I have yet to encounter an NBN connection but I recall seeing something about extra DHCP Client options on page 17 of: http://www.nbnco.com.au/content/dam/nbnco/documents/sfaa-wba-uni-v-functiona... Do cable modems now need some extra tweaks in their DHCP client requests? At least we don't have to still deal with Ye Olde BPALogin clients! On 28 July 2015 at 13:03, RJ Plummer <RJ.Plummer@4logic.com.au> wrote:
Hi Ben,
We have a few staff with bigpond cable and mikrotiks who don't exhibit this behaviour.
Their setups are very straight forward: -Bridge the cable modem (same cable modem model as you describe) -DHCP client on the appropriate physical mkt interface -masq that interface -firewall filter as usual
Do you have anything different in your configurations?
Cheers, RJ -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Paul Julian Sent: Tuesday, 28 July 2015 10:55 AM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Cable Modem DHCP Issues
Hi Ben, I have seen Mikrotiks change their MAC address, or at least the one they present, this usually happens if a config has been uploaded to them without MAC addresses removed.
There is an option in the interface settings called "Reset MAC Address", try clicking this on the interface you have plugged into the NTU, it will reset the MAC address back to or force it to be the actually physical MAC just in case anything has changed.
We use bridge mode in modems and NTU's with Mikrotiks in hundreds of locations for ADSL and Ethernet services and never have one issue.
Regards Paul
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Jackson Sent: Tuesday, 28 July 2015 12:47 PM To: MikroTik Australia Public List Subject: Re: [MT-AU Public] Cable Modem DHCP Issues
Thanks for the reply Paul. Yes I agree with you 100%, there should be almost nothing to go wrong in this type of set-up. The NTU is definitely in bridge mode - as evidenced by the radio button saying "Bridge Mode" on the web GUI ;) and I have a DHCP client running on ether24 of the CRS (or sometimes ether 1) which immediately binds the public IP address to itself.
I understand about the MAC based DHCP which the ISP's use, I have had issues in the past (no longer seems to be as issue) where I have had to spoof the MAC address of the NTU to get a DHCP address. I have also noticed if my MBP is the first device to connect to the NTU while in bridge mode, sometimes I need to power cycle the device to "deregister" the MAC address of the MBP. I am able to get a binding on the MikroTik after this process is complete.
But, in this instance this is not the problem unless somehow the MAC address of the MikroTik ether port is changing - is this possible? I must admit, my progress on this is somewhat hampered by not having a cable setup to test on at home - I run ADSL.
I'm pretty sure that nothing else on the network would be able to bind it's MAC address to the public IP before the MikroTik has had a chance to - although I must admit I hadn't though of that so I'll check it out in more detail.
I am also inclined to agree with you that this is not solely a Mikrotik issue. It seems to me that it is the magic (or not so magic) combination of the ISP's hardware and the MikroTik that seems to cause the problem. I have tried other brands of router which do not seem to exhibit the issue, however these devices do not have the great feature set of the MikroTik and are often not rack-mountable. Trotting out the "It's not a Mikrotik issue" line is starting to wear very thin with both my customers and colleagues. Although my gut feeling is that it isn't - I need proof and I don't know where to start. This is happening far too often for it to be a coincidence or a faulty device.
I have, unfortunately also seen very strange behaviour over ADSL / pppoe connections in bridge mode too, I sent an email about this some time ago and it still plagues me from time to time.
The type of installations I am doing are not your typical home setups and customers are paying a lot of money for a supposedly "commercial-grade" solution which is only adding to my stresses.
Do any of you guys out there use a MikroTik as your home router - how do you set it up? Have you seen issues like this?
One thing I have noticed is that the issue seems to be much more prevalent with the newer DOCSIS 3.0 netgear / telstra / optus modems. No idea why. Any cable experts out there?
Thanks again,
Ben Jackson eLogik m:0404 924745 e: ben@elogik.net w: www.elogik.com.au [image: http://www.elogik.com.au] <http://www.elogik.com.au>
On Tue, Jul 28, 2015 at 11:11 AM, Paul Julian <paul@oxygennetworks.com.au> wrote:
Hey Ben, the only thing I can think of is that Telstra and Optus Cable networks use MAC based DHCP, they bind the IP to the MAC of the NTU or in the case of bridge mode the first client that makes a request, and often you have trouble with these things because of this, I don't really think it's a Mikrotik thing.
However, as long as the Mikrotik is maintaining the same MAC on the interface plugged into the NTU and the NTU is truly in bridge mode and the Mikrotik is the only thing plugged into the NTU I can't see why it would be having issues.
Is there any chance that another device might somehow be getting a DHCP request through to the NTU somehow the way you have it all plugged in ?
Regards Paul
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Jackson Sent: Tuesday, 28 July 2015 10:53 AM To: MikroTik Australia Public List Subject: [MT-AU Public] Cable Modem DHCP Issues
Hi All,
I'm hoping someone can help me as I'm at my wit's end with this one.
We use Mikrotik gear (Mainly RB2011's and and more recently, the CRS125-24G) in large residential AV situations where invariably, the Mikrotik is in dhcp client mode, in a cable internet scenario where Telstra's / Optus's modem has been placed into "bridge" mode (NAT switched off) and the carrier-supplied WAN IP address gets bound to the gateway interface of the Mikrotik.
The Mikrotik, in turn is connected to, on average, about 3 UniFi access points, and at least 3-4 zones of Sonos. On initial set up, everything seems to work great, with the full bandwidth of the cable modem getting passed on to the rest of the network, even when 802.11 clients are connected (a testament to the UniFi's I my opinion - I only use dual band Pro AP's).
However, after a week or so the internet connection seems to get either very slow, or stop working altogether. If I look in the logs (with dhcp logging switched on) I can see regular NAK's getting passed from the dhcp server on the cable modem. The problem is I don't really understand how DHCP works on cable modems. I'm assuming every so often the cable modem gets a new IP address from the carrier (normally after a reset) and at this point the modem is not passing this new address onto the Mikrotik which is effectively cut off from the internet. Since we are stuck with using Bigpond and Optus modems these are the only solutions I have discovered which seem to stop the issue from occurring (at least as regularly).
1) Leave the cable modem in "router" mode and switch off all extraneous services such as Wi-Fi, and also put one IP address in the dhcp pool so that the Mikrotik always gets the same private IP address. However, this creates a double nat situation which means I can no longer perform reliable port forwarding for things such as DVR's and CBus controllers (which I find the Mikrotik's great for).
2) Allow the cable modem to perform all dhcp, routing, port forwarding (which is a joke on these devices) and firewall tasks for the entire LAN and turn the CRS into an unmanaged L2 switch. The main problem here is that these Bigpond devices simply do not have the grunt to deal with large networks with lots of AV streaming and control happening.
Since both of the above have severe drawbacks in terms of functionality, I wonder if anyone has had similar experiences as I am just about ready to dump the MikroTik's and start looking at other options in the hope that they play better with the Bigpond gear.
Thanks in advance,
Ben Jackson eLogik m:0404 924745 e: ben@elogik.net w: www.elogik.com.au [image: http://www.elogik.com.au] <http://www.elogik.com.au> _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
--