Community discussions

MikroTik App
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Hex: No DHCP IP address acquired on WAN interface

Tue May 30, 2023 2:13 pm

Tried a lot of things, but my Hex does not get an automatic IP from my ISP (Tweak in NL over KPN the fiber network). The configuration is from the default QuickSet to keep it simple. The DHCP client on ether1 shows "Searching...".

Things I tried:
- Cloned MAC and WAN IP settings from a working router (static IP): works
- Installed OpenWRT on the Hex: works out of the box
- Connected both the WAN cable and the Hex to a managed Layer 2 switch (TP-Link TL-SG108PE): works
- Tried a TP-Link Archer C7 v2: doesn't work with factory firmware but does work with DD-WRT installed
- Debug shows this:
		583	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	dhcp-client on ether1 sending discover with id 177533513 to 255.255.255.255	
		584	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	secs = 38	
		585	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	flags = broadcast	
		586	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	ciaddr = 0.0.0.0	
		587	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	chaddr = <SNIP>
		588	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	Host-Name = "MikroTik"	
		589	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	Msg-Type = discover	
		590	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	Parameter-List = Subnet-Mask,Classless-Route,Router,Static-Route,Domain-Server,NTP-Server,CAPWAP-Server,Vendor-Specific	
		591	Jan/02/1970 00:50:57	memory	dhcp, debug, packet	Client-Id = <SNIP>
Then it stops

Running out of options, so I appreciate some help.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 8:35 am

The following post is using a wireless wan, but maybe a similar issue

viewtopic.php?t=196619&sid=fbd589b9dcaf ... b#p1005601

What happens is that the client does get connected to the WiFi network, but sometimes the wireless interface does not go to the "up" state. So the DHCP client does not get an address.
It will remain stuck in that condition until the WiFi connection is interrupted for some reason.
This is on RB951G-2HnD devices, so old wireless code.
 
holvoetn
Forum Guru
Forum Guru
Posts: 5321
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 9:39 am

Which version of ROS do you run on that Hex ?
There have been some recent bug fixes related to DHCP context, might be worthwhile to upgrade to latest stable version in ROS7 chain.
(Hex runs just fine on ROS7, mine does already for several years).
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 9:43 am

I'm running 7.9.1 now. Tried different versions, same result.
 
holvoetn
Forum Guru
Forum Guru
Posts: 5321
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 10:23 am

In that case, can you post your config ?
/export file=anynameyouwish

Remove serial number, if needed public WAN IP, passwds, etc.
Then post content between [ ] code quotes.
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 11:05 am

I'm not near the router now, I will return home on Monday. But the default config is not touched, just using QuickSet (which works when I connect to WAN through a L2 switch as mentioned before).
 
holvoetn
Forum Guru
Forum Guru
Posts: 5321
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 02, 2023 11:28 am

Quickset and default config are not the same.
So monday it is then.
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Mon Jun 05, 2023 7:21 pm

Here is my config
# jan/08/1970 05:54:26 by RouterOS 7.9.1
# software id = UZ6A-3MG3
#
# model = RB750Gr3
# serial number = 6F3907213292
/interface bridge
add admin-mac=64:D1:54:??:??:?? auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp interface=bridge name=defconf
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
/ip dhcp-client
add comment=defconf interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=\
    192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface-list=WAN
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=\
    icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=\
    33434-33534 protocol=udp
add action=accept chain=input comment=\
    "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
    udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
    protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=input comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=\
    !LAN
add action=accept chain=forward comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment=\
    "defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
    hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\
    icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=\
    500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=forward comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=\
    !LAN
/system note
set show-at-login=no
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Last edited by heinrichnak on Tue Jul 04, 2023 4:31 pm, edited 1 time in total.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Tue Jun 20, 2023 11:45 am

Hi,

I had a look nat the Tweak setup page https://www.tweak.nl/support/apparatuur ... reren.html , and for 2 of their
setups, the internet uses vlan 34

You could add a vlan interface to ether1 with a vlan of 34,
Make the new vlan interface a wan (Interfaces interface list)
(leave ether1 as a wan)
move the dhcp client that is on ether1 to the new vlan

See if that helps.
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 21, 2023 11:39 am

Thanks. I have an Internet Only subscription, which does not use VLAN tagging. I have tried using the VLAN tags anyway, but no luck.

