Basically if it would be (please correct me if im incorrect) a firewall rule problem, this would occure on every dhcp release/renew right? But this happens randomly (like in the 2 last days they had 3 times this problem, before no one said anything but maybe they just didnt "see" the problem).
"Make sure you're allowing DHCP replies from the DHCP server IP address in your firewall rules" -> please tell me, how can i do this? (maybe: forward chain, source ip=dhcp server ip, and accept?)
Packet caputre -> i never did it, bc i never had to. If you have the time and patience, please provide me an as well written asnwer like u did before
Thank you all guys!!!
The inconsistency you describe doesn't necessarily disprove a firewall issue since it's possible a failure wasn't noticed.
After DHCP renew fails and the DHCP lease time expires, the router loses the IP address. Then it sends a DHCP request to 255.255.255.255 again. Then it should obtain a new, possibly different IP address.
If you have something like
add action=accept chain=input connection-state=established,related in-interface=<WAN interface name>
in your firewall rules, that should accept the DHCP renew reply. Of course, if you have a rule above this one that drops the DHCP reply, it will hit first and this rule will never be matched.
Here's a packet capture config that sends the packets to a host.
/tool sniffer
set filter-interface=<monitored interface> filter-ip-address=10.28.0.135/32 filter-stream=yes streaming-enabled=yes streaming-server=10.28.0.50
This will capture packets on the monitored interface with a source or destination of 10.28.0.135, and send the packets to host 10.28.0.50. I'd use Wireshark to capture the packets on the 10.28.0.50 host myself. If you're a Linux guy tcpdump does the same thing.
In /tool sniffer, type start to start the capture, and stop to stop the capture. Alternately, you can configure, start and stop from the GUI as well.
Then you can analyze the packets to justify your argument that this is probably something your ISP needs to fix.