Mon Apr 01, 2019 6:08 am

I've rebooted the RB and suddenly it is providing IPs to the devices directly attached to it. Now my problem is in the next item in the chain the wAP. It seems that with the latest ROS (6.44.1) I am forced to use CAPsMAN. I've never used it before, just the Quick Set for Home AP Dual. But now any change I make to the Wireless in Quick Set just returns to the defaults when I hit Apply. Is that because in Wireless Tables > WiFi Interfaces it says "managed by CAPsMAN"? I think I now I just need to understand how to configure things with CAPsMAN.

Here is the configuration of the wAP:

# mar/31/2019 20:04:34 by RouterOS 6.44.1
# software id = 6KYP-463Y
#
# model = RouterBOARD wAP G-5HacT2HnD
# serial number = 774A0585CA7B
/interface bridge
add name=bridge1
add admin-mac=E4:8D:8C:BE:14:E1 auto-mac=no comment=defconf name=bridgeLocal
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] ssid=MikroTik
# managed by CAPsMAN
set [ find default-name=wlan2 ] ssid=MikroTik
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=bridge1 comment=defconf interface=ether1
add bridge=bridge1 interface=wlan2
add bridge=bridge1 interface=wlan1
/interface list member
add interface=bridgeLocal list=LAN
add interface=wlan2 list=WAN
add interface=ether1 list=LAN
add interface=wlan1 list=LAN
/interface wireless cap
#
set bridge=bridgeLocal discovery-interfaces=bridgeLocal enabled=yes \
interfaces=wlan1,wlan2
/ip address
add address=192.168.88.1/24 disabled=yes interface=wlan2 network=192.168.88.0
/ip dhcp-client
# DHCP client can not run on slave interface!
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
add dhcp-options=hostname,clientid disabled=no interface=bridge1
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name="MikroTik wAP"
 
mkx
Forum Guru
Forum Guru
Posts: 3911
Joined: Thu Mar 03, 2016 10:23 pm

Re: DHCP Server Issues

Mon Apr 01, 2019 8:43 am

After you configure something outside quickset, don't ever use quickset again. Quickset is actually not intelligent at all, it blindly sets things according to basic rules, overwriting whatever advanced setup is done outside quickset possibilities.
BR,
Metod
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Mon Apr 01, 2019 6:17 pm

There is no need for capsman If you don't want to use it. In other words, nothing forces one to use it. I have two capACs and you would have to beat me with a spoon for a long long time for me to add complexity to my life unnecessarily.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Mon Apr 01, 2019 7:40 pm

Thing is, I didn't setup CAPsMAN. I'd played with the config and screwed things up so bad I ended up resetting things. On the first boot it ran this script, which I snagged and don't see it in files (see below), and I never saw it run on subsequent resets.I'd rather not use CAPsMAN but the current version of the RouterOS (6.44.1) seems to want you to do things its way.

By now, I'm a little fuzzy on exactly which router this scrip ran on either the RB3011 which I want to be the main router or the wAP which I want to be a wireless bridge back to the RB. Never having used CAPsMAN before I just don't understand it. Nor do I know how to kill it. [edit; /interface wireless cap set enabled=no seems to have done that. But now the wAP isn't getting an IP] My most important need ATM is to be able to change the SSID on the wAP so the existing devices can find it again. During the resets the SSIDs got changed to "MikroTik" and my normal way of changing the SSID is disabled because the interfaces are managed by CAPsMAN <sigh>]

#-------------------------------------------------------------------------------
# Note: script will not execute at all (will throw a syntax error) if
# dhcp or wireless-fp packages are not installed
#-------------------------------------------------------------------------------

#| CAP configuration
#|
#| Wireless interfaces are set to be managed by CAPsMAN.
#| All ethernet interfaces and CAPsMAN managed interfaces are bridged.
#| DHCP client is set on bridge interface.

