MikroTik Router OS V3.0 User Manual

							DHCP Client and Server
Document revision 2.8 (December 12, 2007, 11:43 GMT)
This document applies to MikroTik RouterOS V3.0
Table of Contents
TableofContents
Summary
QuickSetupGuide
Specifications
Description
AdditionalDocuments
DHCPClientSetup
Description
PropertyDescription
CommandDescription
Notes
Example
DHCPServerSetup
Description
PropertyDescription
Notes
Example
StoreLeasesonDisk
Description
PropertyDescription
DHCPNetworks
PropertyDescription
Notes
DHCPServerLeases
Description
PropertyDescription
CommandDescription
Notes
Example
DHCPAlert
Description
PropertyDescription
Notes
DHCPOption
Description
PropertyDescription
Notes
Example
DHCPRelay
Description
PropertyDescription
Page 340 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							Notes
Example
Question&Answer-BasedSetup
CommandDescription
Notes
Example
DynamicAddressing,usingDHCP-Relay
IPAddressassignment,usingFreeRADIUSServer
General Information
Summary
 5,3$ &5
	 ,
 3
	

 $
  
  	 


  *$ 	 
 	


   
 ! 

	

 
 
 ( 	
 

 	
 	
  	

 

#3-/:/
I
	 	  5,3$
•*$ 	


 
 A+9 	7 	
  

• 
	

 *$ 


 
 	7 

*$ 	 	
  
 
 +3 	 
 
	
 	 	

5,3$ ( 	
   
  
 ! ,
!
 	
 
 	


	
 	
 	

 5,3$ 


! 
,
!
	
	  
	


Quick Setup Guide
 	     
 
 5,3$7!( 	
 5,3$73

 
  
 !
•!
  	 5,3$ !(
1.3	
 	
 *$ 	 
/ip pool add name=dhcp-pool ranges=172.16.0.10-172.16.0.20
2.+ 	 5,3$ 

   

 
 
 

!9&%!)%+%+!&	
  

 	
	
	 
 *$ 	!9&%!)%+%!
 5,3$ 


/ip dhcp-server network add address=172.16.0.0/12 gateway=172.16.0.1
3.#
	 	 	 5,3$ (
/ip dhcp-server add interface=wlan1 address-pool=dhcp-pool
•!
  	 5,3$ 3

 &  
 	 	  
 5,3$ ( 
 	(
1.+ 
 5,3$ 


/ip dhcp-client add interface=wlan1 use-peer-dns=yes \add-default-route=yes disabled=no
2.3 
  	( 
	
 	 	
Page 341 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							[admin@Server] ip dhcp-client> print detailFlags: X - disabled, I - invalid0 interface=wlan1 add-default-route=yes use-peer-dns=yes status=boundaddress=172.16.0.20/12 gateway=172.16.0.1 dhcp-server=192.168.0.1primary-dns=159.148.147.194 expires-after=2d23:58:52[admin@Server] ip dhcp-client>
Specifications
Packages required:dhcp
License required:level1
Home menu level:/ip dhcp-client, /ip dhcp-server, /ip dhcp-relay
Standards and Technologies:DHCP
Description
 5,3$ 
 ( 	
 		
 *$ 	 
 *$ 

 5,3$  
  
 	
 

   
 

 

 5,3$ ( 		 

 
 05$ GN 
 5,3$ 

 7 
 05$ GC 

 

	 

	

 
(( 
	

 

 		
 	 &
  	 
 
  	 +%+%+%+	
1 

	

 	 &**%&**%&**%&** E   		 

 
 
 	
Additional Documents
•*!35
	,
3
	

$
&5,3$
•5,3$
7, 6 
•*!35,3$#+@
DHCP Client Setup
Home menu level:/ip dhcp-client
Description
  
 ! 5,3$ 

 	  
	 
 	
 F


7 

	  	
 
  

	
( 5,3$ 

  

	  

  	
 	
 	 

	 	
 	
	 
 59!
( 	 	
 
 9$ ( 	 + 
 
	

  
  ( *$ 	

 
 
( 

	   	 
 
 

 

	  	
 	