From their support page (translated):
Internet Only
The connection is untagged (so no VLANs).
Use the WAN port of your own router to connect our media converter.
Use DHCP to obtain an IP address.

Latest RouterOS version (7.10) shows the same behavior btw.
 
erlinden
Forum Guru
Forum Guru
Posts: 1900
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 21, 2023 11:51 am

Might be something ISP related. What is the eth1 connected to? Have you tried waiting a bit longer?
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 21, 2023 12:09 pm

WAN port (ether1) is directly connected to the media converter of my ISP. I will try waiting a bit longer.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 21, 2023 12:22 pm

It may be that your ISP has somehow "remembered" the MAC address of the other router and refuses to assign an IP address until the lease for that other MAC has timed out (as a way to prevent that you can get 2 IP addresses on your line).
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 21, 2023 12:32 pm

I have done some experimenting with this (see 1st post), and that does not seem to be the case. It looks like some router OSes (like factory TP-Link and Mikrotik RouterOS) have a different DHCP Client implementation which causes my issue. Or some kind of blacklist at the ISP side. I just don't get a DHCP reply for my requests.

Currently I'm using a TP-Link C7 with DD-WRT without issues. If I connect my laptop (with a different MAC address obviously) directly to the media converter, that works fine as well (I get a DHCP lease instantly). And OpenWRT on the Hex works as well.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jun 28, 2023 11:39 am

Hi,

Some thoughts:

Try changing the Hostname/Identity of the router.
Maybe they block devices named Mikrotik (due to some issues in the past with poorly configured devices)

Looking at the Mikrotik dhcp client page, it says it requests a few options.

But none of those listed are the CAPWAP-Server or the Vendor-Specific Options which are also requested.
Maybe your ISP's DHCP server doesn't like one of these, unfortunately you can't change them.

Also the vendor-specific option request is sent, but it doesn't send a Vendor Class Identifier so presumably the DHCP server is supposed to guess what vendor-specific option it wants??
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Thu Jun 29, 2023 8:03 pm

Good one, but changing the hostname was tried earlier as well (inspired by another post). No luck.

Maybe a future release of RouterOS will fix this, but for now I think I'm out of options.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 30, 2023 2:14 am

Maybe you could attempt to get your openwrt client to send these additional options and see if it causes the dhcp to break and if so, That might be useful to send to Mikrotik Support. (And maybe also to your ISP)

Perhaps easier. You could ask your ISP tech support and see if they can give you any insight into what is currently happening.
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 30, 2023 1:47 pm

My ISP has its own forum, I have posted this issue a while ago: https://forum.tweak.nl/t/internet-only- ... ce/2444/22 (sorry, in Dutch).

I also called Tweak support, and they said everything looked fine at their side and that they could see my DHCP requests. Maybe good to know: in my area, Tweak ISP uses the KPN fiber network. No support for end users from that party though.

I will try the OpenWRT-with-additional-client-settings route.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jun 30, 2023 8:55 pm

I also called Tweak support, and they said everything looked fine at their side and that they could see my DHCP requests.
More interesting: can they see their DHCP server send replies, and if so: what replies.
 
aoakeley
Member Candidate
Member Candidate
Posts: 170
Joined: Mon May 21, 2012 11:45 am

Re: Hex: No DHCP IP address acquired on WAN interface

Sat Jul 01, 2023 12:06 pm

I also called Tweak support, and they said everything looked fine at their side and that they could see my DHCP requests.
More interesting: can they see their DHCP server send replies, and if so: what replies.
What do you see if you packet capture on the WAN interface? Does it capture any reply?
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Sat Jul 01, 2023 4:53 pm

Output of DHCP debug is in the 1st post.