# bridge port name
:global brName "bridgeLocal";
:global logPref "defconf:";


:global action;

:log info $action

:if ($action = "apply") do={

# wait for ethernet interfaces
:local count 0;
:while ([/interface ethernet find] = "") do={
:if ($count = 30) do={
:log warning "DefConf: Unable to find ethernet interfaces";
/quit;
}
:delay 1s; :set count ($count + 1);
}

:local macSet 0;
:local tmpMac "";

:foreach k in=[/interface ethernet find] do={
# first ethernet is found; add bridge and set mac address of the ethernet port
:if ($macSet = 0) do={
:set tmpMac [/interface ethernet get $k mac-address];
/interface bridge add name=$brName auto-mac=no admin-mac=$tmpMac comment="defconf";
:set macSet 1;
}
# add bridge ports
/interface bridge port add bridge=$brName interface=$k comment="defconf"
}

# try to add dhcp client on bridge interface (may fail if already exist)
:do {
/ip dhcp-client add interface=$brName disabled=no comment="defconf"
} on-error={ :log warning "$logPref unable to add dhcp client";}


# try to configure caps (may fail if for example specified interfaces are missing)
:local interfacesList "";
:local bFirst 1;

# wait for wireless interfaces
:while ([/interface wireless find] = "") do={
:if ($count = 30) do={
:log warning "DefConf: Unable to find wireless interfaces";
/quit;
}
:delay 1s; :set count ($count + 1);
}

# delay just to make sure that all wireless interfaces are loaded
:delay 5s;
:foreach i in=[/interface wireless find] do={
if ($bFirst = 1) do={
:set interfacesList [/interface wireless get $i name];
:set bFirst 0;
} else={
:set interfacesList "$interfacesList,$[/interface wireless get $i name]";
}
}
:do {
/interface wireless cap
set enabled=yes interfaces=$interfacesList discovery-interfaces=$brName bridge=$brName
} on-error={ :log warning "$logPref unable to configure caps";}

}

:if ($action = "revert") do={
:do {
/interface wireless cap
set enabled=no interfaces="" discovery-interfaces="" bridge=none
} on-error={ :log warning "$logPref unable to unset caps";}

:local o [/ip dhcp-client find comment="defconf"]
:if ([:len $o] != 0) do={ /ip dhcp-client remove $o }

/interface bridge port remove [find comment="defconf"]
/interface bridge remove [find comment="defconf"]

}
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Mon Apr 01, 2019 8:03 pm

Are you saying scripts are on your devices and you don't know how they got there??
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Mon Apr 01, 2019 11:29 pm

Are you saying scripts are on your devices and you don't know how they got there??
I'm saying that the scrip I posted wasn't mine. It either came with the new hAP (which is off line while I'm sorting things) or when I updated the wAP or RB3011 to version 6.44.1. It ran on one of the systems when I first booted it. I found this post that says :
If you reset the device to CAP mode, the admin mac is set automatically.

You can verify this by checking the default configuration script:
[admin@MikroTik] > /system default-configuration print

  caps-mode-script: #-------------------------------------------------------------------------------
                    # Note: script will not execute at all (will throw a syntax error) if
                    #       dhcp or wireless-fp packages are not installed
                    #-------------------------------------------------------------------------------
                    
                    #| CAP configuration
                    #|
                    #|   Wireless interfaces are set to be managed by CAPsMAN.
                    #|   All ethernet interfaces and CAPsMAN managed interfaces are bridged.
                    #|   DHCP client is set on bridge interface.
I hadn't intended to reset the device to CAP mode. Reset it yes, but not to CAP.
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Tue Apr 02, 2019 12:56 am

The hAP is now being given an address by the RB3011. So that much is again working. Devices are connecting to the hAP, but now they are not getting an IP. The log shows;
Mar/30/2019 21:04:30 wireless,info B0:FC:0D:##:##:34@wlan2: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:04:32 wireless,info B0:FC:0D:##:##:34@wlan1: connected, signal strength -59
Mar/30/2019 21:04:41 wireless,info 24:4C:E3:##:##:75@wlan1: connected, signal strength -48
Mar/30/2019 21:04:41 wireless,info CC:F7:35:##:##:93@wlan2: connected, signal strength -60
Mar/30/2019 21:05:03 wireless,info B0:FC:0D:##:##:34@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:05 wireless,info B0:FC:0D:##:##:34@wlan2: connected, signal strength -69
Mar/30/2019 21:05:12 wireless,info 24:4C:E3:##:##:75@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:12 wireless,info CC:F7:35:##:##:93@wlan2: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:12 wireless,info 84:D6:D0:##:##:64@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:04:02 wireless,info 84:D6:D0:##:##:64@wlan2: connected, signal strength -66
Mar/30/2019 21:04:12 wireless,info 84:D6:D0:##:##:64@wlan2: disconnected, received disassoc: sending station leaving (8)
I've checked that:
  • From Wireless> WiFi Interfaces, i can see that both wlan1 and wlan2 say they are in ap bridge mode.
  • And from the terminal I get:
    [paul@MikroTik hAP] /interface> /interface wireless print      
    Flags: X - disabled, R - running 
     0    name="wlan1" mtu=1500 l2mtu=1600 mac-address=B8:69:F4:##:##:EB arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="Bree_IoT" 
          frequency=auto band=2ghz-b/g channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=802.11 
          vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled 
          default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no 
          security-profile=default compression=no 
    
