I think its something in the way the packet is altered when traversing the bridge. I always wondered if the randomness had to do with some other consumer router on that node doing some weird thing that AP isolation should not let happen but does. Once I found that the firewall rule resolved it I just implemented it on all the site mikrotiks since I couldnt replicate it.
On Wed, Mar 9, 2022 at 9:38 AM Nate Burke <n...@blastcomm.com> wrote: > I have not had this problem with any Mikrotik Customer routers, but it > happens so rarely. It's happened on about 4 AP's across my entire network > in the last year. > > The first time I experienced it was last summer during an install, The > customers router refused to get a DHCP Lease, as did my field laptop. > Other routers behind other SM's were getting DHCP Leases just fine. We > changed the SM and it still would not DHCP. I ended up putting that SM > into NAT mode, and that worked with DHCP Just fine. > > A few months later we installed a customer at another site. The customer > ran fine for about 2 months, then starting having this issue about every 2 > weeks. Reboot the AP, or push the Customer SM to another AP would solve > the problem. We ended up replacing the AP with an EPMP2000 to save the > customer, since we were 'always' down. Customer had a Netgear router, and > has not had an issue since changing the AP. > > 3rd Site had a customer with an Apple Airport, put the SM into NAT mode > and it worked fine. No issues with any other customers at the site. > > 4th site just happened this week. TP-Link Deco unit. The only thing I > did was reboot the AP and that fixed it. > > It's just so random and strange, I was hoping I wasn't the only one having > this. > > On 3/9/2022 8:11 AM, Josh Luthman wrote: > > The input chain is to the Mikrotik itself, ie the IP address that it would > theoretically get from the DHCP server. I was thinking of a managed > Mikrotik as a demarc to the customer's stuff (so forward chain). > > On Tue, Mar 8, 2022 at 7:57 PM Steve Jones <thatoneguyst...@gmail.com> > wrote: > >> I had this issue a long time ago, id like to think that it was a firmware >> revision that resolved the issue, but it was a long time ago and im >> partially retarded. >> If you have a mikrotik, add an input rule allow udp 67. Just for kicks. >> It might be this issue that i have that policy for. >> >> On Tue, Mar 8, 2022, 4:22 PM Josh Luthman <j...@imaginenetworksllc.com> >> wrote: >> >>> Raise a ticket with Cambium and explain the situation? If you could get >>> pcap that would show what's missing. Do you have a Tik behind any SM with >>> the issue by chance? >>> >>> On Tue, Mar 8, 2022 at 4:05 PM Nate Burke <n...@blastcomm.com> wrote: >>> >>>> No DHCP Relay, just local DHCP Server on the mikrotik on the bridge >>>> that all the AP's are part of. >>>> >>>> No MAC limit on the SM's >>>> >>>> When it exhibits itself, a customer who has been running for weeks will >>>> timeout their lease, and the mikrotik will just go to 'offered' Rebooting >>>> the AP always fixes it. >>>> >>>> On 3/8/2022 1:18 PM, dmmoff...@gmail.com wrote: >>>> >>>> I was wondering about broadcast rate limit. That would apply to a DHCP >>>> discover, but not to a renewal. ….but either the MAC limit or broadcast >>>> limit would clear when rebooting the SM, and he says rebooting the SM has >>>> no effect. >>>> >>>> >>>> >>>> Is DHCP running on the port that the AP is plugged into, or is there a >>>> DHCP relay involved? >>>> >>>> >>>> >>>> >>>> >>>> *From:* AF <af-boun...@af.afmug.com><af-boun...@af.afmug.com> >>>> <af-boun...@af.afmug.com> *On Behalf Of *Josh Luthman >>>> *Sent:* Tuesday, March 08, 2022 12:43 PM >>>> *To:* AnimalFarm Microwave Users Group <af@af.afmug.com> >>>> <af@af.afmug.com> >>>> *Subject:* Re: [AFMUG] EPMP1000 and DHCP failures >>>> >>>> >>>> >>>> Do you have the SM limited on MACs? Look at Ethernet Port Security on >>>> config > network. >>>> >>>> >>>> >>>> On Tue, Mar 8, 2022 at 12:32 PM Nate Burke < <n...@blastcomm.com> >>>> n...@blastcomm.com> wrote: >>>> >>>> I've experienced this issue randomly, and haven't been able to track >>>> down a cause. Wondering if anyone else has come across something >>>> similar. >>>> >>>> Mikrotik DHCP Server. EPMP1000 GPS AP, Force 300 SM. >>>> >>>> At a random time, one or More Force 300 SM's on the AP will lose the >>>> ability to hand out a DHCP Address to the client. The Mikrotik just >>>> shows 'Offered' >>>> >>>> Rebooting or powercycling the SM has no effect. If the SM Connects to >>>> a >>>> different sector, then DHCP is immediately handed out. If the AP >>>> reboots, and the SM reconnects, then DHCP is immediately handed out. >>>> If >>>> the SM is set for NAT mode, it can get a DHCP Address just fine, but >>>> switching back to bridge, the Customer router will not get DHCP. >>>> >>>> I've experienced this from 4.4.3 all the way up to 4.6.3. It always >>>> seems to be an EPMP1000 AP with a Foce300 SM, but does not affect every >>>> Force300 SM at the same time. >>>> >>>> At least now I know when I start having this problem to go reboot the >>>> AP. >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>>> >>>> >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