	   	

 
 

 
	 	 	 
	 

 ! 
 5,3$ 

  	  

 
 	
 	 


	 	
 
   ( * 
  		 	 	
 
 

	  
 5,3$ 


	
 
 
 
 
	
  
 5,3$ 

   
 	 
(	
Property Description
add-default-route(yes | no; default:yes) - whether to add the default route to the gateway
specified by the DHCP server
address(read-only: IP addressnetmask) - IP address and netmask, which is assigned to DHCP
Client from the Server
Page 342 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							client-id(text) - corresponds to the settings suggested by the network administrator or ISP.
Commonly it is set to the clients MAC address, but it may as well be any text string
dhcp-server(read-only: IP address) - IP address of the DHCP server
expires-after(read-only: time) - time, when the lease expires (specified by the DHCP server)
gateway(read-only: IP address) - IP address of the gateway which is assigned by DHCP server
host-name(text) - the host name of the client as sent to a DHCP server
interface(name) - any Ethernet-like interface (this includes wireless and EoIP tunnels) on which
the client searches for a DHCP server
primary-dns(read-only: IP address) - IP address of the primary DNS server, assigned by the
DHCP server
primary-ntp(read-only: IP address) - IP address of the primary NTP server, assigned by the
DHCP server
secondary-dns(read-only: IP address) - IP address of the secondary DNS server, assigned by the
DHCP server
secondary-ntp(read-only: IP address) - IP address of the secondary NTP server, assigned by the
DHCP server
status(read-only: bound|error|rebinding...|renewing...|requesting...|searching...|stopped) -
shows the status of DHCP slient
use-peer-dns(yes | no; default:yes) - whether to accept the DNS settings advertized by DHCP
server (they will override the settings put in the /ip dns submenu)
use-peer-ntp(yes | no; default:yes) - whether to accept the NTP settings advertized by DHCP
server (they will override the settings put in the /system ntp client submenu)
Command Description
release- release current binding and restart DHCP client
renew- renew current leases. If the renew operation was not successful, client tries to reinitialize
lease (i.e. it starts lease request procedure (rebind) as if it had not received an IP address yet)
Notes
* 

  

  

% 
 


   

 
 
 
(   5,3$
8

*



  

  

% +3 	   

 
 
 
(   5,3$
8

*
  
	 
 5,3$ 

  



	 
 
 


 

 

 *
 	 
   59! (  ( 
 
  
 	 
 	 	 	


	 ( 
( *
 	 
 59! ( 	 ( 
  
 	 	 ( 	
 


	 (  
 

	

Example
 	 	 5,3$ 

 

 !

	
Page 343 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							/ip dhcp-client add interface=ether1 disabled=no[admin@MikroTik] ip dhcp-client> print detailFlags: X - disabled, I - invalid0 interface=ether1 add-default-route=yes use-peer-dns=yes use-peer-ntp=yesstatus=bound address=192.168.0.65/24 gateway=192.168.0.1dhcp-server=192.168.0.1 primary-dns=192.168.0.1 primary-ntp=192.168.0.1expires-after=9m44s[admin@MikroTik] ip dhcp-client>
DHCP Server Setup
Home menu level:/ip dhcp-server
Description
 
 
 	
 
(	 (  	 F


7 

	   
 ! 5,3$
( 
 
 	 


  (
 	 8

 

 	
 *$ 	1

	 	 	
	
	 	
 
	 59!7(& 	
 6*9!7(& & 6
 

 
	

 &
  
 

5,3$ 

 

*
  5,3$ ( 
   
 
  	 *$  & 

 
 
 5,3$ (% 
 *$
	 

 
  	
 	
 5,3$ 


*
  	  
 	
 
 	  5,3$ 

 
 
 +5*0! (  	 
 

		
   
 +5*0! (
+78

•NAS-Identifier- router identity
•NAS-IP-Address- IP address of the router itself
•NAS-Port- unique session ID
•NAS-Port-Type- Ethernet
•Calling-Station-Id- client identifier (active-client-id)
•Framed-IP-Address- IP address of the client (active-address)
•Called-Station-Id- name of DHCP server
•User-Name- MAC address of the client (active-mac-address)
•Password- 
+7+