     1  R name="wlan2" mtu=1500 l2mtu=1600 mac-address=B8:69:F4:##:##:EC arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="Bree_IoT" 
          frequency=auto band=5ghz-a/n/ac channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=802.11 
          vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled 
          default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no 
          security-profile=default compression=no
    
  • From the Quick Set > Home AP Dual, I verified that under Local Address DHCP Server is un-checked (which I assume means bridge mode but I don't see that anywhere).
  • And from the terminal I get:
    [paul@MikroTik hAP] /interface bridge print
    Flags: X - disabled, R - running 
     0 R name="bridge-wireless" mtu=auto actual-mtu=1500 l2mtu=65535 arp=enabled arp-timeout=auto mac-address=66:2F:4D:##:##:72 
         protocol-mode=none fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m vlan-filtering=no dhcp-snooping=no 
    
     1 R ;;; defconf
         name="bridgeLocal" mtu=auto actual-mtu=1500 l2mtu=1598 arp=enabled arp-timeout=auto mac-address=B8:69:F4:##:##:E6 
         protocol-mode=rstp fast-forward=yes igmp-snooping=no auto-mac=no admin-mac=B8:69:F4:##:##:E6 ageing-time=5m priority=0x8000 
         max-message-age=20s forward-delay=15s transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no 
    
  • And finally
    [paul@MikroTik hAP] /interface> /ip dhcp-server print
    Flags: D - dynamic, X - disabled, I - invalid 
     #    NAME                        INTERFACE                       RELAY           ADDRESS-POOL                       LEASE-TIME ADD-ARP
     0  X dhcp1                       bridgeLocal                                     dhcp                               10m       
    
Anyone? Should there even be anything set up under dhcp-server if I want the RB3011 to be the server? It doesn't seem to make any difference is it is disabled or not.
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Tue Apr 02, 2019 3:02 am

if you post both configs again I may have time to look at it later tonight.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Tue Apr 02, 2019 3:19 am

I think I found out why/how my system got set into CAPsMAN mode. I probably held the reset button down longer than 11 seconds.