pcap output:
07:58:21.951897 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......Ct\>....................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:21.964208 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4UF....Ct\>....................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:22.953477 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:22.962472 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	l...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:23.955024 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:23.966078 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	j...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:25.957577 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:26.088946 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	h...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:27.939861 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:27.949621 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	f...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:29.822317 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:29.832650 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	d...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:35.228318 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:35.239033 IP 217.19.17.85.67 > 255.255.255.255.68: UDP, length 300
E..H.......}...U.....C.D.4	_...._.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
07:58:38.159779 IP 78.128.113.50.8080 > 217.19.19.188.10875: tcp 0
E..(;.......N.q2......*{...p....P.........
07:58:40.299871 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
E..H.................D.C.4I....._.......................d.T._...........................................................................................................................................................................................................c.Sc5....MikroTik7..y.!.*.+=..d.T._.............................
07:58:40.310516 IP 217.19.17.85.67 > 217.19.19.188.68: UDP, length 300
E..H...........U.....C.D.4......_.......................d.T._...........................................................................................................................................................................................................c.Sc5..6....U3...................R...R..........................
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Sun Jul 02, 2023 12:32 pm

That is not useful, you should put the pcap output in a file, open that file in wireshark on another machine, and decode it there.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Mon Jul 03, 2023 10:34 am

From the original post

- Connected both the WAN cable and the Hex to a managed Layer 2 switch (TP-Link TL-SG108PE): works

This seems very dubious, does an ordinary non managed layer 2 switch cause it to work?

Maybe indicates some sort of interface stability issue?
Maybe configure to run at 100M and see what that does?
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Tue Jul 04, 2023 2:15 pm

Fixed speed and duplex did not help (tried that earlier as well).

And here is a more useful sniffing attempt hopefully, I just captured all packets on ether1 (masked my MAC):
04:38:11.010272 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 17, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:11.021059 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 17, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:15.843472 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 22, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:15.853409 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 22, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:17.946158 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 24, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:17.955747 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 24, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:22.420298 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 29, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:22.431511 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 29, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:22.909797 IP (tos 0x0, ttl 248, id 1647, offset 0, flags [none], proto TCP (6), length 40)
    78.128.113.94.55672 > 217.19.19.188.3030: Flags [S], cksum 0x4409 (correct), seq 3084328453, win 1024, length 0
04:38:23.752203 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 30, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:23.762918 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 30, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:26.663475 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:26.679338 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:27.601759 IP (tos 0x0, ttl 240, id 54321, offset 0, flags [none], proto TCP (6), length 40)
    45.55.0.13.34659 > 217.19.19.188.4369: Flags [S], cksum 0x958e (correct), seq 351359707, win 65535, length 0
04:38:29.774410 IP6 (hlim 1, next-header Options (0) payload length: 32) fe80::1 > ff02::1: HBH (rtalert: 0x0000) (pad1)(pad1) [icmp6 sum ok] ICMP6, multicast listener querymax resp delay: 10000 addr: ::
04:38:29.774429 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 32, options (RA))
    0.0.0.0 > 224.0.0.1: igmp query v2
04:38:30.511737 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 37, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:30.522438 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 37, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:31.733470 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 38, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:31.742630 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 38, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:32.509964 IP6 (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::2: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::2
04:38:32.802501 IP (tos 0x0, ttl 240, id 54321, offset 0, flags [none], proto TCP (6), length 40)
    162.243.129.13.34459 > 217.19.19.188.4840: Flags [S], cksum 0x9b9d (correct), seq 3247941721, win 65535, length 0
04:38:34.589967 IP6 (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::1:ff00:0: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1:ff00:0
04:38:34.927217 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 41, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:34.936946 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 41, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:35.389965 IP6 (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::1:ffa1:5fef: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1:ffa1:5fef
04:38:35.470243 IP (tos 0x0, ttl 250, id 54321, offset 0, flags [none], proto TCP (6), length 44)
    94.102.61.5.33148 > 217.19.19.188.12250: Flags [S], cksum 0x0a09 (correct), seq 2768482184, win 65535, options [mss 1460], length 0
04:38:36.419275 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 43, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:36.430077 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 43, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:36.600436 IP (tos 0x0, ttl 48, id 33755, offset 0, flags [DF], proto ICMP (1), length 36)
    173.255.193.181 > 217.19.19.188: ICMP echo request, id 10507, seq 35683, length 16
04:38:37.276443 IP (tos 0x0, ttl 249, id 21308, offset 0, flags [none], proto TCP (6), length 40)
    69.50.94.76.60000 > 217.19.19.188.22298: Flags [S], cksum 0x7740 (correct), seq 1262426010, win 1024, length 0
04:38:39.943469 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 46, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:39.952623 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 46, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jul 05, 2023 4:30 am

Some of the ISP replies seem strange.