•Framed-IP-Address- IP address that will be assigned to client
•Framed-Pool- ip pool from which to assign ip address to client
•Rate-Limit- Datarate limitation for DHCP clients. Format is: rx-rate[/tx-rate]
[rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold]
[rx-burst-time[/tx-burst-time][priority] [rx-rate-min[/tx-rate-min]]]]. All rates should be
numbers with optional k (1,000s) or M (1,000,000s). If tx-rate is not specified, rx-rate is as
tx-rate too. Same goes for tx-burst-rate and tx-burst-threshold and tx-burst-time. If both
rx-burst-threshold and tx-burst-threshold are not specified (but burst-rate is specified), rx-rate
and tx-rate are used as burst thresholds. If both rx-burst-time and tx-burst-time are not
specified, 1s is used as default. Priority takes values 1..8, where 1 implies the highest priority,
Page 344 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							but 8 - the lowest. If rx-rate-min and tx-rate-min are not specified rx-rate and tx-rate values are
used. The rx-rate-min and tx-rate-min values can not exceed rx-rate and tx-rate values.
•Ascend-Data-Rate- tx/rx data rate limitation if multiple attributes are provided, first limits tx
data rate, second - rx data rate. If used together with Ascend-Xmit-Rate, specifies rx rate. 0 if
unlimited
•Ascend-Xmit-Rate- tx data rate limitation. It may be used to specify tx limit only instead of
sending two sequental Ascend-Data-Rate attributes (in that case Ascend-Data-Rate will specify
the receive rate). 0 if unlimited
•Session-Timeout- max lease time (lease-time)
Property Description
add-arp(yes | no; default:no) - whether to add dynamic ARP entry:
•no- either ARP mode should be enabled on that interface or static ARP entries should be
administratively defined in /ip arp submenu
address-pool(name|static-only; default:static-only) - IP pool, from which to take IP addresses
for clients
•static-only- allow only the clients that have a static lease (i.e. no dynamic addresses will be
given to clients, only the ones added in lease submenu)
always-broadcast(yes | no; default:no) - always send replies as broadcasts
authoritative(after-10sec-delay|after-2sec-delay|no|yes; default:after-2sec-delay) - whether
the DHCP server is the only one DHCP server for the network
•after-10sec-delay- to clients request for an address, dhcp server will wait 10 seconds and if
there is another request from the client after this period of time, then dhcp server will offer the
address to the client or will send DHCPNAK, if the requested address is not available from this
server
•after-2sec-delay- to clients request for an address, dhcp server will wait 2 seconds and if there
is another request from the client after this period of time, then dhcp server will offer the
address to the client or will send DHCPNAK, if the requested address is not available from this
server
•no- dhcp server ignores clients requests for addresses that are not available from this server
•yes- to clients request for an address that is not available from this server, dhcp server will send
negative acknowledgment (DHCPNAK)
bootp-support(none|static|dynamic; default:static) - support for BOOTP clients
•none- do not respond to BOOTP requests
•static- offer only static leases to BOOTP clients
•dynamic- offer static and dynamic leases for BOOTP clients
delay-threshold(time; default:none) - if secs field in DHCP packet is smaller than
delay-threshold, then this packet is ignored
•none- there is no threshold (all DHCP packets are processed)
interface(name) - Ethernet-like interface name
lease-time(time; default:72h) - the time that a client may use the assigned address. The client will
try to renew this address after a half of this time and will request a new address after time limit
expires
Page 345 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							name(name) - reference name
relay(IP address; default:0.0.0.0) - the IP address of the relay this DHCP server should process
requests from:
•0.0.0.0- the DHCP server will be used only for direct requests from clients (no DHCP really
allowed)
•255.255.255.255- the DHCP server should be used for any incomming request from a DHCP
relay except for those, which are processed by another DHCP server that exists in the /ip
dhcp-server submenu
src-address(IP address; default:0.0.0.0) - the address which the DHCP client must send requests
to in order to renew an IP address lease. If there is only one static address on the DHCP server
interface and the source-address is left as 0.0.0.0, then the static address will be used. If there are
multiple addresses on the interface, an address in the same subnet as the range of given addresses
should be used
use-radius(yes | no; default:no) - whether to use RADIUS server for dynamic leases
Notes
3

