I live in a block of flats which has a single shared LAN for all flats. I think this is a massive security problem, so I purchased a Beryl AX GL-MT3000 to create a private LAN, so that my devices have a firewall and NAT between them and the LAN for the whole block (now referring to this as the WAN).
We were having significant network issues, (drop-outs and slow-down) for all people in the block. The network engineer investigating determined that some devices were handing out IP addresses in the range 192.168.X.X when the network was supposed to be using 10.0.X.X. The ethernet ports to a few individual flats were disabled because they were determined to be running a DHCP server, including the ethernet port to my own flat, connected to the WAN port of my Beryl-AX.
I had my Beryl-AX set up in router mode, so it would create a private LAN, with a NAT layer and firewall between itself and the wider network. This means that my own devices did indeed receive addresses in the 192.168.X.X range, but as far as I understood, any communications to/from the wider network should have been translated to use my router's address, which is 10.0.X.X. The router should have looked like a single device on the WAN, so I don't know how the network engineer determined that my router was causing an issue.
I would like to know: how is it possible that my router was detected as allocating IP addresses within my private LAN, and how do I stop this information being shown to the WAN? And is it possible that the router was allocating addresses on the WAN and causing some of the issues that the wider network was facing, and if so, how do I stop this?
Seen similar things with the SFT1200. Didn't see any DHCP probems but the WAN interface of GL.inet did leak local LAN IP addresses when connecting. This was version 4.3.21, the version 4.7.2beta is quite different.
Some things were seen in the uplink ARP table. At least it confused my Mikrotik Hotspot software , which was using the Hotspot dynamic NAT to convert the local LAN IP, for a while.
(Mikrotik hotspot just accepts any IP address from a client)
The DROP-in-gateway feature fiddles with the ARP table (proxy ARP?) , supposed to work on the ethernet connection only, but was seen in a wireless only setup.
Otherwise the local LAN ip leakage can be due to the firewall-reloads which happend quite frequently when the WWAN roamed to another AP with the same SSID. This seems to have stopped in 7.4.2beta.