ER605 - WAN MAC Address issues - ISP
Hello,
I have recently setup my Omada network and just got a new ISP who uses the router MAC address to allow access to their network.
I have been experiencing random dropouts on the WAN interface on the ER605.
ISP is saying that they are seeing multiple MAC addresses attempting to connect, which seemed odd, considering the interface of the primary WAN port is +1 of the mac address of the router (This also seems to be another issue with Omada Controller, as you can only tell what the MAC address of the interface is if you had setup the router manually via web, but no way to check if you do it via OC). I thought this was very odd behavior, as only the router was connected and my ports are setup that only one is WAN, everything else is on the default internal VLAN.
That is... until I setup my logging server and setup SNMP.
I now see some F6:XX:XX:XX, D2:XX:XX:XX, 7E:XX:XX:XX, etc. on other interfaces of the router! Some of these match the MAC addresses of the multiple devices they are saying are trying to connect.
The various interfaces + MACs shown in my monitoring program are
- default/eth0
- default/eth1
- default/veth0
- default/br-lan
- default/eth1.4094
- vnet/veth1
- vnet/veth0.1
- vnet/veth0.2
The question is, why is my ISP able to see these other MAC addresses through my WAN port? It's almost like these are being presented as if they were connected to a switch or something. I do not think they are able to see my whole network, as it is only a handful of addresses. At most, I would have expected the device/default MAC and then maybe the MAC for the interface.
Any ideas on how to block this from happening? For fun, I have plugged in a more simple netgear router in between the ISP and ER605. The Netgear only reports a single device being connected.
TL:DR - ISP only allows one MAC address to connect to network. ER605 appears to be presenting all device MAC addresses (possibly also virtual as well) via WAN port, kicking me off the network throughout the day.