• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 988
  • Last Modified:

Server 2003 - Static arp entrys adding themselves

I work at an education office and we have ~25 sites (physical locations) we support tech-wise. Each of these sites has a uniform domain controller, running Windows Server 2003, and are automatically updated (WSUS). Each of these sites are connected via a WAN, which we are connected to (our office). These servers also act as local DHCP and DNS servers.

We've been having an issue lately on some of our servers where every now and then, a pc or laptop (doesn't seem to be model related) cannot ping the domain controller (and vice versa), but can ping any other address. All the pc's / laptops are windows XP Pro SP2, and are also kept up to date with WSUS.

Here are circumstances in which the PC's laptops cannot ping the server, but can ping anything else, i'll use a specific case i'm working on at the moment for elaborating on as far as IP's go:

-Leaving on DHCP (gets IP of 10.128.97.29)
or
-Setting a static IP which is the same as the DHCP address (10.128.97.65)

Here are circumstances where they can ping the domain controller and everything else:

-Setting a DHCP reservation different to the usual address (-ie 10.128.97.100)
or
-Setting a static IP different to the usual address (-ie- 10.128.97.90)

Untill recently, the only fix to the issue that worked was resetting the domain controller, which obviously is far from optimal. We had tried resetting the machine in question, deleting the DNS, DHCP entries on the server and resetting the Netlogon, DHCP and DNS services on the Server. Also tried ipconfig /release + /renew, releasing and re-registering with DNS on the machine, and running repairs on the NIC of the machine and also multiple resets.

Recently we found that the domain controller had a static ARP entry for the machine in question, and found that clearing the arp cache on the server fixed the issue (netsh interface ip delete arpcache)

Nobody manually adds static arp enteries on the server so i have no idea how they are getting there. Does anybody know why static arp entries are being added on the server, and if there is a better fix than remote desktoping to the servers and clearing the arp cache when the issue happens??

Thanks in advance
0
lukeod
Asked:
lukeod
  • 2
  • 2
1 Solution
 
keihatsuCommented:
Are you using 3Com Boot Services PXE?  If so, this is a known bug with that software running on Windows Server 2003.  Unfortunately, Symantec offers no support for this issue.  Let me know if you are running this, and I'll see if I can dig up a fix for you.
0
 
lukeodAuthor Commented:
Yes we are using it on every server for ghost!! Wow, there you go, wouldnt have guessed it in a million years!! Thanks!!
0
 
keihatsuCommented:
Unfortunately, there seems to be no fix for the software directly.

After a bit of research, I've found only 2 possible solutions.  First, is to stop using 3Com Boot Services - not surprisingly, quite a few sites have suggested that you switch to their own software package instead.  I suppose choosing another and upgrading to it would work.

The other "solution" is to schedule an arp -d to run every 10 minutes.  As long as you don't use any static ARPs (intentionally anyway) this shouldn't cause a problem.  It will increase the number of ARP requests slightly, but the total additional network traffic should be negligible.  The dynamic ARP entries expire after 10 minutes anyway.
0
 
lukeodAuthor Commented:
Okay i'll look into both options, thankyou!
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now