RouterOS 5.5 (yes, I know, it's out of date). I've set up an OpenVPN server:
>/ppp profile print detail
1 name="OpenVPN profile1 Jaytest" local-address=ovpn_pool_win01 remote-address=ovpn_pool_win01 use-mpls=default
use-compression=default use-vj-compression=default use-encryption=required only-one=default change-tcp-mss=default
> /ip pool print detail
0 name="dhcp_pool2" ranges=192.168.1.32-192.168.1.192 next-pool=dhcp_pool5
1 name="ovpn_pool_linux" ranges=192.168.5.32/27
2 name="ovpn_pool_win02" ranges=192.168.5.69-192.168.5.70 next-pool=ovpn_pool_win03
3 name="ovpn_pool_win01" ranges=192.168.5.65-192.168.5.66 next-pool=ovpn_pool_win02
4 name="ovpn_pool_win05" ranges=192.168.5.81-192.168.5.82 next-pool=ovpn_pool_win06
5 name="ovpn_pool_win04" ranges=192.168.5.77-192.168.5.78 next-pool=ovpn_pool_win05
6 name="ovpn_pool_win03" ranges=192.168.5.73-192.168.5.74 next-pool=ovpn_pool_win04
7 name="ovpn_pool_win07" ranges=192.168.5.89-192.168.5.90
8 name="ovpn_pool_win06" ranges=192.168.5.85-192.168.5.86 next-pool=ovpn_pool_win07
9 name="dhcp_pool5" ranges=192.168.4.2-192.168.4.254
I have this series of /2 pools because of the limitation of the RouterOS implementation of OpenVPN so that every connected Windows OpenVPN client requires its own /2 subnet.
This all works fine. The problem is that when an OpenVPN session terminates, the MikroTik does not release the IP address which that OpenVPN session allocated. For example, right now, my user "jlibove" is not connected at all, but both of the user's previous OpenVPN sessions from the last few days remain:
/ip pool used print
<lots of normal internal LAN DHCP leases>
ovpn_pool_win01 192.168.5.65 PPP<184.108.40.206> jlibove
ovpn_pool_win01 192.168.5.66 PPP<220.127.116.11> jlibove
This is from an OpenVPN session from several days ago, long since closed. It's possible that the session closed abnormally, but anyway the MikroTik ought to eventually garbage collect these IP addresses back in to the usable pool.
Is this a known bug/ is there a fix? .. or do I need a script (help, please :-) ) to find and clear dead IP assignments from OpenVPN sessions?