I have an x86 Openwrt router running 22.03.0 and when I boot up a Mikrotik Hap lite behind it I get a " daemon.info dnsmasq-dhcp[1]: BOOTP(br-lan) 172.xxx.xxx.xxx dc:2c:xx:xx:xx:xx" entry in the log and the Mikrotik just hangs for 5 minutes.
This doesn't happen with my Openwrt 21.02.3 router nor do I see the BOOTP message in the logs on the Openwrt 21 router.
I haven't enabled any PXE or tftp in dnsmasq but it must be running in the background. How can I totally disable this please? Or any other ideas on blocking it.
Is the MikroTik running OpenWrt too?
Yes it is running Openwrt
This appears to be caused by the network config for some weird reason. If I add an extra random vlan interface to the bridge instead of just eth0 it works. Watching the Mikrotik it just stops at the boot loader waiting until it times out after about 5 minutes.
I can just leave it like this but if anyone has any ideas why I'd like to know. Thanks
A bridge cannot be empty by default (i.e. ≤ 1 interface, or nothing to bridge). Adding a dummy interface hence solved your issue.
Thanks for the reply but the bridge already has an interface assigned I have to assign a second interface to fix this issue.
The bridge comes up fine with a single interface and works fine for every other type of device I have here. This is just an issue with Mikrotik devices so I don't see how it could be that.
See note:
So correct. This is why adding a second interface works.
1 Like
Still doesn't make any sense why this would trigger an issue with only Mikrotik devices. A single interface is the standard config in Openwrt and this issue isn't present in any earlier releases of Openwrt.
I also can't find any information that says a linux bridge must have more than one interface.
This also doesn't explain why adding a dummy interface will stop dnsmasq from advertising BOOTP
I've gone right back to a fresh install and this issue only appears when there is a static lease for the Mikrotik in /etc/config/dhcp.
Bug report submitted https://github.com/openwrt/packages/issues/20274
You can capture the DHCP/BOOTP packets with tcpdump on both OpenWRT versions and compare the packet structure to see the difference.
2 Likes
Thanks. I've already got what's is going on from the logs now and it's the reply to "vendor class: Flashboot" from dnsmasq.
Mikrotik
Thu Jan 12 22:07:47 2023 daemon.info dnsmasq-dhcp[1]: 2061124093 vendor class: Flashboot
Thu Jan 12 22:07:47 2023 daemon.info dnsmasq-dhcp[1]: 2061124093 tags: lan, bootp, known, br-lan
Thu Jan 12 22:07:47 2023 daemon.info dnsmasq-dhcp[1]: 2061124093 BOOTP(br-lan) 192.168.1.213 xx:xx:xx:xx:xx:xx
after time out
Thu Jan 12 22:15:13 2023 daemon.info dnsmasq-dhcp[1]: 443697254 vendor class: udhcp 1.30.1
Thu Jan 12 22:15:13 2023 daemon.info dnsmasq-dhcp[1]: 443697254 client provides name: testermikrotik
Thu Jan 12 22:15:13 2023 daemon.info dnsmasq-dhcp[1]: 443697254 DHCPDISCOVER(br-lan) xx:xx:xx:xx:xx:xx
Thu Jan 12 22:15:13 2023 daemon.info dnsmasq-dhcp[1]: 443697254 tags: lan, known, br-lan
Thu Jan 12 22:15:13 2023 daemon.info dnsmasq-dhcp[1]: 443697254 DHCPOFFER(br-lan) 192.168.1.213 xx:xx:xx:xx:xx:xx
TPlink
Thu Jan 12 22:07:10 2023 daemon.info dnsmasq-dhcp[1]: 674320066 vendor class: udhcp 1.25.1
Thu Jan 12 22:07:13 2023 daemon.info dnsmasq-dhcp[1]: 674320066 DHCPDISCOVER(br-lan) xx:xx:xx:xx:xx:xx
Thu Jan 12 22:07:13 2023 daemon.info dnsmasq-dhcp[1]: 674320066 tags: lan, br-lan
I'm trying to figure out a way to ignore this request via vendorclass if you have any ideas about that. I have the following to test if I can change the dns in the reply and then I'll know I have at least a response but nothing so far.
config vendorclass 'Flashboot'
option vendorclass 'Flashboot'
list dhcp_option '6,8.8.8.8'
What I need is a config to make dnsmasq ignore the vendor class Flashboot
I should also add that adding another dummy interface to the LAN works but in the logs it shows the same BOOTP message, but instead of once it's repeated 10 times. Like it's just not reaching the router and lost in the lan. Because the router doesn't seem to see the response it keeps booting.