  
 ( 	 5,3$ 	 
 	 
  
 		  
 +3 	 
 
	
 

	
&   	 	
 

% +3 	
*
 



  
 
 
 5,3$ (  

 4
  
 	 
 	


 
 

 *
 	 	 &	
 

 		  
 (

 
 

  
 
 
 
 5,3$ (

 

 
  	 
 

   




*
  	 5,3$ (  

 
 
+%+%+%+
 5,3$ (  

 
 
 
 
8
  


Example
 	 	 5,3$ ( 
 

	
 ! 

 *$ 	  

*$   - 
/ip dhcp-server add name=dhcp-office disabled=no address-pool=dhcp-clients \interface=ether1 lease-time=2h[admin@MikroTik] ip dhcp-server> printFlags: X - disabled, I - invalid# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP0 dhcp-office ether1 dhcp-clients 02:00:00[admin@MikroTik] ip dhcp-server>
Store Leases on Disk
Home menu level:/ip dhcp-server config
Description
A	 	 		 
 
  
 	 

 	
 
 * 
   	( 
  
 (
	 	
 	 
   
  	
  	 
   
 	
 
 	 	 ( 
 
( 	  3	
 #	 &	  	 
 	 ( 
  
2 
 
  	 	

	 	( 
  (


 * 
 
   ( 
 &	
 

 

	
   
 (
 
 	  	 
 	
  
 )
 
 3# 
 	  
 	
 

Page 346 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							
 	  
 	 
 &	 
 	  

 * 
 
   ( 
 &
( 

 
  

 
 
  
 
	

 	
 	
( 	 	  
 
 	    *
 
 	 
( 	 ( 
 
 	  	 
 	

 

  
 
  

 
 
 
 8

Property Description
store-leases-disk(time-interval|immediately|never; default:5min) - how frequently lease
changes should be stored on disk
DHCP Networks
Home menu level:/ip dhcp-server network
Property Description
address(IP addressnetmask) - the network DHCP server(s) will lend addresses from
boot-file-name(text) - Boot file name
dhcp-option(text) - add additional DHCP options from /ip dhcp-server option list. You cannot
redefine parameters which are already defined in this submenu:
•Subnet-Mask (code 1)- netmask
•Router (code 3)- gateway
•Domain-Server (code 6)- dns-server
•Domain-Name (code 15)- domain
•NTP-Servers (code 42)- ntp-server
•NETBIOS-Name-Server (code 44)- wins-server
dns-server(text) - the DHCP client will use these as the default DNS servers. Two
comma-separated DNS servers can be specified to be used by DHCP client as primary and
secondary DNS servers
domain(text) - the DHCP client will use this as the DNS domain setting for the network adapter
gateway(IP address; default:0.0.0.0) - the default gateway to be used by DHCP clients
netmask(integer: 0..32; default:0) - the actual network mask to be used by DHCP client
•0- netmask from network address is to be used
next-server(IP address) - IP address of next server to use in bootstrap
ntp-server(text) - the DHCP client will use these as the default NTP servers. Two
comma-separated NTP servers can be specified to be used by DHCP client as primary and
secondary NTP servers
wins-server(text) - the Windows DHCP client will use these as the default WINS servers. Two
comma-separated WINS servers can be specified to be used by DHCP client as primary and
secondary WINS servers
Notes
  

	 
  
 	
  	 
 (
 

  (	   	
	


	 

   
   



Page 347 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							DHCP Server Leases
Home menu level:/ip dhcp-server lease
Description
5,3$ ( 	 
   
 

 	
 	
	 (% 	   	 	 
 	 
	 

 E 	
 	 	 
	
 	 
  	 	
	 

 &

  +3
	 
  *$ 	
I
	 
 5,3$ 	 
 		
 	 
1.	
 
 	  
$


	

2. 	 