Why is it often sending to:
217.19.17.85.67 > 217.19.19.188

Does this unit have a static ip address on the interface?
(probably 217.19.19.188)

Perhaps remove it.
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jul 05, 2023 8:11 am

No static IP, double checked that. I even had reset the RouterOS configuration before I captured the packets.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jul 05, 2023 11:49 am

The issue appears to be that the ISP sends the DHCP replies to the assigned address, rather than to the broadcast address.
The router does not process these because it does not have that address yet.
I don't know if that is a bug or simply a matter of "not implementing the quirks that many other manufacturers have implemented".
(similar to the long-running story of "forced DHCP options", which also were a workaround for bugs at the other end)

Is that address 217.19.19.188 permanently assigned to your line, i.e. do you get that same address when you connect your other router or your laptop?
And is it mentioned in your welcome letter as "your address"? (usually in the Netherlands DSL customers get a static address)

If so, you may try to configure the offered information (address 217.19.19.188/23, default gw 217.19.18.1, DNS servers 82.197.196.182,82.197.196.183) as static configuration, and remove the DHCP client.
Of course, when the address is dynamically assigned to customers, you should not do that!
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jul 05, 2023 7:17 pm

I do not have a static IP with my subscription (fiber optic btw, not DSL), so I don't know where that IP is coming from (probably from the DHCP pool of my provider).
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 883
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: Hex: No DHCP IP address acquired on WAN interface

Wed Jul 05, 2023 9:01 pm

Some of the ISP replies seem strange.

Why is it often sending to:
217.19.17.85.67 > 217.19.19.188
and
The issue appears to be that the ISP sends the DHCP replies to the assigned address, rather than to the broadcast address.
The router does not process these because it does not have that address yet.
That's allowed by RFC2131 and MikroTik claims its dhcp client is RFC2131 compliant. What is important is the dst mac address in the ethernet header of the Offer. We can't see the ethernet details in the wireshark decode, but if it was sent to the dhcp client's mac address, it should have worked. And it appears the MikroTik was setting the broadcast flag (after a long delay, (see the flag at end of the Discover sent at 04:38:26.663475

04:38:26.663475 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)

I am not sure why the offer was not accepted. The xid match, the offered address and offered gateway are within the same network as specified by the mask 255.255.254.0 (/23)
04:38:26.663475 IP (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:26.679338 IP (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
Read this: How can a DHCP OFFER message be unicast?. A dhcp server is allowed to send dhcp offers with ethernet unicast to the requesting client's mac address and the "the offered ip address" as the destination ip address.

Note the reference in first answer to RFC1542 Clarifications and Extensions for the Bootstrap Protocol: section 3.1.1 The BROADCAST flag where it states: "Unfortunately, some client implementations are unable to receive such unicast IP datagrams until they know their own IP address (thus we have a "chicken and egg" issue).", and then suggests that the client should set the broadcast flag.

It also states:

DISCUSSION:

This addition to the protocol is a workaround for old host
implementations. Such implementations SHOULD be modified so
that they may receive unicast BOOTREPLY messages, thus making
use of this workaround unnecessary. In general, the use of
this mechanism is discouraged.

Since RFC1542 has been superceeded by RFC2131, and the MikroTik documentation claims that the dhcp client is RFC2131 compliant, this should work as descriped in RFC2131 Section 4.1 Constructing and sending DHCP messages

If MikroTik does not handle this case, it needs to be fixed. RFC1542 is from October 1993, and RFC2131 is from March 1997 (I think both of these were published before ROS existed, but I am not sure).
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 8:40 am

