In the CPE we have a srce-nat rule:
/ip firewall nat add action=masquerade chain=srcnat comment="Masquerade all traffic leaving wlan1" out-interface=wlan1
/ip dhcp-client option add code=12 name=host value="'R1-027'" /ip dhcp-client add default-route-distance=0 dhcp-options=host,clientid disabled=no interface=wlan1
/ip dhcp-server add address-pool=DHCP-pool disabled=no interface=ether1-local name=default /ip dhcp-server network add address=192.168.50.0/24 dns-server=18.104.22.168,22.214.171.124 gateway=192.168.50.1
So, in the AP looking in the registration table we can 'see' the CPE and its assigned IP. That makes it easy to copy and paste it to open in winbox in case of need.
We can also see if things are ok.
But what we see occasionally is that the "Last IP" reading at times shows a internal address IP like 192.168.50.xxx
This means it is a package originally coming from the local network but that doesn't get the 'public' IP while leaving the srce-nat chain.... How is that possible?
Sometimes when client is browsing we also see other IP's occasionally. But I'd presume the "Last IP" listing only shows IP's coming from the client?
Since clients usually don't run servers there should be no 'internet initiated' packages flowing to the client's CPE? So every package coming from or going to that CPE should have its assigned IP in the header?
Or is there some sort of 'leak' that makes some packages go out of the CPE without its public IP but with the original local IP instead?