We're blocking DHCP traffic on mikrotik client units. We've found a
rogue dhcp that I've talked about the last couple weeks in a few
threads. I found the unit. We're blocking the 67 port like we're suppose
to but unit are still attempting to connect to the DHCP behind it.
Should I be blocking 67
ARP and DHCP are two different things. Assuming you're correctly blocking
the DHCP server for answering or hearing discoveries, ARP is still going to
happen and the (guessing here) Linksys Wifi Router is plugged in backwards
answering ARP for the address it is listening on.
Josh Luthman
Office:
Although it's a bit of work to get setup, and it helps to have scripts
and automated provisioning to keep everything organized, we haven't had
any problems with rouge DHCP since implementing it...
http://www.butchevans.com/pipermail/mikrotik/2009-November/001178.html
Josh, did you end up
(pmp320)keep freaking out about it.
-Original Message-
From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf
Of Kristian Hoffmann
Sent: Wednesday, January 26, 2011 3:04 PM
To: wireless@wispa.org
Subject: Re: [WISPA] Blocking DHCP traffic
Although it's a bit of work
On 01/26/2011 02:04 PM, Kristian Hoffmann wrote:
Although it's a bit of work to get setup, and it helps to have scripts
and automated provisioning to keep everything organized, we haven't had
any problems with rouge DHCP since implementing it...
Not sure exactly what you're asking. I did put a bridge filter on the MT AP
to stop SM to SM communication, yes.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Wed, Jan 26, 2011 at 3:04 PM, Kristian Hoffmann kh...@fire2wire.comwrote:
I'm wondering if anyone else uses action=arp-reply in the bridge NAT
section. I don't like using obscure features with MT for fear that
they'll randomly remove it one day. However, since that post they
appear to have added a rule to match gratuitous ARP, which could greatly
simplify my config.