Same capture, now with link-level header containing more ethernet info.
04:38:11.010272 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 17, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:11.021059 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 17, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:15.843472 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 22, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:15.853409 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 22, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:17.946158 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 24, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:17.955747 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 24, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:22.420298 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 29, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:22.431511 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 29, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:22.909797 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 248, id 1647, offset 0, flags [none], proto TCP (6), length 40)
    78.128.113.94.55672 > 217.19.19.188.3030: Flags [S], cksum 0x4409 (correct), seq 3084328453, win 1024, length 0
04:38:23.752203 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 30, Flags [none] (0x0000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:23.762918 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 217.19.19.188.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 30, Flags [none] (0x0000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:26.663475 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:26.679338 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 33, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:27.601759 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 240, id 54321, offset 0, flags [none], proto TCP (6), length 40)
    45.55.0.13.34659 > 217.19.19.188.4369: Flags [S], cksum 0x958e (correct), seq 351359707, win 65535, length 0
04:38:29.774410 58:00:32:07:92:20 > 33:33:00:00:00:01, ethertype IPv6 (0x86dd), length 86: (hlim 1, next-header Options (0) payload length: 32) fe80::1 > ff02::1: HBH (rtalert: 0x0000) (pad1)(pad1) [icmp6 sum ok] ICMP6, multicast listener querymax resp delay: 10000 addr: ::
04:38:29.774429 58:00:32:07:92:20 > 01:00:5e:00:00:01, ethertype IPv4 (0x0800), length 60: (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 32, options (RA))
    0.0.0.0 > 224.0.0.1: igmp query v2
04:38:30.511737 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 37, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:30.522438 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 37, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:31.733470 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 38, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:31.742630 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 38, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:32.509964 64:d1:54:??:??:?? > 33:33:00:00:00:02, ethertype IPv6 (0x86dd), length 86: (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::2: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::2
04:38:32.802501 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 240, id 54321, offset 0, flags [none], proto TCP (6), length 40)
    162.243.129.13.34459 > 217.19.19.188.4840: Flags [S], cksum 0x9b9d (correct), seq 3247941721, win 65535, length 0
04:38:34.589967 64:d1:54:??:??:?? > 33:33:ff:00:00:00, ethertype IPv6 (0x86dd), length 86: (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::1:ff00:0: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1:ff00:0
04:38:34.927217 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 41, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:34.936946 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 41, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:35.389965 64:d1:54:??:??:?? > 33:33:ff:??:??:??, ethertype IPv6 (0x86dd), length 86: (hlim 1, next-header Options (0) payload length: 32) fe80::66d1:54ff:fea1:5fef > ff02::1:ffa1:5fef: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1:ffa1:5fef
04:38:35.470243 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 62: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 250, id 54321, offset 0, flags [none], proto TCP (6), length 44)
    94.102.61.5.33148 > 217.19.19.188.12250: Flags [S], cksum 0x0a09 (correct), seq 2768482184, win 65535, options [mss 1460], length 0
04:38:36.419275 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 43, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:36.430077 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 43, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
04:38:36.600436 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 48, id 33755, offset 0, flags [DF], proto ICMP (1), length 36)
    173.255.193.181 > 217.19.19.188: ICMP echo request, id 10507, seq 35683, length 16
04:38:37.276443 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 249, id 21308, offset 0, flags [none], proto TCP (6), length 40)
    69.50.94.76.60000 > 217.19.19.188.22298: Flags [S], cksum 0x7740 (correct), seq 1262426010, win 1024, length 0
04:38:39.943469 64:d1:54:??:??:?? > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 64:d1:54:??:??:??, length 300, xid 0x6258d17c, secs 46, Flags [Broadcast] (0x8000)
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Discover
	    Hostname (12), length 8: "MikroTik"
	    Parameter-Request (55), length 8: 
	      Subnet-Mask (1), Classless-Static-Route (121), Default-Gateway (3), Static-Route (33)
	      Domain-Name-Server (6), NTP (42), Unknown (138), Vendor-Option (43)
	    Client-ID (61), length 7: ether 64:d1:54:??:??:??
04:38:39.952623 00:30:88:19:c2:af > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6, ethertype IPv4 (0x0800), (tos 0xc0, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)
    217.19.17.85.67 > 255.255.255.255.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x6258d17c, secs 46, Flags [Broadcast] (0x8000)
	  Your-IP 217.19.19.188
	  Client-Ethernet-Address 64:d1:54:??:??:??
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message (53), length 1: Offer
	    Server-ID (54), length 4: 217.19.17.85
	    Lease-Time (51), length 4: 3600
	    Subnet-Mask (1), length 4: 255.255.254.0
	    Default-Gateway (3), length 4: 217.19.18.1
	    Domain-Name-Server (6), length 8: 82.197.196.182,82.197.196.183
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 9:43 am

04:38:11.021059 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6,

Hmm it does have a vlan, but for 0.