RouterBOOT usually only does BOOTP or DHCP if you have told it to?
Because you have told RouterBOOT to do this: https://help.mikrotik.com/docs/display/ROS/Flashfig
You want boot_device to be flasheth for normal boot…
for i in /sys/firmware/mikrotik/soft_config/*; do echo -n "$(basename $i): "; cat $i; done
If that does not work, reset RouterBOOT by following manual using the reset button.
1 Like
Thanks but these Mikrotiks are already running openwrt. All these Mikrotik have this behaviour out of the box with no config changes.When I flash them I just boot them with the reset held down until the grab the file from the tftp server.
This works to confuse bootp when the vendor class Flashboot shows up and the Mikrotik continues the boot after about 30 seconds which is way better but it's an ugly kludge.
config vendorclass 'Flashboot'
option networkid 'bootpblock'
option vendorclass 'Flashboot'
list dhcp_option '6,10.0.0.10'
list dhcp_option '54,10.0.0.10'
list dhcp_option '3,10.0.0.10'
bootpblock shows up in the tags but I can't find a way to remove the bootp tag from there.
tags: lan, bootp, known, bootpblock, br-lan
If anyone knows how to remove the bootp tag orhas any better ideas here's a list of the dhcp-options provided by dnsmasq.
dnsmasq --help dhcp
Known DHCP options:
1 netmask
2 time-offset
3 router
6 dns-server
7 log-server
9 lpr-server
13 boot-file-size
15 domain-name
16 swap-server
17 root-path
18 extension-path
19 ip-forward-enable
20 non-local-source-routing
21 policy-filter
22 max-datagram-reassembly
23 default-ttl
26 mtu
27 all-subnets-local
31 router-discovery
32 router-solicitation
33 static-route
34 trailer-encapsulation
35 arp-timeout
36 ethernet-encap
37 tcp-ttl
38 tcp-keepalive
40 nis-domain
41 nis-server
42 ntp-server
44 netbios-ns
45 netbios-dd
46 netbios-nodetype
47 netbios-scope
48 x-windows-fs
49 x-windows-dm
58 T1
59 T2
60 vendor-class
64 nis+-domain
65 nis+-server
66 tftp-server
67 bootfile-name
68 mobile-ip-home
69 smtp-server
70 pop3-server
71 nntp-server
74 irc-server
77 user-class
80 rapid-commit
93 client-arch
94 client-interface-id
97 client-machine-id
100 posix-timezone
101 tzdb-timezone
119 domain-search
120 sip-server
121 classless-static-route
125 vendor-id-encap
150 tftp-server-address
255 server-ip-address
For anyone that needs to disable this I found adding the following to the end of /etc/dnsmasq.conf works. I can't find a working solution using the uci configs but this will do.
#block BOOTP dhcp for vendorclass Flashboot
dhcp-vendorclass=set:bootpblock,"Flashboot"
dhcp-ignore=tag:bootpblock
The result
Tue Jan 17 03:37:36 2023 daemon.info dnsmasq-dhcp[1]: 2475956408 available DHCP range: 192.168.1.100 -- 192.168.1.249
Tue Jan 17 03:37:36 2023 daemon.info dnsmasq-dhcp[1]: 2475956408 vendor class: Flashboot
Tue Jan 17 03:37:36 2023 daemon.info dnsmasq-dhcp[1]: 2475956408 BOOTP(br-lan) xx:xx:xx:xx:xx:xx ignored
Then the Mikrotik just boots normally, as do my other devices.