Here is the RB3011 which is intended to be the DHCP Server and connection to the Gateway;
# apr/01/2019 17:13:13 by RouterOS 6.44.1
# software id = QSEQ-N8CZ
#
# model = RouterBOARD 3011UiAS
# serial number = 71A0065DE59E
/interface bridge
add admin-mac=6C:3B:6B:1C:E9:DC auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment="To Internet"
set [ find default-name=ether2 ] comment="To Switch"
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether5 ] comment="hAP ac2"
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] comment="To wAP"
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp always-broadcast=yes disabled=no interface=bridge name=\
    defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
/ip cloud
set update-time=no
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    ether1
/ip dhcp-server lease
add address=192.168.88.11 client-id=1:3c:28:6d:d1:27:21 comment="Pixel 3 XL" \
    mac-address=3C:28:6D:D1:27:21 server=defconf
add address=192.168.88.100 client-id=1:84:d6:d0:c:f:64 comment=\
    "Echo (1st Gen)" mac-address=84:D6:D0:0C:0F:64 server=defconf
add address=192.168.88.101 comment="Echo Spot" mac-address=24:4C:E3:F9:36:75 \
    server=defconf
add address=dhcp client-id=1:cc:f7:35:da:93:93 comment="Echo Show" \
    mac-address=CC:F7:35:DA:93:93 server=defconf
add address=192.168.88.18 comment="Fire TV" mac-address=B0:FC:0D:F6:AD:34 \
    server=defconf
add address=192.168.88.5 client-id=1:3c:2a:f4:27:87:88 comment=\
    "Brother Printer" mac-address=3C:2A:F4:27:87:88 server=defconf
add address=192.168.88.30 client-id=1:2c:e:3d:3:e8:42 comment="Lisa's S7" \
    mac-address=2C:0E:3D:03:E8:42 server=defconf
add address=192.168.88.3 client-id=1:b8:69:f4:f0:52:e6 comment="hAP ac2" \
    mac-address=B8:69:F4:F0:52:E6 server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall address-list
add address=192.168.88.2-192.168.88.254 list=allowed_to_router
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
add action=accept chain=input comment="default configuration" \
    connection-state=established,related
add action=accept chain=input src-address-list=allowed_to_router
add action=accept chain=input protocol=icmp
add action=drop chain=input
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface-list=WAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
set winbox address=192.168.88.0/24
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes
/system clock
set time-zone-name=America/Los_Angeles
/system ntp client
set enabled=yes server-dns-names=time.google.com
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool mac-server ping
set enabled=no
Here is the hAP ac^2 which, for now should just be a wireless gateway back to the RB3011:
# mar/30/2019 23:59:59 by RouterOS 6.44.1
# software id = EWNV-K0BF
#
# model = RBD52G-5HacD2HnD
# serial number = A97A092ACFA8
/interface bridge
add name=bridge-wireless protocol-mode=none
add admin-mac=B8:69:F4:F0:52:E6 auto-mac=no comment=defconf name=bridgeLocal
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
/interface wireless
set [ find default-name=wlan1 ] country="united states3" disabled=no \
    frequency=auto mode=ap-bridge ssid=Bree_IoT wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac country="united states3" \
    disabled=no frequency=auto mode=ap-bridge ssid=Bree_IoT \
    wireless-protocol=802.11
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
    dynamic-keys supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.88.3-192.168.88.254
/ip dhcp-server
add address-pool=dhcp interface=bridgeLocal name=dhcp1
/system logging action
set 0 target=disk
add name=action1 target=memory
/interface bridge port
add bridge=bridgeLocal comment=defconf disabled=yes interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
add bridge=bridgeLocal interface=wlan2
add bridge=bridgeLocal interface=wlan1
/interface list member
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=wlan1 list=LAN
add interface=ether1 list=WAN
add interface=wlan2 list=LAN
add interface=bridgeLocal list=LAN
/interface wireless access-list
add mac-address=24:4C:E3:F9:36:75
add mac-address=2C:0E:3D:03:E8:42
add mac-address=84:D6:D0:0C:0F:64
add mac-address=B0:FC:0D:F6:AD:34
add mac-address=CC:F7:35:DA:93:93
/interface wireless cap
set bridge=bridgeLocal discovery-interfaces=bridgeLocal interfaces=\
    wlan1,wlan2
/ip address
add address=192.168.88.1/24 interface=ether2 network=192.168.88.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=bridgeLocal
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
/ip firewall nat
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN
/ip route
add disabled=yes distance=1 gateway=192.168.88.1
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name="MikroTik hAP"
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Tue Apr 02, 2019 6:29 am

Hmmm. I dont see anything off the bat?
What mode is the HAPAC2 selected in quickset (AP-WISP?)

Perhaps your configuration is suffering from the 'Trump Wall Effect'.. lmao, sorry couldnt resist its late.
Perhaps with fresh eyes tomorrow I may see something else.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
Paul9cf22ad1
newbie
Topic Author
Posts: 35
Joined: Sun Mar 12, 2017 11:40 pm
Location: Seattle, WA

Re: DHCP Server Issues

Tue Apr 02, 2019 5:58 pm

Hmmm. I dont see anything off the bat?
What mode is the HAPAC2 selected in quickset (AP-WISP?).
Quick Set is using the Home AP Dual mode.

I'm off for a short trip and will get back to this later in the week.
 
anav
Forum Guru
Forum Guru
Posts: 3589
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Issues

Tue Apr 02, 2019 6:48 pm

Only other thing I can think of is you still have the old quickset static DNS setting to get rid of.
When you come back try the AP-Wisp default setup. hook up to main router on eth1.
Then all you need to do is configure the bridge and wireless I think.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: No registered users and 70 guests