Not quite sure what to do there, some Mikrotiks you can get the switch chips to remove vlan tags, not the Hex.

I was thinking you could connect the ethernet port to a new bridge, and enable vlan filtering on it, and see if that might work.
(Would need to make the bridge a WAN interface, and also attach the dhcp client to it, and no STP)

While looking at how you might configure this, I found an entry (under bridge port, vlan) of Frame Types one of which is admit only untagged and priority tagged.

It seems likely the frames received are priority tagged frames.

Perhaps this is a Mikrotik bug, it seems to know about these frame types, it should possibly be able to use them for DHCP.

Regards
Roger
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 10:42 am

04:38:11.021059 00:30:88:19:c2:af > 64:d1:54:??:??:??, ethertype 802.1Q (0x8100), length 346: vlan 0, p 6,

...

It seems likely the frames received are priority tagged frames.
Indeed it's a 802.1q frame with only priority set. In theory switches and bridges should treat such frame as VLAN-untagged (as VID is set to 0 which is reserved just for this use case), but since @OP uses ether1 directly, without any 802.1q header treatment, it's highly likely that ROS ignores these frames, because neither switch chip of hEX S nor bridge are explicitly setup to deal with 802.1q tags. And ROS' L3 expects untagged frames to work with while frames, shown in dumps posted, have 802.1q tags attached.

A try to work around this problem would be to introduce another bridge with VLAN filtering enabled and single interface made member port (with HW offload disabled to make sure this bridge doesn't take over the ability for HW offloading of LAN bridge, which actually makes use of it):
/interface bridge
add name=bridge-WAN vlan-filtering=yes
/interface bridge port
add bridge=bridge-WAN interface=ether1 edge=yes frame-types=admit-only-untagged-and-priority-tagged hw=no ingress-filtering=yes
(optionally one could set priority=6 on that port to match priority value used by ISP). Property edge=yes instructs this bridge not to pass any of xSTP frames via this frame, some ISP CPEs can freak out when they see these.

And then, as @rplant already mentioned, further use bridge-WAN as WAN interface (both as base for DHCP client and as WAN interface list membership to make firewall work correctly).

[edit] Setting bridge port is not correct thing in context of 802.1q tags, property priority is used by xSTP.
Last edited by mkx on Fri Jul 07, 2023 2:50 pm, edited 2 times in total.
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 883
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 11:14 am

This reminded me of a problem on the MT7621 based ER-X (very similar architecture to the hEX), where everything goes "through" the switch ASIC.

The problem was that any priority only tagged packets with PCP (Priority) != 0 would be dropped. This was fixed with a patch, so it would be interesting to see if the problem only exists with priority not zero. If you have scapy and a linux box you should be able to "kraft" packets.

You can read about the problem on the ER-X here: ER-X problems routing VLAN packets with firmware v2.0.6
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 11:34 am

Excellent! That worked.
1 D address=217.19.19.188/23 network=217.19.18.0 interface=bridge-WAN actual-interface=bridge-WAN
I had played with this solution before, but probably missed an option which caused it to fail.

Thanks all for the thorough analysis.

Question now is whether this is a RouterOS bug.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 12:12 pm

Interesting...
The reason this problem is not well-known is that it is very unusual to have a service over fiber to not use VLAN tags.
All services I know of use some VLAN for the internet service, so they can use other VLAN numbers for other services (IPTV, VoIP etc).
When configuring that, you add a VLAN subinterface to ether1 and use that as the WAN interface, and this problem does not occur in that configuration.
Any idea why your ISP does not use VLAN tags? Do they not offer IPTV?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 2:18 pm

Any idea why your ISP does not use VLAN tags? Do they not offer IPTV?

I guess it's not so unheard of. My ISP offers internet (actually PPPoE, but this doesn't change things much) over completely untagged and other services (VoIP, IPTV) VLAN tagged.

But I agree, that having internet service untagged, but with QoS value set, is pretty uncommon.

