PS4 suddenly not getting IP address from DHCP after I update my Mikrotik switch



  • Hi guys, so today I update my Mikrotik switch from v2.4 to v2.5 and notice that my PS4 no longer has internet connection (it works just fine before this update). My network diagram is something like this:

    pfSense -> Mikrotik Switch (CSS326-24G-2S+) -> patch panel -> keystone jack -> TP-Link unmanaged switch (SG108)

    There are PC, Raspberry Pi, laptop, and PS4 connected via ethernet cable under this TP-Link unmanaged switch. And every device seems to work just fine except PS4. So I begin to troubleshoot.

    1. Use different cable -> not working 
    2. Use other port -> not working 
    3. Use static IP under PS4 setting (but still connected to unmanaged switch) -> works 
    4. Connect the PS4 directly to Mikrotik switch (bypassing the unmanaged switch) -> works

    At this point, I'm confused if the problem is my Mikrotik switch or the unmanaged switch, in my test result, it seems like the problem is the unmanaged switch but I don't have this issue before I update my Mikrotik switch and other device (except PS4) seems to be working just fine under this unmanaged switch. How do I troubleshoot to make sure which one is the issue? I already tried to restart everything (pfSense, Mikrotik switch, unmanaged switch) and still not working. For now, I use static IP address for PS4.

    Changelog for the Mikrotik update:

    What's new in v2.5:

    *) SFP & SFP Status tabs are combined into one;
        *) Global RSTP settings are moved unto RSTP tab;
        *) Static Hosts & Hosts tabs are combined into one;
        *) CSS106, CRS326, CRS317: added support for IGMP snooping;
        *) CRS326 & CRS317: fixed occasional lockup on SFP module insertion;
        *) CSS106: added global independent VLAN lookup option for all VLANs;
        *) CSS106: do not enable IVL on reboot if it's disabled;
        *) implemented DHCP client;
        *) CRS326 & CRS317: added support for DHCP & PPPoE snooping and
          injecting option 82 (Intermediate Agent info);
        *) CRS317: support fans;

    CAVEAT: switch address acquisition mode by default is DHCP with fallback to static address;

    Note: I don't use VLAN or any of these fancy settings.


  • Netgate

    Isn't this more of a question for Mikrotik?

    You didn't indicate what is providing DHCP services. Anything interesting in the DHCP logs for the PS4's MAC address?

    I would packet capture on a mirror port of the port going to the PS4 and look at the actual DHCP exchange. Then capture the same type of exchange on the port from the DHCP server.

    That should point at what is at-fault.



  • @Derelict:

    Isn't this more of a question for Mikrotik?

    You didn't indicate what is providing DHCP services. Anything interesting in the DHCP logs for the PS4's MAC address?

    I would packet capture on a mirror port of the port going to the PS4 and look at the actual DHCP exchange. Then capture the same type of exchange on the port from the DHCP server.

    That should point at what is at-fault.

    DHCP is provided by pfSense, can you provide a step-by-step how to check and capture the DHCP/port logs? My networking knowledge is limited.


  • Netgate

    Start with Diagnostics > Packet Capture on the pfSense interface in question. Filter on UDP port 67. About 10000 packets should be long enough. Reboot the PS4, wait for it to fail, and stop the capture. Anyone looking at the capture will need to know the PS4 MAC address.

    Unfortunately, debugging these problems typically requires some networking knowledge, such as pulling the resulting capture into wireshark and understanding the DHCP protocol enough to know what you are looking at. At least enough to finger the device that isn't doing what it is supposed to be doing so you know whom to beat on.

    You might need to engage Mikrotik (or pfSense/Netgate) support or hire someone if that is outside your skill set. But if it was all working, and you updated the switch firmware and it stopped working, I would start with Mikrotik probably.)

    You could also download and post the pcap here. There shouldn't be much data leakage that matters in that capture on an inside interface with that udp/67 filter in place.


  • Netgate

    Status > System Logs, DHCP.

    Click Filter at the top (the funnel icon) and enter the PS4 MAC address in the proper format (as indicated by the other log entries).



  • I downgraded my Mikrotik switch to previous version and everything works now.



  • @warheat1990:

    I downgraded my Mikrotik switch to previous version and everything works now.

    It appears there's some sort of problem with the switch then.  One thing that helps is to use packet capture to see what's happening.  While pfSense packet capture can help, I find Wireshark works better.  Since that's a managed switch, you can set up port mirroring, which allows you to monitor any port.  Also, given the description of the switch and what it can do, it might be configured in a way that interferes with the traffic.


  • Netgate

    pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.

    The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.



  • @Derelict:

    pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.

    The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.

    What do you do when you want to monitor a point that's not directly connected to pfSense, such as the other side of that switch that seems to be causing the problems?  Perhaps the DHCP request is being sent, but not passed by the switch.  With port mirroring, you can watch any interface.  Last year, I bought a small managed switch, just so that I could plug in anywhere and see what's happening.  Also, with Wireshark, you can watch the traffic in real time.  While I have used packet capture, I find Wireshark to be more useful.  One very useful feature is being able to filter on multiple factors.

    Incidentally, when I used Linux for my firewall, I often ran Wireshark on it.  When I moved to pfSense, I had to use that managed switch to see the WAN side of pfSense.  That's how I came across the problem with the IPv6 prefix changing, when all I did was disconnect/reconnect the WAN port.  I carry that switch in my computer bag and have found it useful on occasion at work (One time I actually had to use it as a switch.  <g>).</g>


  • Netgate

    @Derelict:

    pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.

    The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.



  • I had the same issue.  Updated a mikrotik switch to swos 2.5 and none of the devices on my network was able to get DHCP info.  Downgraded to swos 2.4, everything works again.  Wasted 8 hours trying to figure out what was going on because I had just made the switch to pfsense 2.4 just before I upgrade the mikrotik switch.  Thought pfsense 2.4 had broken everything but this post gave me the answer.  Hugely grateful!  Thank you.