August 29, 2008 11:11pm pdt

Member Login

Hall of Fame

Yearly

1RobWill 150,328
2giltjr 108,412
3ebjers 72,979
4uetian1707 51,401
5lrmoore 43,900
6KCTS 42,249
7Roachy1... 40,860
8from_exp 38,203
9DevilWAH 30,708
10Chris-Dent 30,515
11Darr247 28,910
12batry_boy 25,100
13The--C... 23,529
14donjohnston 19,500
15that1guy15 19,434
16srgilani 19,214
17ChiefIT 18,300
18JFrederic... 17,950
19Johnjces 17,825
202PiFL 16,950
21oBdA 16,700
22pseudocy... 16,299
23Jay_Jay70 15,980
24johnb6767 15,764
25tigermatt 15,723

	[x] Attachment Details

Strange MAC address in DHCP table????

Zones: Miscellaneous Networking, Domain Name Service (DNS), Appletalk

Tags: dhcp, table

I have a home network with 5 machines. I also have a DSL connection with 2 router/firewalls between my internal network and my ISP. The Edge router is a ZOOM 3X series Modem/Router which gets its external IP from the ISP. The second Router is a DLink DI-624 Airplus X-treme wireless router. The Dlink gets its WAN port address dynamically assigned to it by the ZOOM router/modem's internal DHCP server. All computers on the internal network get thier IP's dynamically assigned by the DLinks internal DHCP server. So I have 2 subnets with private address ranges and the set up is as follows:

Zoom WAN: 208.154.xxx.xxx | Zoom Lan: 192.168.5.1 Dlink WAN 192.168.5.2 | DLink Lan: 192.168.6.1
_________ ________
ISP ----------| zoom |-------------------------------------------| DLink |----- 5 computers on 192.168.6.0
|________| |_______|

After checking my DHCP client table in the DLINK I have noticed a MAC address that matches none of the MAC address on my internal computers nor does it match either of the routers MAC address Not the WAN or LAN ports. This is the only MAC address in this table that does not show a host name with it's entry. 2 of the machines on the Internal network are loptops that have 2 nics (one wireless and one ethernet). I have checked BOTH MACs on these, and neither match this strange address. This strange MAC is being allocated one of my internal IP's.

I Googled the following search criteria and came up with a few threads of people who had found this MAC in thier tables as well.

The term I searched was: "E9-EB-B3-A6-DB-3C + MAC Address" without the quotes. Yep, you guessed it, E9-EB-B3-A6-DB-3C is the strange MAC address that is showing up in my DHCP client table. Oddly enough, guys on this thread from google said they were NOT using a wireless router, that being said, I am using 128 bit WEP encryption and am NOT broadcasting my SSID. The DLINK router allows me to filter MACS, but only From LAN to WAN, I want it filtered the other way around, "Denied from WAN to LAN"

Any answers to this mysterious MAC would be appreciated........Thanks

Any answers to where this is comming from would help greatly

Start your free trial to view this solution

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

6.2

Question Stats

Zone: Networking

Question Asked By: Shawn_H

Solution Provided By: sciwriter

Participating Experts: 7

Solution Grade: A

Translate:

Loading Advertisement...

Open Discussion

Comment by flyguybob

Based on the feedback this is a feature of CYS (Configure Your Server wizard); this wizard pops up when someone logs onto a server and hasn't turned the CYS wizard off. Its
a check to see if WS2003 can find a DHCP server and if the server is itself running a
particular service, then that check isnt made. So this looks like a by design
behavior. In addition, this may be part of the slow link detective service. Either way, it's part of Windows Server 2003.

Cheers,

Bob

20080723-EE-VQP-34