As to the question whether the observed behaviour is a bug or not: if we take ROS as very versatile but demanding OS where everything has to be configured explicitly, then it's a feature.
Knowing that the L3 layer in ROS works expressly with frames with ethertype of known L3 protocols (i.e. 0x0800 - IPv4 or 0x86DD - IPv6), then it's understandable that it ignores frames of other ethertypes and 0x8100 (VLAN tag) is one of those. It relies on lower layers to properly deal with (i.e. remove or add, depending on direction) those headers. In case of 802.1q headers, it's either switch chip or bridge (with vlan filtering enabled) that should do it.
Which means that the observed mis-behaviour is rather a lack of proper configuration ... but nobody is blaming @OP as this case is uncommon (as already mentioned). I'm glad we collaboratively cracked this nut.

@heinrichnak: I hope the IP address in your last post is "fake" ... if it's not, redact it as soon as possible ... and try to get a different one, by this time bots have probably already took a note about it.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 2:39 pm

The problem was that any priority only tagged packets with PCP (Priority) != 0 would be dropped. This was fixed with a patch, so it would be interesting to see if the problem only exists with priority not zero.

I think this is a completely unrelated problem and I think that, as I philosophized in my previous post, the problem comes from the fact that frames do have 802.1q tags applied and my guess is that actual values of either PCP or VID fields don't matter at all. Simply some entity below ROS' IP stack has to strip that header.
In case of using a bridge, for headers with VID=0 this is done by bridge on ingress because bridge properly considers frames with 802.1q header and VID=0 as untagged and replaces this header with another header, having VID set to value of PVID (which in ROS is implicitly set value of pvid=1). Or the original header is updated with VID=pvid, but this doesn't matter. And when such frame exits bridge towards CPU via bridge port, the 802.1q header gets stripped due to (implicit) property of bridge port (frame-types=admit-all pvid=1) which makes bridge port access port for VLAN 1. And this handling makes ROS' IP stack happy.

A bit of information in this puzzle would be a test to see, whether PCP value survives traversal between access (untagged) port and trunk port. But this would perhaps clarify the way ROS handles PCP values rather than the dilemma about replacing/updating ingress 802.1q header. I'm not using PCP values anywhere in my networks and judging on what I read on this forum it seems that ROS doesn't really shine in handling PCP values.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 3:24 pm

@heinrichnak: I hope the IP address in your last post is "fake" ... if it's not, redact it as soon as possible ... and try to get a different one, by this time bots have probably already took a note about it.
That really does not matter, bots have already taken note of ALL IPv4 addresses. Scanning and hacking goes to any address, no matter if you post it on some router forum.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 3:28 pm

A bit of information in this puzzle would be a test to see, whether PCP value survives traversal between access (untagged) port and trunk port. But this would perhaps clarify the way ROS handles PCP values rather than the dilemma about replacing/updating ingress 802.1q header. I'm not using PCP values anywhere in my networks and judging on what I read on this forum it seems that ROS doesn't really shine in handling PCP values.
Well I use it, but only on tagged VLANs. It mostly works, i.e. the PCP value is copied to the priority value in each packet and back when it leaves the router, so you can manipulate them.
Having only priority and no VLAN tagging is always a bit problematic, and apparently it is the cause of this problem. THe 8100 packet type is clearly only processed by the VLAN subinterface, not on a bare ethernet interface (but it should be for 802.11p). And you still cannot add a VLAN subinterface for VLAN 0, which would be a workaround for this.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 3:32 pm

And you still cannot add a VLAN subinterface for VLAN 0, which would be a workaround for this.
Indeed. Which then calls for "heavy iron" in shape of vlan-enabled bridge :wink:
 
heinrichnak
just joined
Topic Author
Posts: 16
Joined: Tue May 30, 2023 1:40 pm

Re: Hex: No DHCP IP address acquired on WAN interface

Fri Jul 07, 2023 8:01 pm

I went for the Internet Only subscription, no IPTV/VoIP. So no VLANs.
 
rplant
Member Candidate
Member Candidate
Posts: 282
Joined: Fri Sep 29, 2017 11:42 am

Re: Hex: No DHCP IP address acquired on WAN interface

Sat Jul 08, 2023 8:19 am

You could perhaps suggest to your ISP that they include a note indicating some/all? basic internet packets use priority tagged ethernet frames.
Might help others in future.

Who is online

Users browsing this forum: No registered users and 19 guests