 	  	
 *$ 	 
 (  

3. 
 

  ( 
	
	 	
 	 
 	 		 	
 




 
( 	 

4. 
 

  ( 	 
	 	 &
	
  	
 *$ 	  
 
 
 	 

	
 	
 	
  	
  .< 
 5
 
 
 
 	  	


5.
 	 
 	  

 
 
 	 		 	
 


 


( 	 

6.
 
 	 
 	  
 	 
 &
  	 	
 
 

 	 
	 	
 
 

% 8
 	
 
	
 &
 

  
 		
 

+ 

 	  
 	 	  
	 	  ( 	
 
 		
 	  

 


 	  )
 
 
	
 	 

 
 

  	8 
 	


	
 
 *$ 	 	
 
	
	 	 

 
Property Description
active-address(read-only: IP address) - actual IP address for this lease
active-client-id(read-only: text) - actual client-id of the client
active-mac-address(read-only: MAC address) - actual MAC address of the client
active-server(read-only:) - actual dhcp server, which serves this client
address(IP address) - specify ip address (or ip pool) for static lease
•0.0.0.0- use pool from server
agent-circuit-id(read-only: text) - circuit ID of DHCP relay agent
agent-remote-id(read-only: text) - Remote ID, set by DHCP relay agent
always-broadcast(yes | no) - send all repies as broadcasts
block-access(yes | no; default:no) - block access for this client (drop packets from this client)
blocked(read-only: flag) - whether the lease is blocked
client-id(text; default:) - if specified, must match DHCP client identifier option of the request
expires-after(read-only: time) - time until lease expires
Page 348 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners. 
						

							host-name(read-only: text) - shows host name option from last received DHCP request
lease-time(time; default:0s) - time that the client may use the address
•0s- lease will never expire
mac-address(MAC address; default:00:00:00:00:00:00) - if specified, must match the MAC
address of the client
radius(read-only:yes | no) - shows, whether this dynamic lease is authenticated by RADIUS or
not
rate-limit(read-only: text; default:) - sets rate limit for active lease. Format is: rx-rate[/tx-rate]
[rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold]
[rx-burst-time[/tx-burst-time]]]]. All rates should be numbers with optional k (1,000s) or M
(1,000,000s). If tx-rate is not specified, rx-rate is as tx-rate too. Same goes for tx-burst-rate and
tx-burst-threshold and tx-burst-time. If both rx-burst-threshold and tx-burst-threshold are not
specified (but burst-rate is specified), rx-rate and tx-rate is used as burst thresholds. If both
rx-burst-time and tx-burst-time are not specified, 1s is used as default
server(read-only: name) - server name which serves this client
src-mac-address(MAC address) - source MAC address
status(read-only: waiting|testing|authorizing|busy|offered|bound) - lease status:
•waiting- not used static lease
•testing- testing whether this address is used or not (only for dynamic leases) by pinging it with
timeout of 0.5s
•authorizing- waiting for response from radius server
•busy- this address is assigned statically to a client or already exists in the network, so it can not
be leased
•offered- server has offered this lease to a client, but did not receive confirmation from the
client
•bound- server has received clients confirmation that it accepts offered address, it is using it
now and will free the address not later, than the lease time will be over
use-src-mac(MAC address) - use this source MAC address instead
Command Description
check-status- check status of a given busy dynamic lease, and free it in case of no response
make-static- convert a dynamic lease to a static one
Notes
*



  	  8  	 
 

 		
 
 	 

 


	
 + 

  	 
 	
 	
  8  
 &
  	7	  
	   ( 
  
	
 

 	


    	 

 


  	 	
 
 	(
 	
7
7
  
   
 
	
 


 

	
F(
 
 

 	 	  	
 &
 	
 	 
 
 
 


 
  

 	

 
 

 *
  
  	
 	
 
 
 5,3$ ( 
	

 	  
 
	
  
 5,3$

 3

 
 
 
 	
 *$ 	 
 
 	 	 	 
  	
 &
 
 
 

(	 
  
 
  	 
  	
 	
 *$ 	 	 

 
 
 	  	 &

Page 349 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.