So does that means I have to run that command locally? I was thinking of changing the MAC remotely because the router is located in DC.
You can reset them remotely. What @pe1chl was telling you was that once a device talking to your Mikrotik via a given interface determines the MAC address of that interface (or a bridge behind it) using ARP, it stores that information for a while and uses it until it expires (or maybe until it is rewritten by a packet received from your Mikrotik which may not come spontaneously). So after the reset, until the ARP record times out and is re-created by ARP or until it is refreshed by an incoming packet, the IP packets will be sent to the old MAC address and thus effectively dropped.
So until the ARP records storing the old MAC addresses on all neighbour devices get renewed one way or the other, connections with these devices will be affected. It may take minutes in some cases; in the worst case there may be a static ARP record in some of the neighbouring devices which will have to be changed manually on that device.
Also, please let me know if any of the mikrotik settings will be reset when I change the MAC addresses.
It's rather a reverse question. Nothing but the MAC address itself will be changed on each interface, but If the ethernet interfaces are, directly or indirectly (via /interface vlan
or /interface bonding
, members of some bridges and some of those bridges have auto-mac
set to no
and some admin-mac
configured, the MAC address of such bridges will not change even though you reset the MAC addresses of their member interfaces. In these cases the IP communication via each such bridge will not be interrupted until you manually change the admin-mac
of that bridge. Where auto-mac=yes
(the default), the bridge (and also all /interface vlan
which have that bridge as a carrier interface
) inherits its MAC address from the member port with the lowest numeric value of MAC address so it will change as you reset it on the member interface. Same case with /interface bonding
which also inherits MAC from member interfaces.
Another question is, should I change the MAC addresses one by one or should I just run the full reset command (/interface ethernet reset-mac-address)?
To minimize the outage I'd recommed to change all interfaces in a single step; to do that, you need to add [find]
to the end of the command instead of interface name.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.