Joined: Sun Mar 13, 2022 10:34 pm

Router is sending ISP IP lease renewal unicasts to the wrong MAC address

Sat Nov 12, 2022 5:29 am

I have a hAP lite (running v6.47.9) and a hAP ac2 (running v7.6) that I am testing for home use. I have reset both routers and installed the default HOME configuration via Quickset.

My ISP uses a DHCP relay agent that is (apparently) a separate device from its router infrastructure since it has a different IP address and MAC address from my ISP default gateway.

When I plug either Mikrotik router into my modem the results are the same. The initial DHCP Discover, Offer, Request, and Ack work correctly and I get my initial IP address lease. The Offer and Ack are sent by the DHCP relay agent as expected. I am able to access the Internet just fine at this point.

When my IP address renewal timer expires the Mikrotik router sends a DHCP unicast with the correct IP address of the DHCP server, but with the Ethernet Destination MAC Address of the DHCP relay agent instead of the MAC Address of my default gateway. These unicasts are all ignored. This continues until the DHCP T2 timer expires and the router enters rebinding state and broadcasts a DHCP Request. Since my ISP IP lease times are short there is very little time to renew at this point. If the network isn't too busy the DHCP relay agent will forward the request and my lease will renew. If it's busy I'm out of luck and my IP lease will expire. There is no entry in the ARP or routing tables for the relay agent so I have no idea why the unicasts are being sent there.

I'm not a network engineer and I'm new to Mikrotik. I'm hoping there is an easy fix to tell the DHCP client to use the default gateway rather than try to send the renew unicasts to the relay agent. FWIW, my current Edgerouter-X sends the renew unicasts to the DHCP server via the default gateway and it works every time.
Joined: Mon Dec 04, 2017 9:19 pm

Re: Router is sending ISP IP lease renewal unicasts to the wrong MAC address

Sat Nov 12, 2022 1:01 pm

It's not configurable, and it sounds like a mere bug (or, knowing a little bit about how the DHCP client is hooked into the network stack, an omission). So worth opening a support ticket with Mikrotik - provide the supout.rif file and either copy the description from here or just add a link to this topic.

Frames sent by RouterOS itself bypass the dstnat chain of /interface bridge nat, so it cannot be used as a workaround.

