Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Strange VLAN / DHCP / IP Address issue....

Posted on 2006-11-14
8
Medium Priority
?
316 Views
Last Modified: 2010-03-18
Ok, i'll do my best here to prevent tons of unecessary questions :)

ENVIRONMENT:
--------


DHCP Server
OS: Windows 2003 Server - Standard - R2
IP Address: 10.199.25.14


Scope 1: 10.199.28.0 / 24
Scope 2: 10.199.29.0 / 24
Scope 3: 10.199.30.0 / 24
Scope 4: 10.199.31.0 / 24
Scope 5: 10.199.32.0 / 24


DHCP Server is assigned to VLAN 100


-------


Distribution Switch: Catalyst 4506


VLAN 100 - 10.199.25.0 / 24 - Infrastructure Servers


VLAN 101 - 10.199.28.0 / 24 - Developer
VLAN 102 - 10.199.29.0 / 24 - QA
VLAN 103 - 10.199.30.0 / 24 - Operations
VLAN 104 - 10.199.31.0 / 24 - Tech Support
VLAN 105 - 10.199.32.0 / 24 - General Users


IP Helper Address: 10.199.25.14 (assigned to VLAN's 101-105)


----


Pretty straightforward ey? VLAN 100 is for all my infrastructure
servers. the remaining VLAN's handle all the users segments. All works
well. Desktops/Laptops get their appropriate IP address based on the
VLAN they are assigned to and the Scope that is associated with a
VLAN's subnet.


Now, here is where the problem crops up:


1. Laptop A in VLAN 101 currently has an IP address of 10.199.28.50.
All is well.


2. User has a meeting and takes Laptop A, shutdowns the OS. He walks up
to the 15th floor, plugs into another port that is assigned on VLAN 102
(10.199.29.0 / 24)


3. User boots up Laptop A, and it still get's his old IP address of
10.199.28.50 from VLAN 101.


4. I run an ipconfig /release. I get 0.0.0.0 (expected response)


5. I run an ipconfig /renew and I STILL GET 10.199.28.50 from VLAN 101,
although im plugged into a port that is assigned to VLAN 102
(10.199.29.0 / 24).


How is the Laptop able to get an IP address from a VLAN that is he is
not physically/logically connected? He is connected to VLAN 102
(10.199.29.0 / 24) but get's his old IP address from VLAN 101
(10.199.28.0 / 24). WTF?


The only way to force the laptop to get a valid IP that corresponds to
the current VLAN/subnet it's connected to, is to exclude it's old
address from the DHCP Server and then do an ipconfig /release  and
/renew. Only then is it forced to get a new IP address that corresponds
to it's current VLAN/subnet.


It looks like the DHCP requests are somehow spanning or being
broadcasted across multiple VLANs, thus it's getting to the DHCP server
and allowing it to give the laptop it's old IP address, although the
request came from a completely different VLAN/subnet than it's old IP
address. .


I have looked EVERYWHERE on the internet for similar issues, and while
I found a few similar posts, the issue always turned out to be
something like the person didn't have IP helper assigned properly or
the DHCP server was having issues, yada yada.


Any help is greatly appreciated as this problem is starting to become
an issue as users tend to move around the office quite frequently.


TIA!


-omar

0
Comment
Question by:jptech49
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
8 Comments
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17945585
Odd. You could run up DHCPLOC.EXE from the resource kit on a machine on the same VLAN (not the dhcp server!) to watch the broadcasts and what is going on.  Also check the dhcp logs on the dhcp server.  It could be it is never actually hitting the dhcp server?

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17945587
Next silly question does that port really work on the other subnet OK...
0
 

Author Comment

by:jptech49
ID: 17951687
yes, everything works on the ports in question.

but I think i figured out the issue. one thing I did not indicate is that the USER scopes are under a single SuperScope. I thought Superscopes were just a simple way to organize your scopes.

Apparently not.

By definition (from MS) a Superscope is used for multi-neting, and essentially tells the DHCP server that all scopes within the Superscope are part of the same "physical segment". Thus what I think is happening is that the DHCP server is ignoring the fact that the new client DHCP request is coming from a different VLAN/subnet. Since it's being told that VLAN 101 and VLAN 102 are part of the same "physical segment" then he is allowing the client to receive his old address even thought the request clearly came from a different VLAN.

I removed the superscope and doing some testing today to see if it's fixed.

-omar
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 43

Expert Comment

by:Steve Knight
ID: 17953712
Ah well yes that wouldn't help... that's right.  Good luck then!  Superscopes are rarely needed IMHO, always best to keep it to normal scopes for your sanity.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 19430376
Asker fixed the problem and explained why so PAQ, refund I suppose....
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19527320
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question